Context Navigation

← Previous Changeset
Next Changeset →

Changeset 970

Timestamp:

31/07/10 08:54:31 (12 years ago)

Author:

julian.reschke@…

Message:

regen HTML

Location:

draft-ietf-httpbis/latest

Files:

: 7 edited

p1-messaging.html (modified) (16 diffs)
p2-semantics.html (modified) (11 diffs)
p3-payload.html (modified) (9 diffs)
p4-conditional.html (modified) (8 diffs)
p5-range.html (modified) (8 diffs)
p6-cache.html (modified) (9 diffs)
p7-auth.html (modified) (6 diffs)

Legend:

: Unmodified
: Added
: Removed

draft-ietf-httpbis/latest/p1-messaging.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p1-messaging-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 1 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 1 provides an overview of HTTP and its associated terminology, defines the &#34;http&#34; and &#34;https&#34; Uniform Resource Identifier (URI) schemes, defines the generic message syntax and parsing requirements for HTTP message frames, and describes general security concerns for implementations.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">HP</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       <p id="rfc.section.1.p.4">One consequence of HTTP flexibility is that the protocol cannot be defined in terms of what occurs behind the interface. Instead,
          we are limited to defining the syntax of communication, the intent of received communication, and the expected behavior of
          recipients. If the communication is considered in isolation, then successful actions should be reflected in corresponding
+         recipients. If the communication is considered in isolation, then successful actions ought to be reflected in corresponding
          changes to the observable interface provided by servers. However, since multiple clients might act in parallel and perhaps
          at cross-purposes, we cannot require that such changes be observable beyond the scope of a single response.
 …
       <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;<a id="message.robustness" href="#message.robustness">Message Parsing Robustness</a></h2>
       <p id="rfc.section.3.1.p.1">In the interest of robustness, servers <em class="bcp14">SHOULD</em> ignore at least one empty line received where a Request-Line is expected. In other words, if the server is reading the protocol
          stream at the beginning of a message and receives a CRLF first, it should ignore the CRLF.
+         stream at the beginning of a message and receives a CRLF first, it <em class="bcp14">SHOULD</em> ignore the CRLF.
       </p>
       <p id="rfc.section.3.1.p.2">Some old HTTP/1.0 client implementations generate an extra CRLF after a POST request as a lame workaround for some early server
 …
             <p>If a message is received with both a Transfer-Encoding header field and a Content-Length header field, the Transfer-Encoding
                overrides the Content-Length. Such a message might indicate an attempt to perform request or response smuggling (bypass of
                security-related checks on message routing or content) and thus should be handled as an error. The provided Content-Length <em class="bcp14">MUST</em> be removed, prior to forwarding the message downstream, or replaced with the real message-body length after the transfer-coding
+               security-related checks on message routing or content) and thus ought to be handled as an error. The provided Content-Length <em class="bcp14">MUST</em> be removed, prior to forwarding the message downstream, or replaced with the real message-body length after the transfer-coding
                is decoded.
             </p>
 …
       <div class="note" id="rfc.section.4.1.2.p.18">
          <p> <b>Note:</b> The "no rewrite" rule prevents the proxy from changing the meaning of the request when the origin server is improperly using
             a non-reserved URI character for a reserved purpose. Implementors should be aware that some pre-HTTP/1.1 proxies have been
+            a non-reserved URI character for a reserved purpose. Implementors need to be aware that some pre-HTTP/1.1 proxies have been
             known to rewrite the request-target.
          </p>
 …
       <h3 id="rfc.section.9.8.1"><a href="#rfc.section.9.8.1">9.8.1</a>&nbsp;<a id="upgrade.token.registry" href="#upgrade.token.registry">Upgrade Token Registry</a></h3>
       <p id="rfc.section.9.8.1.p.1">The HTTP Upgrade Token Registry defines the name space for product tokens used to identify protocols in the Upgrade header
+         field. Each registered token should be associated with one or a set of specifications, and with contact information.
+      </p>
+      <p id="rfc.section.9.8.1.p.2">Registrations should be allowed on a First Come First Served basis as described in <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a> of <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>. These specifications need not be IETF documents or be subject to IESG review, but should obey the following rules:
+         field. Each registered token is associated with contact information and an optional set of specifications that details how
+         the connection will be processed after it has been upgraded.
+      </p>
+      <p id="rfc.section.9.8.1.p.2">Registrations are allowed on a First Come First Served basis as described in <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a> of <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>. The specifications need not be IETF documents or be subject to IESG review. Registrations are subject to the following rules:
       </p>
       <ol>
 …
          <li>The registration <em class="bcp14">MUST</em> name a point of contact.
          </li>
          <li>The registration <em class="bcp14">MAY</em> name the documentation required for the token.
+         <li>The registration <em class="bcp14">MAY</em> name a set of specifications associated with that token. Such specifications need not be publicly available.
          </li>
          <li>The responsible party <em class="bcp14">MAY</em> change the registration at any time. The IANA will keep a record of all such changes, and make them available upon request.
 …
          </li>
       </ol>
-      <p id="rfc.section.9.8.1.p.3">It is not required that specifications for upgrade tokens be made publicly available, but the contact information for the
-         registration should be.
-      </p>
       <div id="rfc.iref.v.1"></div>
       <div id="rfc.iref.h.15"></div>
 …
       <h1 id="rfc.section.10"><a href="#rfc.section.10">10.</a>&nbsp;<a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>
       <h2 id="rfc.section.10.1"><a href="#rfc.section.10.1">10.1</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.10.1.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.10.1.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.1">
 …
       <p id="rfc.section.10.1.p.2">The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p>
       <h2 id="rfc.section.10.2"><a href="#rfc.section.10.2">10.2</a>&nbsp;<a id="uri.scheme.registration" href="#uri.scheme.registration">URI Scheme Registration</a></h2>
       <p id="rfc.section.10.2.p.1">The entries for the "http" and "https" URI Schemes in the registry located at &lt;<a href="http://www.iana.org/assignments/uri-schemes.html">http://www.iana.org/assignments/uri-schemes.html</a>&gt; should be updated to point to Sections <a href="#http.uri" title="http URI scheme">2.6.1</a> and <a href="#https.uri" title="https URI scheme">2.6.2</a> of this document (see <a href="#RFC4395" id="rfc.xref.RFC4395.1"><cite title="Guidelines and Registration Procedures for New URI Schemes">[RFC4395]</cite></a>).
+      <p id="rfc.section.10.2.p.1">The entries for the "http" and "https" URI Schemes in the registry located at &lt;<a href="http://www.iana.org/assignments/uri-schemes.html">http://www.iana.org/assignments/uri-schemes.html</a>&gt; shall be updated to point to Sections <a href="#http.uri" title="http URI scheme">2.6.1</a> and <a href="#https.uri" title="https URI scheme">2.6.2</a> of this document (see <a href="#RFC4395" id="rfc.xref.RFC4395.1"><cite title="Guidelines and Registration Procedures for New URI Schemes">[RFC4395]</cite></a>).
       </p>
       <h2 id="rfc.section.10.3"><a href="#rfc.section.10.3">10.3</a>&nbsp;<a id="internet.media.type.http" href="#internet.media.type.http">Internet Media Type Registrations</a></h2>
 …
       <p id="rfc.section.10.4.p.1">The registration procedure for HTTP Transfer Codings is now defined by <a href="#transfer.coding.registry" title="Transfer Coding Registry">Section&nbsp;6.2.3</a> of this document.
       </p>
       <p id="rfc.section.10.4.p.2">The HTTP Transfer Codings Registry located at &lt;<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>&gt; should be updated with the registrations below:
+      <p id="rfc.section.10.4.p.2">The HTTP Transfer Codings Registry located at &lt;<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>&gt; shall be updated with the registrations below:
       </p>
       <div id="rfc.table.2">
 …
       <p id="rfc.section.10.5.p.1">The registration procedure for HTTP Upgrade Tokens -- previously defined in <a href="http://tools.ietf.org/html/rfc2817#section-7.2">Section 7.2</a> of <a href="#RFC2817" id="rfc.xref.RFC2817.1"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a> -- is now defined by <a href="#upgrade.token.registry" title="Upgrade Token Registry">Section&nbsp;9.8.1</a> of this document.
       </p>
       <p id="rfc.section.10.5.p.2">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-upgrade-tokens/">http://www.iana.org/assignments/http-upgrade-tokens/</a>&gt; should be updated with the registration below:
+      <p id="rfc.section.10.5.p.2">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-upgrade-tokens/">http://www.iana.org/assignments/http-upgrade-tokens/</a>&gt; shall be updated with the registration below:
       </p>
       <div id="rfc.table.u.1">
 …
          might be used in the commission of a wide range of potential attacks.
       </p>
       <p id="rfc.section.11.5.p.2">Proxy operators should protect the systems on which proxies run as they would protect any system that contains or transports
+      <p id="rfc.section.11.5.p.2">Proxy operators need to protect the systems on which proxies run as they would protect any system that contains or transports
          sensitive information. In particular, log information gathered at proxies often contains highly sensitive personal information,
          and/or information about organizations. Log information should be carefully guarded, and appropriate guidelines for use should
          be developed and followed. (<a href="#abuse.of.server.log.information" title="Abuse of Server Log Information">Section&nbsp;11.2</a>).
       </p>
       <p id="rfc.section.11.5.p.3">Proxy implementors should consider the privacy and security implications of their design and coding decisions, and of the
+         and/or information about organizations. Log information needs to be carefully guarded, and appropriate guidelines for use
+         need to be developed and followed. (<a href="#abuse.of.server.log.information" title="Abuse of Server Log Information">Section&nbsp;11.2</a>).
+      </p>
+      <p id="rfc.section.11.5.p.3">Proxy implementors need to consider the privacy and security implications of their design and coding decisions, and of the
          configuration options they provide to proxy operators (especially the default configuration).
       </p>

draft-ietf-httpbis/latest/p2-semantics.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p2-semantics-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 2 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 2 defines the semantics of HTTP messages as expressed by request methods, request-header fields, response status codes, and response-header fields.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">HP</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       <div id="rfc.iref.s.1"></div>
       <h3 id="rfc.section.7.1.1"><a href="#rfc.section.7.1.1">7.1.1</a>&nbsp;<a id="safe.methods" href="#safe.methods">Safe Methods</a></h3>
+      <p id="rfc.section.7.1.1.p.1">Implementors should be aware that the software represents the user in their interactions over the Internet, and should be
+         careful to allow the user to be aware of any actions they take which might have an unexpected significance to themselves or
+         others.
+      <p id="rfc.section.7.1.1.p.1">Implementors need to be aware that the software represents the user in their interactions over the Internet, and need to allow
+         the user to be aware of any actions they take which might have an unexpected significance to themselves or others.
       </p>
       <p id="rfc.section.7.1.1.p.2">In particular, the convention has been established that the GET, HEAD, OPTIONS, and TRACE methods <em class="bcp14">SHOULD NOT</em> have the significance of taking an action other than retrieval. These methods ought to be considered "<dfn id="safe">safe</dfn>". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is
 …
       </p>
       <div class="note" id="rfc.section.8.3.p.2">
          <p> <b>Note:</b> An earlier version of this specification recommended a maximum of five redirections (<a href="#RFC2068" id="rfc.xref.RFC2068.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2068]</cite></a>, <a href="http://tools.ietf.org/html/rfc2068#section-10.3">Section 10.3</a>). Content developers should be aware that there might be clients that implement such a fixed limitation.
+         <p> <b>Note:</b> An earlier version of this specification recommended a maximum of five redirections (<a href="#RFC2068" id="rfc.xref.RFC2068.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2068]</cite></a>, <a href="http://tools.ietf.org/html/rfc2068#section-10.3">Section 10.3</a>). Content developers need to be aware that some clients might implement such a fixed limitation.
          </p>
       </div>
 …
       <p id="rfc.section.9.6.p.2">The Referer header allows servers to generate lists of back-links to resources for interest, logging, optimized caching, etc.
          It also allows obsolete or mistyped links to be traced for maintenance. Some servers use Referer as a means of controlling
+         where they allow links from (so-called "deep linking"), but it should be noted that legitimate requests are not required to
+         contain a Referer header field.
+         where they allow links from (so-called "deep linking"), but legitimate requests do not always contain a Referer header field.
       </p>
       <p id="rfc.section.9.6.p.3">If the effective request URI was obtained from a source that does not have its own URI (e.g., input from the user keyboard),
 …
       <p id="rfc.section.10.1.p.1">The registration procedure for HTTP Methods is defined by <a href="#method.registry" title="Method Registry">Section&nbsp;2.1</a> of this document.
       </p>
       <p id="rfc.section.10.1.p.2">The HTTP Method Registry should be created at &lt;<a href="http://www.iana.org/assignments/http-methods">http://www.iana.org/assignments/http-methods</a>&gt; and be populated with the registrations below:
+      <p id="rfc.section.10.1.p.2">The HTTP Method Registry shall be created at &lt;<a href="http://www.iana.org/assignments/http-methods">http://www.iana.org/assignments/http-methods</a>&gt; and be populated with the registrations below:
       </p>
       <div id="rfc.table.1">
 …
       <p id="rfc.section.10.2.p.1">The registration procedure for HTTP Status Codes -- previously defined in <a href="http://tools.ietf.org/html/rfc2817#section-7.1">Section 7.1</a> of <a href="#RFC2817" id="rfc.xref.RFC2817.2"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a> -- is now defined by <a href="#status.code.registry" title="Status Code Registry">Section&nbsp;4.1</a> of this document.
       </p>
       <p id="rfc.section.10.2.p.2">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; should be updated with the registrations below:
+      <p id="rfc.section.10.2.p.2">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; shall be updated with the registrations below:
       </p>
       <div id="rfc.table.2">
 …
       </div>
       <h2 id="rfc.section.10.3"><a href="#rfc.section.10.3">10.3</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.10.3.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.10.3.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.3">
 …
       <p id="rfc.section.11.2.p.2">Clients <em class="bcp14">SHOULD NOT</em> include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.
       </p>
       <p id="rfc.section.11.2.p.3">Authors of services should not use GET-based forms for the submission of sensitive data because that data will be encoded
          in the request-target. Many existing servers, proxies, and user agents log or display the request-target in places where it
          might be visible to third parties. Such services can use POST-based form submission instead.
+      <p id="rfc.section.11.2.p.3">Authors of services <em class="bcp14">SHOULD NOT</em> use GET-based forms for the submission of sensitive data because that data will be placed in the request-target. Many existing
+         servers, proxies, and user agents log or display the request-target in places where it might be visible to third parties.
+         Such services can use POST-based form submission instead.
       </p>
       <h2 id="rfc.section.11.3"><a href="#rfc.section.11.3">11.3</a>&nbsp;<a id="location.spoofing" href="#location.spoofing">Location Headers and Spoofing</a></h2>

draft-ietf-httpbis/latest/p3-payload.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p3-payload-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 3 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 3 defines HTTP message content, metadata, and content negotiation.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">J. Mogul</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
          of the charset parameter can be quoted.
       </p>
       <p id="rfc.section.2.1.p.8">Implementors should be aware of IETF character set requirements <a href="#RFC3629" id="rfc.xref.RFC3629.1"><cite title="UTF-8, a transformation format of ISO 10646">[RFC3629]</cite></a>  <a href="#RFC2277" id="rfc.xref.RFC2277.1"><cite title="IETF Policy on Character Sets and Languages">[RFC2277]</cite></a>.
+      <p id="rfc.section.2.1.p.8">Implementors need to be aware of IETF character set requirements <a href="#RFC3629" id="rfc.xref.RFC3629.1"><cite title="UTF-8, a transformation format of ISO 10646">[RFC3629]</cite></a>  <a href="#RFC2277" id="rfc.xref.RFC2277.1"><cite title="IETF Policy on Character Sets and Languages">[RFC2277]</cite></a>.
       </p>
       <h3 id="rfc.section.2.1.1"><a href="#rfc.section.2.1.1">2.1.1</a>&nbsp;<a id="missing.charset" href="#missing.charset">Missing Charset</a></h3>
 …
       <div class="note" id="rfc.section.6.4.p.10">
          <p> <b>Note:</b> When making the choice of linguistic preference available to the user, we remind implementors of the fact that users are not
             familiar with the details of language matching as described above, and should provide appropriate guidance. As an example,
+            familiar with the details of language matching as described above, and ought to be provided appropriate guidance. As an example,
             users might assume that on selecting "en-gb", they will be served any kind of English document if British English is not available.
             A user agent might suggest in such a case to add "en" to get the best matching behavior.
 …
       <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>
       <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.7.1.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.7.1.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.1">
 …
       <p id="rfc.section.7.2.p.1">The registration procedure for HTTP Content Codings is now defined by <a href="#content.coding.registry" title="Content Coding Registry">Section&nbsp;2.2.1</a> of this document.
       </p>
       <p id="rfc.section.7.2.p.2">The HTTP Content Codings Registry located at &lt;<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>&gt; should be updated with the registration below:
+      <p id="rfc.section.7.2.p.2">The HTTP Content Codings Registry located at &lt;<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>&gt; shall be updated with the registration below:
       </p>
       <div id="rfc.table.2">
 …
          CR and LF, as is the case for some multi-byte character sets.
       </p>
+      <p id="rfc.section.A.2.p.3">Implementors should note that conversion will break any cryptographic checksums applied to the original content unless the
+         original content is already in canonical form. Therefore, the canonical form is recommended for any content that uses such
+         checksums in HTTP.
+      <p id="rfc.section.A.2.p.3">Conversion will break any cryptographic checksums applied to the original content unless the original content is already in
+         canonical form. Therefore, the canonical form is recommended for any content that uses such checksums in HTTP.
       </p>
       <h2 id="rfc.section.A.3"><a href="#rfc.section.A.3">A.3</a>&nbsp;<a id="conversion.of.date.formats" href="#conversion.of.date.formats">Conversion of Date Formats</a></h2>

draft-ietf-httpbis/latest/p4-conditional.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p4-conditional-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 4 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 4 defines request header fields for indicating conditional requests and the rules for constructing responses to those requests.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">J. Mogul</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       </p>
       <ul class="empty">
          <li> <b>Note:</b> The general principle behind these rules is that HTTP/1.1 servers and clients should transmit as much non-redundant information
+         <li> <b>Note:</b> The general principle behind these rules is that HTTP/1.1 servers and clients ought to transmit as much non-redundant information
             as is available in their responses and requests. HTTP/1.1 systems receiving this information will make the most conservative
             assumptions about the validators they receive.
 …
          </li>
          <li> <b>Note:</b> If a client uses an arbitrary date in the If-Modified-Since header instead of a date taken from the Last-Modified header for
             the same request, the client should be aware of the fact that this date is interpreted in the server's understanding of time.
             The client should consider unsynchronized clocks and rounding problems due to the different encodings of time between the
             client and server. This includes the possibility of race conditions if the document has changed between the time it was first
             requested and the If-Modified-Since date of a subsequent request, and the possibility of clock-skew-related problems if the
             If-Modified-Since date is derived from the client's clock without correction to the server's clock. Corrections for different
             time bases between client and server are at best approximate due to network latency.
+            the same request, the client needs to be aware that this date is interpreted in the server's understanding of time. Unsynchronized
+            clocks and rounding problems, due to the different encodings of time between the client and server, are concerns. This includes
+            the possibility of race conditions if the document has changed between the time it was first requested and the If-Modified-Since
+            date of a subsequent request, and the possibility of clock-skew-related problems if the If-Modified-Since date is derived
+            from the client's clock without correction to the server's clock. Corrections for different time bases between client and
+            server are at best approximate due to network latency.
          </li>
       </ul>
 …
       <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>
       <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a>&nbsp;<a id="status.code.registration" href="#status.code.registration">Status Code Registration</a></h2>
       <p id="rfc.section.7.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; should be updated with the registrations below:
+      <p id="rfc.section.7.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; shall be updated with the registrations below:
       </p>
       <div id="rfc.table.1">
 …
       </div>
       <h2 id="rfc.section.7.2"><a href="#rfc.section.7.2">7.2</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.7.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.7.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.2">

draft-ietf-httpbis/latest/p5-range.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p5-range-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 5 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 5 defines range-specific requests and the rules for constructing and combining responses to those requests.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">J. Mogul</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;<a id="header.content-range" href="#header.content-range">Content-Range</a></h2>
       <p id="rfc.section.5.2.p.1">The "Content-Range" header field is sent with a partial representation to specify where in the full representation the payload
          body should be applied.
+         body is intended to be applied.
       </p>
       <p id="rfc.section.5.2.p.2">Range units are defined in <a href="#range.units" title="Range Units">Section&nbsp;2</a>.
 …
       <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;<a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>
       <h2 id="rfc.section.6.1"><a href="#rfc.section.6.1">6.1</a>&nbsp;<a id="status.code.registration" href="#status.code.registration">Status Code Registration</a></h2>
       <p id="rfc.section.6.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; should be updated with the registrations below:
+      <p id="rfc.section.6.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; shall be updated with the registrations below:
       </p>
       <div id="rfc.table.1">
 …
       </div>
       <h2 id="rfc.section.6.2"><a href="#rfc.section.6.2">6.2</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.6.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.6.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.2">
 …
       <p id="rfc.section.6.3.p.1">The registration procedure for HTTP Range Specifiers is defined by <a href="#range.specifier.registry" title="Range Specifier Registry">Section&nbsp;2.1</a> of this document.
       </p>
       <p id="rfc.section.6.3.p.2">The HTTP Range Specifier Registry should be created at &lt;<a href="http://www.iana.org/assignments/http-range-specifiers">http://www.iana.org/assignments/http-range-specifiers</a>&gt; and be populated with the registrations below:
+      <p id="rfc.section.6.3.p.2">The HTTP Range Specifier Registry shall be created at &lt;<a href="http://www.iana.org/assignments/http-range-specifiers">http://www.iana.org/assignments/http-range-specifiers</a>&gt; and be populated with the registrations below:
       </p>
       <div id="rfc.table.3">

draft-ietf-httpbis/latest/p6-cache.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p6-cache-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This document is Part 6 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 6 defines requirements on HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">J. Mogul</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       </p>
       <ul class="empty">
+         <li>The time at which the origin server intends that a representation should no longer be returned by a cache without further
+            validation.
+         </li>
+         <li>The time at which the origin server intends that a representation no longer be returned by a cache without further validation.</li>
       </ul>
       <p id="rfc.section.1.2.p.4"> <span id="rfc.iref.h.1"></span>  <dfn>heuristic expiration time</dfn>
 …
          is not likely to change in a semantically significant way before the expiration time is reached.
       </p>
+      <p id="rfc.section.2.3.p.3">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past.
+         This means that the response is always stale, so that caches should validate it before using it for subsequent requests. <span class="comment" id="TODO-response-stale">[<a href="#TODO-response-stale" class="smpl">TODO-response-stale</a>: This wording might cause confusion, because the response might still be served stale.]</span>
+      <p id="rfc.section.2.3.p.3">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past
+         to indicate that the response is already stale. Compliant caches will validate the cached response before reusing it for subsequent
+         requests.
       </p>
       <p id="rfc.section.2.3.p.4">Since origin servers do not always provide explicit expiration times, HTTP caches <em class="bcp14">MAY</em> assign heuristic expiration times when explicit times are not specified, employing algorithms that use other header values
 …
       <p id="rfc.section.5.1.p.1">The registration procedure for HTTP Cache Directives is defined by <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;3.2.3</a> of this document.
       </p>
       <p id="rfc.section.5.1.p.2">The HTTP Cache Directive Registry should be created at &lt;<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>&gt; and be populated with the registrations below:
+      <p id="rfc.section.5.1.p.2">The HTTP Cache Directive Registry shall be created at &lt;<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>&gt; and be populated with the registrations below:
       </p>
       <div id="rfc.table.1">
 …
       </div>
       <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.5.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.5.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.2">
 …
       <p id="rfc.section.6.p.1">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious
          exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information
          long after a user believes that the information has been removed from the network. Therefore, cache contents should be protected
+         long after a user believes that the information has been removed from the network. Therefore, cache contents need to be protected
          as sensitive information.
       </p>

draft-ietf-httpbis/latest/p7-auth.html

-                      r968
+                      r970
       <meta name="dct.creator" content="Reschke, J. F.">
       <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p7-auth-latest">
       <meta name="dct.issued" scheme="ISO8601" content="2010-07-30">
+      <meta name="dct.issued" scheme="ISO8601" content="2010-07-31">
       <meta name="dct.replaces" content="urn:ietf:rfc:2616">
       <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 7 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 7 defines HTTP Authentication.">
 …
             </tr>
             <tr>
                <td class="left">Expires: January 31, 2011</td>
+               <td class="left">Expires: February 1, 2011</td>
                <td class="right">HP</td>
             </tr>
 …
             <tr>
                <td class="left"></td>
                <td class="right">July 30, 2010</td>
+               <td class="right">July 31, 2010</td>
             </tr>
          </tbody>
 …
          in progress”.
       </p>
       <p>This Internet-Draft will expire in January 31, 2011.</p>
+      <p>This Internet-Draft will expire in February 1, 2011.</p>
       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
       <p>Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
 …
       <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;<a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>
       <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a>&nbsp;<a id="status.code.registration" href="#status.code.registration">Status Code Registration</a></h2>
       <p id="rfc.section.4.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; should be updated with the registrations below:
+      <p id="rfc.section.4.1.p.1">The HTTP Status Code Registry located at &lt;<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>&gt; shall be updated with the registrations below:
       </p>
       <div id="rfc.table.1">
 …
       </div>
       <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
       <p id="rfc.section.4.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; should be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
+      <p id="rfc.section.4.2.p.1">The Message Header Field Registry located at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt; shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):
       </p>
       <div id="rfc.table.2">

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: