Changeset 2666 for draft-ietf-httpbis
- Timestamp:
- 12/05/14 20:26:22 (7 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/auth48/p1-messaging.unpg.txt
r2663 r2666 6 6 Obsoletes: 2145, 2616 J. Reschke, Ed. 7 7 (if approved) greenbytes 8 Updates: 2817, 2818 (if approved) May 9, 20148 Updates: 2817, 2818 (if approved) May 12, 2014 9 9 Intended status: Standards Track 10 Expires: November 1 0, 201410 Expires: November 13, 2014 11 11 12 12 … … 53 53 54 54 55 Fielding & Reschke Expires November 1 0, 2014 [Page 1]55 Fielding & Reschke Expires November 13, 2014 [Page 1] 56 56 57 57 … … 62 62 material or to cite them other than as "work in progress." 63 63 64 This Internet-Draft will expire on November 1 0, 2014.64 This Internet-Draft will expire on November 13, 2014. 65 65 66 66 Copyright Notice … … 110 110 111 111 112 Fielding & Reschke Expires November 1 0, 2014 [Page 2]112 Fielding & Reschke Expires November 13, 2014 [Page 2] 113 113 114 114 … … 167 167 168 168 169 Fielding & Reschke Expires November 1 0, 2014 [Page 3]169 Fielding & Reschke Expires November 13, 2014 [Page 3] 170 170 171 171 … … 224 224 225 225 226 Fielding & Reschke Expires November 1 0, 2014 [Page 4]226 Fielding & Reschke Expires November 13, 2014 [Page 4] 227 227 228 228 … … 281 281 282 282 283 Fielding & Reschke Expires November 1 0, 2014 [Page 5]283 Fielding & Reschke Expires November 13, 2014 [Page 5] 284 284 285 285 … … 338 338 339 339 340 Fielding & Reschke Expires November 1 0, 2014 [Page 6]340 Fielding & Reschke Expires November 13, 2014 [Page 6] 341 341 342 342 … … 395 395 396 396 397 Fielding & Reschke Expires November 1 0, 2014 [Page 7]397 Fielding & Reschke Expires November 13, 2014 [Page 7] 398 398 399 399 … … 452 452 453 453 454 Fielding & Reschke Expires November 1 0, 2014 [Page 8]454 Fielding & Reschke Expires November 13, 2014 [Page 8] 455 455 456 456 … … 509 509 510 510 511 Fielding & Reschke Expires November 1 0, 2014 [Page 9]511 Fielding & Reschke Expires November 13, 2014 [Page 9] 512 512 513 513 … … 566 566 567 567 568 Fielding & Reschke Expires November 1 0, 2014 [Page 10]568 Fielding & Reschke Expires November 13, 2014 [Page 10] 569 569 570 570 … … 623 623 624 624 625 Fielding & Reschke Expires November 1 0, 2014 [Page 11]625 Fielding & Reschke Expires November 13, 2014 [Page 11] 626 626 627 627 … … 680 680 681 681 682 Fielding & Reschke Expires November 1 0, 2014 [Page 12]682 Fielding & Reschke Expires November 13, 2014 [Page 12] 683 683 684 684 … … 737 737 738 738 739 Fielding & Reschke Expires November 1 0, 2014 [Page 13]739 Fielding & Reschke Expires November 13, 2014 [Page 13] 740 740 741 741 … … 794 794 795 795 796 Fielding & Reschke Expires November 1 0, 2014 [Page 14]796 Fielding & Reschke Expires November 13, 2014 [Page 14] 797 797 798 798 … … 851 851 852 852 853 Fielding & Reschke Expires November 1 0, 2014 [Page 15]853 Fielding & Reschke Expires November 13, 2014 [Page 15] 854 854 855 855 … … 908 908 909 909 910 Fielding & Reschke Expires November 1 0, 2014 [Page 16]910 Fielding & Reschke Expires November 13, 2014 [Page 16] 911 911 912 912 … … 965 965 966 966 967 Fielding & Reschke Expires November 1 0, 2014 [Page 17]967 Fielding & Reschke Expires November 13, 2014 [Page 17] 968 968 969 969 … … 1022 1022 1023 1023 1024 Fielding & Reschke Expires November 1 0, 2014 [Page 18]1024 Fielding & Reschke Expires November 13, 2014 [Page 18] 1025 1025 1026 1026 … … 1079 1079 1080 1080 1081 Fielding & Reschke Expires November 1 0, 2014 [Page 19]1081 Fielding & Reschke Expires November 13, 2014 [Page 19] 1082 1082 1083 1083 … … 1136 1136 1137 1137 1138 Fielding & Reschke Expires November 1 0, 2014 [Page 20]1138 Fielding & Reschke Expires November 13, 2014 [Page 20] 1139 1139 1140 1140 … … 1193 1193 1194 1194 1195 Fielding & Reschke Expires November 1 0, 2014 [Page 21]1195 Fielding & Reschke Expires November 13, 2014 [Page 21] 1196 1196 1197 1197 … … 1250 1250 1251 1251 1252 Fielding & Reschke Expires November 1 0, 2014 [Page 22]1252 Fielding & Reschke Expires November 13, 2014 [Page 22] 1253 1253 1254 1254 … … 1307 1307 1308 1308 1309 Fielding & Reschke Expires November 1 0, 2014 [Page 23]1309 Fielding & Reschke Expires November 13, 2014 [Page 23] 1310 1310 1311 1311 … … 1364 1364 1365 1365 1366 Fielding & Reschke Expires November 1 0, 2014 [Page 24]1366 Fielding & Reschke Expires November 13, 2014 [Page 24] 1367 1367 1368 1368 … … 1421 1421 1422 1422 1423 Fielding & Reschke Expires November 1 0, 2014 [Page 25]1423 Fielding & Reschke Expires November 13, 2014 [Page 25] 1424 1424 1425 1425 … … 1478 1478 1479 1479 1480 Fielding & Reschke Expires November 1 0, 2014 [Page 26]1480 Fielding & Reschke Expires November 13, 2014 [Page 26] 1481 1481 1482 1482 … … 1535 1535 1536 1536 1537 Fielding & Reschke Expires November 1 0, 2014 [Page 27]1537 Fielding & Reschke Expires November 13, 2014 [Page 27] 1538 1538 1539 1539 … … 1592 1592 1593 1593 1594 Fielding & Reschke Expires November 1 0, 2014 [Page 28]1594 Fielding & Reschke Expires November 13, 2014 [Page 28] 1595 1595 1596 1596 … … 1649 1649 1650 1650 1651 Fielding & Reschke Expires November 1 0, 2014 [Page 29]1651 Fielding & Reschke Expires November 13, 2014 [Page 29] 1652 1652 1653 1653 … … 1706 1706 1707 1707 1708 Fielding & Reschke Expires November 1 0, 2014 [Page 30]1708 Fielding & Reschke Expires November 13, 2014 [Page 30] 1709 1709 1710 1710 … … 1763 1763 1764 1764 1765 Fielding & Reschke Expires November 1 0, 2014 [Page 31]1765 Fielding & Reschke Expires November 13, 2014 [Page 31] 1766 1766 1767 1767 … … 1820 1820 1821 1821 1822 Fielding & Reschke Expires November 1 0, 2014 [Page 32]1822 Fielding & Reschke Expires November 13, 2014 [Page 32] 1823 1823 1824 1824 … … 1877 1877 1878 1878 1879 Fielding & Reschke Expires November 1 0, 2014 [Page 33]1879 Fielding & Reschke Expires November 13, 2014 [Page 33] 1880 1880 1881 1881 … … 1934 1934 1935 1935 1936 Fielding & Reschke Expires November 1 0, 2014 [Page 34]1936 Fielding & Reschke Expires November 13, 2014 [Page 34] 1937 1937 1938 1938 … … 1991 1991 1992 1992 1993 Fielding & Reschke Expires November 1 0, 2014 [Page 35]1993 Fielding & Reschke Expires November 13, 2014 [Page 35] 1994 1994 1995 1995 … … 2048 2048 2049 2049 2050 Fielding & Reschke Expires November 1 0, 2014 [Page 36]2050 Fielding & Reschke Expires November 13, 2014 [Page 36] 2051 2051 2052 2052 … … 2105 2105 2106 2106 2107 Fielding & Reschke Expires November 1 0, 2014 [Page 37]2107 Fielding & Reschke Expires November 13, 2014 [Page 37] 2108 2108 2109 2109 … … 2162 2162 2163 2163 2164 Fielding & Reschke Expires November 1 0, 2014 [Page 38]2164 Fielding & Reschke Expires November 13, 2014 [Page 38] 2165 2165 2166 2166 … … 2219 2219 2220 2220 2221 Fielding & Reschke Expires November 1 0, 2014 [Page 39]2221 Fielding & Reschke Expires November 13, 2014 [Page 39] 2222 2222 2223 2223 … … 2276 2276 2277 2277 2278 Fielding & Reschke Expires November 1 0, 2014 [Page 40]2278 Fielding & Reschke Expires November 13, 2014 [Page 40] 2279 2279 2280 2280 … … 2333 2333 2334 2334 2335 Fielding & Reschke Expires November 1 0, 2014 [Page 41]2335 Fielding & Reschke Expires November 13, 2014 [Page 41] 2336 2336 2337 2337 … … 2390 2390 2391 2391 2392 Fielding & Reschke Expires November 1 0, 2014 [Page 42]2392 Fielding & Reschke Expires November 13, 2014 [Page 42] 2393 2393 2394 2394 … … 2447 2447 2448 2448 2449 Fielding & Reschke Expires November 1 0, 2014 [Page 43]2449 Fielding & Reschke Expires November 13, 2014 [Page 43] 2450 2450 2451 2451 … … 2504 2504 2505 2505 2506 Fielding & Reschke Expires November 1 0, 2014 [Page 44]2506 Fielding & Reschke Expires November 13, 2014 [Page 44] 2507 2507 2508 2508 … … 2561 2561 2562 2562 2563 Fielding & Reschke Expires November 1 0, 2014 [Page 45]2563 Fielding & Reschke Expires November 13, 2014 [Page 45] 2564 2564 2565 2565 … … 2618 2618 2619 2619 2620 Fielding & Reschke Expires November 1 0, 2014 [Page 46]2620 Fielding & Reschke Expires November 13, 2014 [Page 46] 2621 2621 2622 2622 … … 2675 2675 2676 2676 2677 Fielding & Reschke Expires November 1 0, 2014 [Page 47]2677 Fielding & Reschke Expires November 13, 2014 [Page 47] 2678 2678 2679 2679 … … 2732 2732 2733 2733 2734 Fielding & Reschke Expires November 1 0, 2014 [Page 48]2734 Fielding & Reschke Expires November 13, 2014 [Page 48] 2735 2735 2736 2736 … … 2789 2789 2790 2790 2791 Fielding & Reschke Expires November 1 0, 2014 [Page 49]2791 Fielding & Reschke Expires November 13, 2014 [Page 49] 2792 2792 2793 2793 … … 2815 2815 When a header field aside from Connection is used to supply control 2816 2816 information for or about the current connection, the sender MUST list 2817 the corresponding field-name within the "Connection"header field. A2817 the corresponding field-name within the Connection header field. A 2818 2818 proxy or gateway MUST parse a received Connection header field before 2819 2819 a message is forwarded and, for each connection-option in this field, … … 2846 2846 2847 2847 2848 Fielding & Reschke Expires November 1 0, 2014 [Page 50]2848 Fielding & Reschke Expires November 13, 2014 [Page 50] 2849 2849 2850 2850 … … 2903 2903 2904 2904 2905 Fielding & Reschke Expires November 1 0, 2014 [Page 51]2905 Fielding & Reschke Expires November 13, 2014 [Page 51] 2906 2906 2907 2907 … … 2960 2960 2961 2961 2962 Fielding & Reschke Expires November 1 0, 2014 [Page 52]2962 Fielding & Reschke Expires November 13, 2014 [Page 52] 2963 2963 2964 2964 … … 3017 3017 3018 3018 3019 Fielding & Reschke Expires November 1 0, 2014 [Page 53]3019 Fielding & Reschke Expires November 13, 2014 [Page 53] 3020 3020 3021 3021 … … 3074 3074 3075 3075 3076 Fielding & Reschke Expires November 1 0, 2014 [Page 54]3076 Fielding & Reschke Expires November 13, 2014 [Page 54] 3077 3077 3078 3078 … … 3131 3131 3132 3132 3133 Fielding & Reschke Expires November 1 0, 2014 [Page 55]3133 Fielding & Reschke Expires November 13, 2014 [Page 55] 3134 3134 3135 3135 … … 3188 3188 3189 3189 3190 Fielding & Reschke Expires November 1 0, 2014 [Page 56]3190 Fielding & Reschke Expires November 13, 2014 [Page 56] 3191 3191 3192 3192 … … 3245 3245 3246 3246 3247 Fielding & Reschke Expires November 1 0, 2014 [Page 57]3247 Fielding & Reschke Expires November 13, 2014 [Page 57] 3248 3248 3249 3249 … … 3302 3302 3303 3303 3304 Fielding & Reschke Expires November 1 0, 2014 [Page 58]3304 Fielding & Reschke Expires November 13, 2014 [Page 58] 3305 3305 3306 3306 … … 3359 3359 3360 3360 3361 Fielding & Reschke Expires November 1 0, 2014 [Page 59]3361 Fielding & Reschke Expires November 13, 2014 [Page 59] 3362 3362 3363 3363 … … 3380 3380 Furthermore, the header field-name "Close" has been registered as 3381 3381 "reserved", since using that name as an HTTP header field might 3382 conflict with the "close" connection option of the "Connection"3383 headerfield (Section 6.1).3382 conflict with the "close" connection option of the Connection header 3383 field (Section 6.1). 3384 3384 3385 3385 +-------------------+----------+----------+-------------+ … … 3416 3416 3417 3417 3418 Fielding & Reschke Expires November 1 0, 2014 [Page 60]3418 Fielding & Reschke Expires November 13, 2014 [Page 60] 3419 3419 3420 3420 … … 3473 3473 3474 3474 3475 Fielding & Reschke Expires November 1 0, 2014 [Page 61]3475 Fielding & Reschke Expires November 13, 2014 [Page 61] 3476 3476 3477 3477 … … 3530 3530 3531 3531 3532 Fielding & Reschke Expires November 1 0, 2014 [Page 62]3532 Fielding & Reschke Expires November 13, 2014 [Page 62] 3533 3533 3534 3534 … … 3587 3587 3588 3588 3589 Fielding & Reschke Expires November 1 0, 2014 [Page 63]3589 Fielding & Reschke Expires November 13, 2014 [Page 63] 3590 3590 3591 3591 … … 3644 3644 3645 3645 3646 Fielding & Reschke Expires November 1 0, 2014 [Page 64]3646 Fielding & Reschke Expires November 13, 2014 [Page 64] 3647 3647 3648 3648 … … 3701 3701 3702 3702 3703 Fielding & Reschke Expires November 1 0, 2014 [Page 65]3703 Fielding & Reschke Expires November 13, 2014 [Page 65] 3704 3704 3705 3705 … … 3758 3758 3759 3759 3760 Fielding & Reschke Expires November 1 0, 2014 [Page 66]3760 Fielding & Reschke Expires November 13, 2014 [Page 66] 3761 3761 3762 3762 … … 3770 3770 9.2. Risks of Intermediaries 3771 3771 3772 By their very nature, HTTP intermediaries are men-in-the-middle , and3773 thus represent an opportunity for man-in-the-middle attacks.3772 By their very nature, HTTP intermediaries are men-in-the-middle and, 3773 thus, represent an opportunity for man-in-the-middle attacks. 3774 3774 Compromise of the systems on which the intermediaries run can result 3775 3775 in serious security and privacy problems. Intermediaries might have … … 3815 3815 3816 3816 3817 Fielding & Reschke Expires November 1 0, 2014 [Page 67]3817 Fielding & Reschke Expires November 13, 2014 [Page 67] 3818 3818 3819 3819 … … 3872 3872 3873 3873 3874 Fielding & Reschke Expires November 1 0, 2014 [Page 68]3874 Fielding & Reschke Expires November 13, 2014 [Page 68] 3875 3875 3876 3876 … … 3929 3929 3930 3930 3931 Fielding & Reschke Expires November 1 0, 2014 [Page 69]3931 Fielding & Reschke Expires November 13, 2014 [Page 69] 3932 3932 3933 3933 … … 3986 3986 3987 3987 3988 Fielding & Reschke Expires November 1 0, 2014 [Page 70]3988 Fielding & Reschke Expires November 13, 2014 [Page 70] 3989 3989 3990 3990 … … 4043 4043 4044 4044 4045 Fielding & Reschke Expires November 1 0, 2014 [Page 71]4045 Fielding & Reschke Expires November 13, 2014 [Page 71] 4046 4046 4047 4047 … … 4100 4100 4101 4101 4102 Fielding & Reschke Expires November 1 0, 2014 [Page 72]4102 Fielding & Reschke Expires November 13, 2014 [Page 72] 4103 4103 4104 4104 … … 4157 4157 4158 4158 4159 Fielding & Reschke Expires November 1 0, 2014 [Page 73]4159 Fielding & Reschke Expires November 13, 2014 [Page 73] 4160 4160 4161 4161 … … 4214 4214 4215 4215 4216 Fielding & Reschke Expires November 1 0, 2014 [Page 74]4216 Fielding & Reschke Expires November 13, 2014 [Page 74] 4217 4217 4218 4218 … … 4271 4271 4272 4272 4273 Fielding & Reschke Expires November 1 0, 2014 [Page 75]4273 Fielding & Reschke Expires November 13, 2014 [Page 75] 4274 4274 4275 4275 … … 4328 4328 4329 4329 4330 Fielding & Reschke Expires November 1 0, 2014 [Page 76]4330 Fielding & Reschke Expires November 13, 2014 [Page 76] 4331 4331 4332 4332 … … 4385 4385 4386 4386 4387 Fielding & Reschke Expires November 1 0, 2014 [Page 77]4387 Fielding & Reschke Expires November 13, 2014 [Page 77] 4388 4388 4389 4389 … … 4424 4424 removed). (Section 3.2.6) 4425 4425 4426 Bogus "Content-Length" header fields are now required to be handled4427 aserrors by recipients. (Section 3.3.2)4426 Bogus Content-Length header fields are now required to be handled as 4427 errors by recipients. (Section 3.3.2) 4428 4428 4429 4429 The algorithm for determining the message body length has been … … 4442 4442 4443 4443 4444 Fielding & Reschke Expires November 1 0, 2014 [Page 78]4444 Fielding & Reschke Expires November 13, 2014 [Page 78] 4445 4445 4446 4446 … … 4499 4499 4500 4500 4501 Fielding & Reschke Expires November 1 0, 2014 [Page 79]4501 Fielding & Reschke Expires November 13, 2014 [Page 79] 4502 4502 4503 4503 … … 4556 4556 4557 4557 4558 Fielding & Reschke Expires November 1 0, 2014 [Page 80]4558 Fielding & Reschke Expires November 13, 2014 [Page 80] 4559 4559 4560 4560 … … 4613 4613 4614 4614 4615 Fielding & Reschke Expires November 1 0, 2014 [Page 81]4615 Fielding & Reschke Expires November 13, 2014 [Page 81] 4616 4616 4617 4617 … … 4670 4670 4671 4671 4672 Fielding & Reschke Expires November 1 0, 2014 [Page 82]4672 Fielding & Reschke Expires November 13, 2014 [Page 82] 4673 4673 4674 4674 … … 4727 4727 4728 4728 4729 Fielding & Reschke Expires November 1 0, 2014 [Page 83]4729 Fielding & Reschke Expires November 13, 2014 [Page 83] 4730 4730 4731 4731 … … 4784 4784 4785 4785 4786 Fielding & Reschke Expires November 1 0, 2014 [Page 84]4786 Fielding & Reschke Expires November 13, 2014 [Page 84] 4787 4787 4788 4788 … … 4841 4841 4842 4842 4843 Fielding & Reschke Expires November 1 0, 2014 [Page 85]4843 Fielding & Reschke Expires November 13, 2014 [Page 85] 4844 4844 4845 4845 … … 4898 4898 4899 4899 4900 Fielding & Reschke Expires November 1 0, 2014 [Page 86]4901 4902 4900 Fielding & Reschke Expires November 13, 2014 [Page 86] 4901 4902 -
draft-ietf-httpbis/latest/auth48/rfc7230.abdiff.txt
r2665 r2666 7 7 Obsoletes: 2145, 2616 J. Reschke, Ed. 8 8 (if approved) greenbytes 9 Updates: 2817, 2818 (if approved) May 9, 20149 Updates: 2817, 2818 (if approved) May 12, 2014 10 10 Intended status: Standards Track 11 Expires: November 1 0, 201411 Expires: November 13, 2014 12 12 13 13 NEW: … … 92 92 OLD: 93 93 94 This Internet-Draft will expire on November 1 0, 2014.94 This Internet-Draft will expire on November 13, 2014. 95 95 96 96 NEW: … … 389 389 390 390 391 Section 6.1., paragraph 2:392 OLD:393 394 When a header field aside from Connection is used to supply control395 information for or about the current connection, the sender MUST list396 the corresponding field-name within the "Connection" header field. A397 proxy or gateway MUST parse a received Connection header field before398 a message is forwarded and, for each connection-option in this field,399 remove any header field(s) from the message with the same name as the400 connection-option, and then remove the Connection header field itself401 (or replace it with the intermediary's own connection options for the402 forwarded message).403 404 NEW:405 406 When a header field aside from Connection is used to supply control407 information for or about the current connection, the sender MUST list408 the corresponding field-name within the Connection header field. A409 proxy or gateway MUST parse a received Connection header field before410 a message is forwarded and, for each connection-option in this field,411 remove any header field(s) from the message with the same name as the412 connection-option, and then remove the Connection header field itself413 (or replace it with the intermediary's own connection options for the414 forwarded message).415 416 417 Section 8.1., paragraph 4:418 OLD:419 420 Furthermore, the header field-name "Close" has been registered as421 "reserved", since using that name as an HTTP header field might422 conflict with the "close" connection option of the "Connection"423 header field (Section 6.1).424 425 NEW:426 427 Furthermore, the header field-name "Close" has been registered as428 "reserved", since using that name as an HTTP header field might429 conflict with the "close" connection option of the Connection header430 field (Section 6.1).431 432 433 391 Section 9.2., paragraph 1: 434 392 OLD: 435 393 436 By their very nature, HTTP intermediaries are men-in-the-middle , and437 thus represent an opportunity for man-in-the-middle attacks.394 By their very nature, HTTP intermediaries are men-in-the-middle and, 395 thus, represent an opportunity for man-in-the-middle attacks. 438 396 Compromise of the systems on which the intermediaries run can result 439 397 in serious security and privacy problems. Intermediaries might have … … 565 523 HTTPS URIs, because of security issues related to their transmission 566 524 on the wire. (Section 2.7.1) 567 568 569 Section 19.7.1, paragraph 16:570 OLD:571 572 Bogus "Content-Length" header fields are now required to be handled573 as errors by recipients. (Section 3.3.2)574 575 NEW:576 577 Bogus Content-Length header fields are now required to be handled as578 errors by recipients. (Section 3.3.2)579 525 580 526 -
draft-ietf-httpbis/latest/auth48/rfc7230.diff.html
r2665 r2666 44 44 <tr><td><a name="diff0002" /></td></tr> 45 45 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">(if approved) greenbytes</span></td><td> </td><td class="rblock">Updates: 2817, 2818 <span class="insert">greenbytes</span></td><td class="lineno" valign="top"></td></tr> 46 <tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 2817, 2818 <span class="delete">(if approved) May 9, 2014</span></td><td> </td><td class="rblock"><span class="insert">Category:</span> Standards Track <span class="insert">May</span> 2014</td><td class="lineno" valign="top"></td></tr>46 <tr><td class="lineno" valign="top"></td><td class="lblock">Updates: 2817, 2818 <span class="delete">(if approved) May 12, 2014</span></td><td> </td><td class="rblock"><span class="insert">Category:</span> Standards Track <span class="insert">May</span> 2014</td><td class="lineno" valign="top"></td></tr> 47 47 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Intended status:</span> Standards Track</td><td> </td><td class="rblock"><span class="insert">ISSN: 2070-1721</span></td><td class="lineno" valign="top"></td></tr> 48 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: November 1 0,</span> 2014</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>48 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: November 13,</span> 2014</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> 49 49 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 50 50 <tr><td class="lineno" valign="top"></td><td class="left"> Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing</td><td> </td><td class="right"> Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing</td><td class="lineno" valign="top"></td></tr> … … 96 96 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 97 97 <tr><td><a name="diff0007" /></td></tr> 98 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">This Internet-Draft will expire</span> on <span class="delete">November 1 0, 2014.</span></td><td> </td><td class="rblock"> <span class="insert">Information about the current status of this document, any errata,</span></td><td class="lineno" valign="top"></td></tr>98 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">This Internet-Draft will expire</span> on <span class="delete">November 13, 2014.</span></td><td> </td><td class="rblock"> <span class="insert">Information about the current status of this document, any errata,</span></td><td class="lineno" valign="top"></td></tr> 99 99 <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> and how to provide feedback</span> on <span class="insert">it may be obtained at</span></td><td class="lineno" valign="top"></td></tr> 100 100 <tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> http://www.rfc-editor.org/info/rfc7230.</span></td><td class="lineno" valign="top"></td></tr> … … 224 224 <tr><td class="lineno" valign="top"></td><td class="left"> or the selected representation (other than the payload) unless the</td><td> </td><td class="right"> or the selected representation (other than the payload) unless the</td><td class="lineno" valign="top"></td></tr> 225 225 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 226 <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 50, line 25</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 50, line 25</em></th><td></td></tr> 227 <tr><td class="lineno" valign="top"></td><td class="left">6.1. Connection</td><td> </td><td class="right">6.1. Connection</td><td class="lineno" valign="top"></td></tr> 228 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 229 <tr><td class="lineno" valign="top"></td><td class="left"> The "Connection" header field allows the sender to indicate desired</td><td> </td><td class="right"> The "Connection" header field allows the sender to indicate desired</td><td class="lineno" valign="top"></td></tr> 230 <tr><td class="lineno" valign="top"></td><td class="left"> control options for the current connection. In order to avoid</td><td> </td><td class="right"> control options for the current connection. In order to avoid</td><td class="lineno" valign="top"></td></tr> 231 <tr><td class="lineno" valign="top"></td><td class="left"> confusing downstream recipients, a proxy or gateway MUST remove or</td><td> </td><td class="right"> confusing downstream recipients, a proxy or gateway MUST remove or</td><td class="lineno" valign="top"></td></tr> 232 <tr><td class="lineno" valign="top"></td><td class="left"> replace any received connection options before forwarding the</td><td> </td><td class="right"> replace any received connection options before forwarding the</td><td class="lineno" valign="top"></td></tr> 233 <tr><td class="lineno" valign="top"></td><td class="left"> message.</td><td> </td><td class="right"> message.</td><td class="lineno" valign="top"></td></tr> 234 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 235 <tr><td class="lineno" valign="top"></td><td class="left"> When a header field aside from Connection is used to supply control</td><td> </td><td class="right"> When a header field aside from Connection is used to supply control</td><td class="lineno" valign="top"></td></tr> 236 <tr><td class="lineno" valign="top"></td><td class="left"> information for or about the current connection, the sender MUST list</td><td> </td><td class="right"> information for or about the current connection, the sender MUST list</td><td class="lineno" valign="top"></td></tr> 237 <tr><td><a name="diff0014" /></td></tr> 238 <tr><td class="lineno" valign="top"></td><td class="lblock"> the corresponding field-name within the <span class="delete">"Connection"</span> header field. A</td><td> </td><td class="rblock"> the corresponding field-name within the <span class="insert">Connection</span> header field. A</td><td class="lineno" valign="top"></td></tr> 239 <tr><td class="lineno" valign="top"></td><td class="left"> proxy or gateway MUST parse a received Connection header field before</td><td> </td><td class="right"> proxy or gateway MUST parse a received Connection header field before</td><td class="lineno" valign="top"></td></tr> 240 <tr><td class="lineno" valign="top"></td><td class="left"> a message is forwarded and, for each connection-option in this field,</td><td> </td><td class="right"> a message is forwarded and, for each connection-option in this field,</td><td class="lineno" valign="top"></td></tr> 241 <tr><td class="lineno" valign="top"></td><td class="left"> remove any header field(s) from the message with the same name as the</td><td> </td><td class="right"> remove any header field(s) from the message with the same name as the</td><td class="lineno" valign="top"></td></tr> 242 <tr><td class="lineno" valign="top"></td><td class="left"> connection-option, and then remove the Connection header field itself</td><td> </td><td class="right"> connection-option, and then remove the Connection header field itself</td><td class="lineno" valign="top"></td></tr> 243 <tr><td class="lineno" valign="top"></td><td class="left"> (or replace it with the intermediary's own connection options for the</td><td> </td><td class="right"> (or replace it with the intermediary's own connection options for the</td><td class="lineno" valign="top"></td></tr> 244 <tr><td class="lineno" valign="top"></td><td class="left"> forwarded message).</td><td> </td><td class="right"> forwarded message).</td><td class="lineno" valign="top"></td></tr> 245 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 246 <tr><td class="lineno" valign="top"></td><td class="left"> Hence, the Connection header field provides a declarative way of</td><td> </td><td class="right"> Hence, the Connection header field provides a declarative way of</td><td class="lineno" valign="top"></td></tr> 247 <tr><td class="lineno" valign="top"></td><td class="left"> distinguishing header fields that are only intended for the immediate</td><td> </td><td class="right"> distinguishing header fields that are only intended for the immediate</td><td class="lineno" valign="top"></td></tr> 248 <tr><td class="lineno" valign="top"></td><td class="left"> recipient ("hop-by-hop") from those fields that are intended for all</td><td> </td><td class="right"> recipient ("hop-by-hop") from those fields that are intended for all</td><td class="lineno" valign="top"></td></tr> 249 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 250 <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 60, line 20</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 60, line 20</em></th><td></td></tr> 251 <tr><td class="lineno" valign="top"></td><td class="left"> | Host | http | standard | Section 5.4 |</td><td> </td><td class="right"> | Host | http | standard | Section 5.4 |</td><td class="lineno" valign="top"></td></tr> 252 <tr><td class="lineno" valign="top"></td><td class="left"> | TE | http | standard | Section 4.3 |</td><td> </td><td class="right"> | TE | http | standard | Section 4.3 |</td><td class="lineno" valign="top"></td></tr> 253 <tr><td class="lineno" valign="top"></td><td class="left"> | Trailer | http | standard | Section 4.4 |</td><td> </td><td class="right"> | Trailer | http | standard | Section 4.4 |</td><td class="lineno" valign="top"></td></tr> 254 <tr><td class="lineno" valign="top"></td><td class="left"> | Transfer-Encoding | http | standard | Section 3.3.1 |</td><td> </td><td class="right"> | Transfer-Encoding | http | standard | Section 3.3.1 |</td><td class="lineno" valign="top"></td></tr> 255 <tr><td class="lineno" valign="top"></td><td class="left"> | Upgrade | http | standard | Section 6.7 |</td><td> </td><td class="right"> | Upgrade | http | standard | Section 6.7 |</td><td class="lineno" valign="top"></td></tr> 256 <tr><td class="lineno" valign="top"></td><td class="left"> | Via | http | standard | Section 5.7.1 |</td><td> </td><td class="right"> | Via | http | standard | Section 5.7.1 |</td><td class="lineno" valign="top"></td></tr> 257 <tr><td class="lineno" valign="top"></td><td class="left"> +-------------------+----------+----------+---------------+</td><td> </td><td class="right"> +-------------------+----------+----------+---------------+</td><td class="lineno" valign="top"></td></tr> 258 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 259 <tr><td class="lineno" valign="top"></td><td class="left"> Furthermore, the header field-name "Close" has been registered as</td><td> </td><td class="right"> Furthermore, the header field-name "Close" has been registered as</td><td class="lineno" valign="top"></td></tr> 260 <tr><td class="lineno" valign="top"></td><td class="left"> "reserved", since using that name as an HTTP header field might</td><td> </td><td class="right"> "reserved", since using that name as an HTTP header field might</td><td class="lineno" valign="top"></td></tr> 261 <tr><td><a name="diff0015" /></td></tr> 262 <tr><td class="lineno" valign="top"></td><td class="lblock"> conflict with the "close" connection option of the <span class="delete">"Connection"</span></td><td> </td><td class="rblock"> conflict with the "close" connection option of the <span class="insert">Connection</span> header</td><td class="lineno" valign="top"></td></tr> 263 <tr><td class="lineno" valign="top"></td><td class="lblock"> header field (Section 6.1).</td><td> </td><td class="rblock"> field (Section 6.1).</td><td class="lineno" valign="top"></td></tr> 264 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 265 <tr><td class="lineno" valign="top"></td><td class="left"> +-------------------+----------+----------+-------------+</td><td> </td><td class="right"> +-------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr> 266 <tr><td class="lineno" valign="top"></td><td class="left"> | Header Field Name | Protocol | Status | Reference |</td><td> </td><td class="right"> | Header Field Name | Protocol | Status | Reference |</td><td class="lineno" valign="top"></td></tr> 267 <tr><td class="lineno" valign="top"></td><td class="left"> +-------------------+----------+----------+-------------+</td><td> </td><td class="right"> +-------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr> 268 <tr><td class="lineno" valign="top"></td><td class="left"> | Close | http | reserved | Section 8.1 |</td><td> </td><td class="right"> | Close | http | reserved | Section 8.1 |</td><td class="lineno" valign="top"></td></tr> 269 <tr><td class="lineno" valign="top"></td><td class="left"> +-------------------+----------+----------+-------------+</td><td> </td><td class="right"> +-------------------+----------+----------+-------------+</td><td class="lineno" valign="top"></td></tr> 270 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 271 <tr><td class="lineno" valign="top"></td><td class="left"> The change controller is: "IETF (iesg@ietf.org) - Internet</td><td> </td><td class="right"> The change controller is: "IETF (iesg@ietf.org) - Internet</td><td class="lineno" valign="top"></td></tr> 272 <tr><td class="lineno" valign="top"></td><td class="left"> Engineering Task Force".</td><td> </td><td class="right"> Engineering Task Force".</td><td class="lineno" valign="top"></td></tr> 273 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 274 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 275 <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 67, line 10</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 67, line 10</em></th><td></td></tr> 226 <tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 67, line 10</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 67, line 10</em></th><td></td></tr> 276 227 <tr><td class="lineno" valign="top"></td><td class="left"> The "https" scheme (Section 2.7.2) is intended to prevent (or at</td><td> </td><td class="right"> The "https" scheme (Section 2.7.2) is intended to prevent (or at</td><td class="lineno" valign="top"></td></tr> 277 228 <tr><td class="lineno" valign="top"></td><td class="left"> least reveal) many of these potential attacks on establishing</td><td> </td><td class="right"> least reveal) many of these potential attacks on establishing</td><td class="lineno" valign="top"></td></tr> … … 284 235 <tr><td class="lineno" valign="top"></td><td class="left">9.2. Risks of Intermediaries</td><td> </td><td class="right">9.2. Risks of Intermediaries</td><td class="lineno" valign="top"></td></tr> 285 236 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 286 <tr><td><a name="diff001 6" /></td></tr>287 <tr><td class="lineno" valign="top"></td><td class="lblock"> By their very nature, HTTP intermediaries are <span class="delete">men-in-the-middle, and</span></td><td> </td><td class="rblock"> By their very nature, HTTP intermediaries are <span class="insert">men in the middle and,</span></td><td class="lineno" valign="top"></td></tr>288 <tr><td class="lineno" valign="top"></td><td class="l block"><span class="delete"> thus</span> represent an opportunity for man-in-the-middle attacks.</td><td> </td><td class="rblock"><span class="insert"> thus,</span>represent an opportunity for man-in-the-middle attacks.</td><td class="lineno" valign="top"></td></tr>237 <tr><td><a name="diff0014" /></td></tr> 238 <tr><td class="lineno" valign="top"></td><td class="lblock"> By their very nature, HTTP intermediaries are men<span class="delete">-in-the-</span>middle and,</td><td> </td><td class="rblock"> By their very nature, HTTP intermediaries are men<span class="insert"> in the </span>middle and,</td><td class="lineno" valign="top"></td></tr> 239 <tr><td class="lineno" valign="top"></td><td class="left"> thus, represent an opportunity for man-in-the-middle attacks.</td><td> </td><td class="right"> thus, represent an opportunity for man-in-the-middle attacks.</td><td class="lineno" valign="top"></td></tr> 289 240 <tr><td class="lineno" valign="top"></td><td class="left"> Compromise of the systems on which the intermediaries run can result</td><td> </td><td class="right"> Compromise of the systems on which the intermediaries run can result</td><td class="lineno" valign="top"></td></tr> 290 241 <tr><td class="lineno" valign="top"></td><td class="left"> in serious security and privacy problems. Intermediaries might have</td><td> </td><td class="right"> in serious security and privacy problems. Intermediaries might have</td><td class="lineno" valign="top"></td></tr> … … 296 247 <tr><td class="lineno" valign="top"></td><td class="left"> commission of a wide range of potential attacks.</td><td> </td><td class="right"> commission of a wide range of potential attacks.</td><td class="lineno" valign="top"></td></tr> 297 248 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 298 <tr><td class="lineno" valign="top"></td><td class="left"> Intermediaries that contain a shared cache are especially vulnerable</td><td> </td><td class="right"> Intermediaries that contain a shared cache are especially vulnerable</td><td class="lineno" valign="top"></td></tr> 299 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 300 <tr bgcolor="gray" ><td></td><th><a name="part-l9" /><small>skipping to change at</small><em> page 73, line 7</em></th><th> </th><th><a name="part-r9" /><small>skipping to change at</small><em> page 73, line 7</em></th><td></td></tr> 249 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 250 <tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 73, line 7</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 73, line 7</em></th><td></td></tr> 301 251 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter,</td><td> </td><td class="right"> [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter,</td><td class="lineno" valign="top"></td></tr> 302 252 <tr><td class="lineno" valign="top"></td><td class="left"> "Uniform Resource Identifier (URI): Generic Syntax",</td><td> </td><td class="right"> "Uniform Resource Identifier (URI): Generic Syntax",</td><td class="lineno" valign="top"></td></tr> … … 309 259 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right"> [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr> 310 260 <tr><td class="lineno" valign="top"></td><td class="left"> Transfer Protocol (HTTP/1.1): Semantics and Content",</td><td> </td><td class="right"> Transfer Protocol (HTTP/1.1): Semantics and Content",</td><td class="lineno" valign="top"></td></tr> 311 <tr><td><a name="diff001 7" /></td></tr>261 <tr><td><a name="diff0015" /></td></tr> 312 262 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p2-semantics-latest (work in</span></td><td> </td><td class="rblock"> <span class="insert">RFC 7231,</span> May 2014.</td><td class="lineno" valign="top"></td></tr> 313 263 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> … … 315 265 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC7232] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right"> [RFC7232] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr> 316 266 <tr><td class="lineno" valign="top"></td><td class="left"> Transfer Protocol (HTTP/1.1): Conditional Requests",</td><td> </td><td class="right"> Transfer Protocol (HTTP/1.1): Conditional Requests",</td><td class="lineno" valign="top"></td></tr> 317 <tr><td><a name="diff001 8" /></td></tr>267 <tr><td><a name="diff0016" /></td></tr> 318 268 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p4-conditional-latest (work in</span></td><td> </td><td class="rblock"> <span class="insert">RFC 7232,</span> May 2014.</td><td class="lineno" valign="top"></td></tr> 319 269 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> … … 321 271 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC7233] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td> </td><td class="right"> [RFC7233] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,</td><td class="lineno" valign="top"></td></tr> 322 272 <tr><td class="lineno" valign="top"></td><td class="left"> "Hypertext Transfer Protocol (HTTP/1.1): Range</td><td> </td><td class="right"> "Hypertext Transfer Protocol (HTTP/1.1): Range</td><td class="lineno" valign="top"></td></tr> 323 <tr><td><a name="diff001 9" /></td></tr>273 <tr><td><a name="diff0017" /></td></tr> 324 274 <tr><td class="lineno" valign="top"></td><td class="lblock"> Requests", <span class="delete">draft-ietf-httpbis-p5-range-latest (work in</span></td><td> </td><td class="rblock"> Requests", <span class="insert">RFC 7233,</span> May 2014.</td><td class="lineno" valign="top"></td></tr> 325 275 <tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> progress),</span> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> … … 327 277 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td> </td><td class="right"> [RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,</td><td class="lineno" valign="top"></td></tr> 328 278 <tr><td class="lineno" valign="top"></td><td class="left"> Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td> </td><td class="right"> Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",</td><td class="lineno" valign="top"></td></tr> 329 <tr><td><a name="diff00 20" /></td></tr>279 <tr><td><a name="diff0018" /></td></tr> 330 280 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p6-cache-latest (work in progress),</span></td><td> </td><td class="rblock"> <span class="insert">RFC 7234,</span> May 2014.</td><td class="lineno" valign="top"></td></tr> 331 281 <tr><td class="lineno" valign="top"></td><td class="lblock"> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> … … 333 283 <tr><td class="lineno" valign="top"></td><td class="left"> [RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td> </td><td class="right"> [RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext</td><td class="lineno" valign="top"></td></tr> 334 284 <tr><td class="lineno" valign="top"></td><td class="left"> Transfer Protocol (HTTP/1.1): Authentication",</td><td> </td><td class="right"> Transfer Protocol (HTTP/1.1): Authentication",</td><td class="lineno" valign="top"></td></tr> 335 <tr><td><a name="diff00 21" /></td></tr>285 <tr><td><a name="diff0019" /></td></tr> 336 286 <tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-httpbis-p7-auth-latest (work in progress),</span></td><td> </td><td class="rblock"> <span class="insert">RFC 7235,</span> May 2014.</td><td class="lineno" valign="top"></td></tr> 337 287 <tr><td class="lineno" valign="top"></td><td class="lblock"> May 2014.</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr> … … 347 297 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 348 298 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr> 349 <tr bgcolor="gray" ><td></td><th><a name="part-l 10" /><small>skipping to change at</small><em> page 76, line 36</em></th><th> </th><th><a name="part-r10" /><small>skipping to change at</small><em> page 76, line 29</em></th><td></td></tr>299 <tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 76, line 36</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 76, line 29</em></th><td></td></tr> 350 300 <tr><td class="lineno" valign="top"></td><td class="left"> implements name-based virtual hosts ought to disable support for</td><td> </td><td class="right"> implements name-based virtual hosts ought to disable support for</td><td class="lineno" valign="top"></td></tr> 351 301 <tr><td class="lineno" valign="top"></td><td class="left"> HTTP/0.9. Most requests that appear to be HTTP/0.9 are, in fact,</td><td> </td><td class="right"> HTTP/0.9. Most requests that appear to be HTTP/0.9 are, in fact,</td><td class="lineno" valign="top"></td></tr> … … 358 308 <tr><td class="lineno" valign="top"></td><td class="left"> and HTTP/1.1.</td><td> </td><td class="right"> and HTTP/1.1.</td><td class="lineno" valign="top"></td></tr> 359 309 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> 360 <tr><td><a name="diff002 2" /></td></tr>310 <tr><td><a name="diff0020" /></td></tr> 361 311 <tr><td class="lineno" valign="top"></td><td class="lblock">A.1.1. Multi<span class="delete">-</span>homed Web Servers</td><td> </td><td class="rblock">A.1.1. Multihomed Web Servers</td><td class="lineno" valign="top"></td></tr> 362 312 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr> … … 370 320 <tr><td class="lineno" valign="top"></td><td class="left"> distinguishing the intended server of a request than the IP address</td><td> </td><td class="right"> distinguishing the intended server of a request than the IP address</td><td class="lineno" valign="top"></td></tr> 371 321 <tr><td class="lineno" valign="top"></td><td class="left"> to which that request was directed. The Host header field was</td><td> </td><td class="right"> to which that request was directed. The Host header field was</td><td class="lineno" valign="top"></td></tr> 372 <tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>373 <tr bgcolor="gray" ><td></td><th><a name="part-l11" /><small>skipping to change at</small><em> page 78, line 37</em></th><th> </th><th><a name="part-r11" /><small>skipping to change at</small><em> page 78, line 31</em></th><td></td></tr>374 <tr><td class="lineno" valign="top"></td><td class="left"> Header fields that span multiple lines ("line folding") are</td><td> </td><td class="right"> Header fields that span multiple lines ("line folding") are</td><td class="lineno" valign="top"></td></tr>375 <tr><td class="lineno" valign="top"></td><td class="left"> deprecated. (Section 3.2.4)</td><td> </td><td class="right"> deprecated. (Section 3.2.4)</td><td class="lineno" valign="top"></td></tr>376 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>377 <tr><td class="lineno" valign="top"></td><td class="left"> The NUL octet is no longer allowed in comment and quoted-string text,</td><td> </td><td class="right"> The NUL octet is no longer allowed in comment and quoted-string text,</td><td class="lineno" valign="top"></td></tr>378 <tr><td class="lineno" valign="top"></td><td class="left"> and handling of backslash-escaping in them has been clarified. The</td><td> </td><td class="right"> and handling of backslash-escaping in them has been clarified. The</td><td class="lineno" valign="top"></td></tr>379 <tr><td class="lineno" valign="top"></td><td class="left"> quoted-pair rule no longer allows escaping control characters other</td><td> </td><td class="right"> quoted-pair rule no longer allows escaping control characters other</td><td class="lineno" valign="top"></td></tr>380 <tr><td class="lineno" valign="top"></td><td class="left"> than HTAB. Non-US-ASCII content in header fields and the reason</td><td> </td><td class="right"> than HTAB. Non-US-ASCII content in header fields and the reason</td><td class="lineno" valign="top"></td></tr>381 <tr><td class="lineno" valign="top"></td><td class="left"> phrase has been obsoleted and made opaque (the TEXT rule was</td><td> </td><td class="right"> phrase has been obsoleted and made opaque (the TEXT rule was</td><td class="lineno" valign="top"></td></tr>382 <tr><td class="lineno" valign="top"></td><td class="left"> removed). (Section 3.2.6)</td><td> </td><td class="right"> removed). (Section 3.2.6)</td><td class="lineno" valign="top"></td></tr>383 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>384 <tr><td><a name="diff0023" /></td></tr>385 <tr><td class="lineno" valign="top"></td><td class="lblock"> Bogus <span class="delete">"Content-Length"</span> header fields are now required to be handled</td><td> </td><td class="rblock"> Bogus <span class="insert">Content-Length</span> header fields are now required to be handled as</td><td class="lineno" valign="top"></td></tr>386 <tr><td class="lineno" valign="top"></td><td class="lblock"> as errors by recipients. (Section 3.3.2)</td><td> </td><td class="rblock"> errors by recipients. (Section 3.3.2)</td><td class="lineno" valign="top"></td></tr>387 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>388 <tr><td class="lineno" valign="top"></td><td class="left"> The algorithm for determining the message body length has been</td><td> </td><td class="right"> The algorithm for determining the message body length has been</td><td class="lineno" valign="top"></td></tr>389 <tr><td class="lineno" valign="top"></td><td class="left"> clarified to indicate all of the special cases (e.g., driven by</td><td> </td><td class="right"> clarified to indicate all of the special cases (e.g., driven by</td><td class="lineno" valign="top"></td></tr>390 <tr><td class="lineno" valign="top"></td><td class="left"> methods or status codes) that affect it, and that new protocol</td><td> </td><td class="right"> methods or status codes) that affect it, and that new protocol</td><td class="lineno" valign="top"></td></tr>391 <tr><td class="lineno" valign="top"></td><td class="left"> elements cannot define such special cases. CONNECT is a new, special</td><td> </td><td class="right"> elements cannot define such special cases. CONNECT is a new, special</td><td class="lineno" valign="top"></td></tr>392 <tr><td class="lineno" valign="top"></td><td class="left"> case in determining message body length. "multipart/byteranges" is no</td><td> </td><td class="right"> case in determining message body length. "multipart/byteranges" is no</td><td class="lineno" valign="top"></td></tr>393 <tr><td class="lineno" valign="top"></td><td class="left"> longer a way of determining message body length detection.</td><td> </td><td class="right"> longer a way of determining message body length detection.</td><td class="lineno" valign="top"></td></tr>394 <tr><td class="lineno" valign="top"></td><td class="left"> (Section 3.3.3)</td><td> </td><td class="right"> (Section 3.3.3)</td><td class="lineno" valign="top"></td></tr>395 <tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>396 <tr><td class="lineno" valign="top"></td><td class="left"> The "identity" transfer coding token has been removed. (Sections 3.3</td><td> </td><td class="right"> The "identity" transfer coding token has been removed. (Sections 3.3</td><td class="lineno" valign="top"></td></tr>397 322 398 323 <tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr> 399 <tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 2 3change blocks. </a></th></tr>400 <tr class="stats"><td></td><th><i>6 6 lines changed or deleted</i></th><th><i> </i></th><th><i>42lines changed or added</i></th><td></td></tr>324 <tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 20 change blocks. </a></th></tr> 325 <tr class="stats"><td></td><th><i>60 lines changed or deleted</i></th><th><i> </i></th><th><i>36 lines changed or added</i></th><td></td></tr> 401 326 <tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.38. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr> 402 327 </table> -
draft-ietf-httpbis/latest/p1-messaging.html
r2662 r2666 463 463 } 464 464 @bottom-center { 465 content: "Expires November 9, 2014";465 content: "Expires November 13, 2014"; 466 466 } 467 467 @bottom-right { … … 505 505 <meta name="dct.creator" content="Reschke, J. F."> 506 506 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p1-messaging-latest"> 507 <meta name="dct.issued" scheme="ISO8601" content="2014-05- 08">507 <meta name="dct.issued" scheme="ISO8601" content="2014-05-12"> 508 508 <meta name="dct.replaces" content="urn:ietf:rfc:2145"> 509 509 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> … … 534 534 <tr> 535 535 <td class="left">Intended status: Standards Track</td> 536 <td class="right">May 8, 2014</td>536 <td class="right">May 12, 2014</td> 537 537 </tr> 538 538 <tr> 539 <td class="left">Expires: November 9, 2014</td>539 <td class="left">Expires: November 13, 2014</td> 540 540 <td class="right"></td> 541 541 </tr> … … 566 566 in progress”. 567 567 </p> 568 <p>This Internet-Draft will expire on November 9, 2014.</p>568 <p>This Internet-Draft will expire on November 13, 2014.</p> 569 569 </div> 570 570 <div id="rfc.copyrightnotice"> … … 2141 2141 avoid confusing downstream recipients, a proxy or gateway <em class="bcp14">MUST</em> remove or replace any received connection options before forwarding the message. 2142 2142 </p> 2143 <p id="rfc.section.6.1.p.2">When a header field aside from Connection is used to supply control information for or about the current connection, the sender <em class="bcp14">MUST</em> list the corresponding field-name within the "Connection"header field. A proxy or gateway <em class="bcp14">MUST</em> parse a received Connection header field before a message is forwarded and, for each connection-option in this field, remove2143 <p id="rfc.section.6.1.p.2">When a header field aside from Connection is used to supply control information for or about the current connection, the sender <em class="bcp14">MUST</em> list the corresponding field-name within the Connection header field. A proxy or gateway <em class="bcp14">MUST</em> parse a received Connection header field before a message is forwarded and, for each connection-option in this field, remove 2144 2144 any header field(s) from the message with the same name as the connection-option, and then remove the Connection header field 2145 2145 itself (or replace it with the intermediary's own connection options for the forwarded message). … … 2492 2492 </div> 2493 2493 <p id="rfc.section.8.1.p.3">Furthermore, the header field-name "Close" has been registered as "reserved", since using that name as an HTTP header field 2494 might conflict with the "close" connection option of the "<a href="#header.connection" class="smpl">Connection</a>"header field (<a href="#header.connection" id="rfc.xref.header.connection.7" title="Connection">Section 6.1</a>).2494 might conflict with the "close" connection option of the <a href="#header.connection" class="smpl">Connection</a> header field (<a href="#header.connection" id="rfc.xref.header.connection.7" title="Connection">Section 6.1</a>). 2495 2495 </p> 2496 2496 <div id="rfc.table.u.1"> … … 2902 2902 <div id="risks.intermediaries"> 2903 2903 <h2 id="rfc.section.9.2"><a href="#rfc.section.9.2">9.2</a> <a href="#risks.intermediaries">Risks of Intermediaries</a></h2> 2904 <p id="rfc.section.9.2.p.1">By their very nature, HTTP intermediaries are men-in-the-middle , and thus represent an opportunity for man-in-the-middle attacks.2905 Compromise of the systems on which the intermediaries run can result in serious security and privacy problems. Intermediaries2904 <p id="rfc.section.9.2.p.1">By their very nature, HTTP intermediaries are men-in-the-middle and, thus, represent an opportunity for man-in-the-middle 2905 attacks. Compromise of the systems on which the intermediaries run can result in serious security and privacy problems. Intermediaries 2906 2906 might have access to security-related information, personal information about individual users and organizations, and proprietary 2907 2907 information belonging to users and content providers. A compromised intermediary, or an intermediary implemented or configured … … 3355 3355 fields and the reason phrase has been obsoleted and made opaque (the TEXT rule was removed). (<a href="#field.components" title="Field Value Components">Section 3.2.6</a>) 3356 3356 </p> 3357 <p id="rfc.section.A.2.p.10">Bogus "<a href="#header.content-length" class="smpl">Content-Length</a>"header fields are now required to be handled as errors by recipients. (<a href="#header.content-length" id="rfc.xref.header.content-length.2" title="Content-Length">Section 3.3.2</a>)3357 <p id="rfc.section.A.2.p.10">Bogus <a href="#header.content-length" class="smpl">Content-Length</a> header fields are now required to be handled as errors by recipients. (<a href="#header.content-length" id="rfc.xref.header.content-length.2" title="Content-Length">Section 3.3.2</a>) 3358 3358 </p> 3359 3359 <p id="rfc.section.A.2.p.11">The algorithm for determining the message body length has been clarified to indicate all of the special cases (e.g., driven -
draft-ietf-httpbis/latest/p1-messaging.xml
r2662 r2666 2901 2901 When a header field aside from Connection is used to supply control 2902 2902 information for or about the current connection, the sender &MUST; list 2903 the corresponding field-name within the "Connection"header field.2903 the corresponding field-name within the Connection header field. 2904 2904 A proxy or gateway &MUST; parse a received Connection 2905 2905 header field before a message is forwarded and, for each … … 3502 3502 Furthermore, the header field-name "Close" has been registered as 3503 3503 "reserved", since using that name as an HTTP header field might 3504 conflict with the "close" connection option of the "<x:ref>Connection</x:ref>"3504 conflict with the "close" connection option of the <x:ref>Connection</x:ref> 3505 3505 header field (<xref target="header.connection"/>). 3506 3506 </t> … … 3962 3962 <section title="Risks of Intermediaries" anchor="risks.intermediaries"> 3963 3963 <t> 3964 By their very nature, HTTP intermediaries are men-in-the-middle , and thus3964 By their very nature, HTTP intermediaries are men-in-the-middle and, thus, 3965 3965 represent an opportunity for man-in-the-middle attacks. Compromise of 3966 3966 the systems on which the intermediaries run can result in serious security … … 5399 5399 </t> 5400 5400 <t> 5401 Bogus "<x:ref>Content-Length</x:ref>"header fields are now required to be5401 Bogus <x:ref>Content-Length</x:ref> header fields are now required to be 5402 5402 handled as errors by recipients. 5403 5403 (<xref target="header.content-length"/>)
Note: See TracChangeset
for help on using the changeset viewer.