Changeset 969 for draft-ietf-httpbis/latest/p1-messaging.xml
- Timestamp:
- 31/07/10 01:06:01 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p1-messaging.xml
r968 r969 263 263 of received communication, and the expected behavior of recipients. 264 264 If the communication is considered in isolation, then successful 265 actions shouldbe reflected in corresponding changes to the265 actions ought to be reflected in corresponding changes to the 266 266 observable interface provided by servers. However, since multiple 267 267 clients might act in parallel and perhaps at cross-purposes, we … … 1107 1107 empty line received where a Request-Line is expected. In other words, if 1108 1108 the server is reading the protocol stream at the beginning of a 1109 message and receives a CRLF first, it shouldignore the CRLF.1109 message and receives a CRLF first, it &SHOULD; ignore the CRLF. 1110 1110 </t> 1111 1111 <t> … … 1333 1333 Such a message might indicate an attempt to perform request or response 1334 1334 smuggling (bypass of security-related checks on message routing or content) 1335 and thus shouldbe handled as an error. The provided Content-Length &MUST;1335 and thus ought to be handled as an error. The provided Content-Length &MUST; 1336 1336 be removed, prior to forwarding the message downstream, or replaced with 1337 1337 the real message-body length after the transfer-coding is decoded. … … 1603 1603 meaning of the request when the origin server is improperly using 1604 1604 a non-reserved URI character for a reserved purpose. Implementors 1605 shouldbe aware that some pre-HTTP/1.1 proxies have been known to1605 need to be aware that some pre-HTTP/1.1 proxies have been known to 1606 1606 rewrite the request-target. 1607 1607 </t> … … 3311 3311 The HTTP Upgrade Token Registry defines the name space for product 3312 3312 tokens used to identify protocols in the Upgrade header field. 3313 Each registered token should be associated with one or a set of 3314 specifications, and with contact information. 3315 </t> 3316 <t> 3317 Registrations should be allowed on a First Come First Served basis as 3318 described in <xref target="RFC5226" x:sec="4.1" x:fmt="of"/>. These 3319 specifications need not be IETF documents or be subject to IESG review, but 3320 should obey the following rules: 3313 Each registered token is associated with contact information and 3314 an optional set of specifications that details how the connection 3315 will be processed after it has been upgraded. 3316 </t> 3317 <t> 3318 Registrations are allowed on a First Come First Served basis as 3319 described in <xref target="RFC5226" x:sec="4.1" x:fmt="of"/>. The 3320 specifications need not be IETF documents or be subject to IESG review. 3321 Registrations are subject to the following rules: 3321 3322 <list style="numbers"> 3322 3323 <t>A token, once registered, stays registered forever.</t> … … 3324 3325 registration.</t> 3325 3326 <t>The registration &MUST; name a point of contact.</t> 3326 <t>The registration &MAY; name the documentation required for the3327 token. </t>3327 <t>The registration &MAY; name a set of specifications associated with that 3328 token. Such specifications need not be publicly available.</t> 3328 3329 <t>The responsible party &MAY; change the registration at any time. 3329 3330 The IANA will keep a record of all such changes, and make them … … 3337 3338 </list> 3338 3339 </t> 3339 <t>3340 It is not required that specifications for upgrade tokens be made3341 publicly available, but the contact information for the registration3342 should be.3343 </t>3344 3340 </section> 3345 3341 … … 3453 3449 <section title="Header Field Registration" anchor="header.field.registration"> 3454 3450 <t> 3455 The Message Header Field Registry located at <eref target="http://www.iana.org/assignments/message-headers/message-header-index.html"/> sh ouldbe updated3451 The Message Header Field Registry located at <eref target="http://www.iana.org/assignments/message-headers/message-header-index.html"/> shall be updated 3456 3452 with the permanent registrations below (see <xref target="RFC3864"/>): 3457 3453 </t> … … 3530 3526 The entries for the "http" and "https" URI Schemes in the registry located at 3531 3527 <eref target="http://www.iana.org/assignments/uri-schemes.html"/> 3532 sh ouldbe updated to point to Sections <xref target="http.uri" format="counter"/>3528 shall be updated to point to Sections <xref target="http.uri" format="counter"/> 3533 3529 and <xref target="https.uri" format="counter"/> of this document 3534 3530 (see <xref target="RFC4395"/>). … … 3693 3689 <t> 3694 3690 The HTTP Transfer Codings Registry located at <eref target="http://www.iana.org/assignments/http-parameters"/> 3695 sh ouldbe updated with the registrations below:3691 shall be updated with the registrations below: 3696 3692 </t> 3697 3693 <texttable align="left" suppress-title="true" anchor="iana.transfer.coding.registration.table"> … … 3732 3728 <t> 3733 3729 The HTTP Status Code Registry located at <eref target="http://www.iana.org/assignments/http-upgrade-tokens/"/> 3734 sh ouldbe updated with the registration below:3730 shall be updated with the registration below: 3735 3731 </t> 3736 3732 <texttable align="left" suppress-title="true"> … … 3860 3856 </t> 3861 3857 <t> 3862 Proxy operators shouldprotect the systems on which proxies run as3858 Proxy operators need to protect the systems on which proxies run as 3863 3859 they would protect any system that contains or transports sensitive 3864 3860 information. In particular, log information gathered at proxies often 3865 3861 contains highly sensitive personal information, and/or information 3866 about organizations. Log information shouldbe carefully guarded, and3867 appropriate guidelines for use shouldbe developed and followed.3862 about organizations. Log information needs to be carefully guarded, and 3863 appropriate guidelines for use need to be developed and followed. 3868 3864 (<xref target="abuse.of.server.log.information"/>). 3869 3865 </t> 3870 3866 <t> 3871 Proxy implementors shouldconsider the privacy and security3867 Proxy implementors need to consider the privacy and security 3872 3868 implications of their design and coding decisions, and of the 3873 3869 configuration options they provide to proxy operators (especially the
Note: See TracChangeset
for help on using the changeset viewer.