ietf 77 httpbis vs rfc2231
play

IETF 77 - HTTPbis vs RFC2231 Julian Reschke, greenbytes Julian - PowerPoint PPT Presentation

Mar 12, 2023 •145 likes •200 views

IETF 77 - HTTPbis vs RFC2231 IETF 77 - HTTPbis vs RFC2231 Julian Reschke, greenbytes Julian Reschke, greenbytes 1 IETF 77 - HTTPbis vs RFC2231 Problem Statement (1/2) RFC2616 includes "Content-Disposition" (RFC 2616, Section

  1. IETF 77 - HTTPbis vs RFC2231 IETF 77 - HTTPbis vs RFC2231 Julian Reschke, greenbytes Julian Reschke, greenbytes 1

  2. IETF 77 - HTTPbis vs RFC2231 Problem Statement (1/2) • RFC2616 includes "Content-Disposition" (RFC 2616, Section 19.5.1), but also says: “RFC 1806 [35], from which the often implemented Content- Disposition (see Appendix 19.5.1) header in HTTP is derived, has a number of very serious security considerations. Content-Disposition is not part of the HTTP standard, but since it is widely implemented, we are documenting its use and risks for implementers.” (RFC2616, Section 15.5) • Refers to RFC 1806 (definition of Content-Disposition), obsoleted by RFC 2183. • I18N for Content-Disposition (filename) relies on on MIME specs RFC 2047, augmented RFC 2184, which itself was obsoleted by RFC 2231 ('MIME Parameter Value and Encoded Word Extensions: Character Sets, Languages, and Continuations'). Julian Reschke, greenbytes 2

  3. IETF 77 - HTTPbis vs RFC2231 Problem Statement (2/2) • RFC 2183 did not state that it obsoleted RFC 1806, making it hard to find the up-to-date spec (fixed in RFC Index in the meantime) • RFC 2231 specifies many features that are not needed in HTTP, but also fails to REQUIRE common character sets for interoperability • Interoperability suffers from all of this, see test cases at http://greenbytes.de/tech/tc2231/ -- Firefox, Konqueror and Opera are fine, the other UAs do not support the I18N extensions defined in RFC 2231. Julian Reschke, greenbytes 3

  4. IETF 77 - HTTPbis vs RFC2231 Proposal • Remove from HTTPbis (discussed during IETF-72 in Dublin) • Profile RFC 2231 for use in HTTP (remove ambiguities, fix grammar, remove unneeded features, require a common character set: draft- reschke-rfc2231-in-http-10). (Note: does not normatively refer to RFC 2231 so it can evolve independently) In IETF Last Call - ending 2010-03-22 (yes, today!) • Profile makes it easier for new HTTP header definitions to "opt in" (HTTP Link Header / Web Linking specification, past IETF LC, does this) • Get feedback from "other" UA vendors (I was told that profiling RFC 2231 made it more reasonable to implement) • Move actual definition of Content-Disposition as HTTP header into a separate specification (work has started with draft-reschke- rfc2183-in-http-00) • Mention the profile in a yet to be written section about defining new HTTP headers. Julian Reschke, greenbytes 4

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair <mnot@mnot.net> Principal

HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair <mnot@mnot.net> Principal

HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair <mnot@mnot.net> Principal Technical Yahoo! <mnot@yahoo-inc.com> Hidden Agenda Inform what HTTP (the protocol) can do Inform what implementations can't (yet) do

624 views • 36 slides
HTTPbis Charter and Process Politics is not the art of the possible. It consists of choosing

HTTPbis Charter and Process Politics is not the art of the possible. It consists of choosing

HTTPbis Charter and Process Politics is not the art of the possible. It consists of choosing between the disastrous and the unpalatable. - attributed to John Kenneth Galbraith Charter The working group will refine RFC2616 to:

502 views • 15 slides
EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF

940 views • 7 slides
IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195 newcomers l IETF 82 was 948 people l 55 countries l IETF 82 was 48 countries IETF 82 was held in US JP CN FR UK Taipei, Taiwan DE

327 views • 8 slides
Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1 IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any

637 views • 29 slides
Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building Mike StJohns IETF 99 Prague, CZ IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF

582 views • 29 slides
Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 -

Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 -

Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 - March 2005 Sumitha Bhandarkar, A. L. Narasimha Reddy, Mark Allman, Ethan Blanton "Hit our satellite with feeling, Give the people what they

363 views • 8 slides
BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor

BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor

BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an

399 views • 22 slides
IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore November 2019 Making the Internet work better IETF Administration LLC Who serves on the Board? Peter Maja Jason Sean Alissa Van Roste Livingood,

391 views • 10 slides
IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF

IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF

IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF and addressed to the IETF are subject to all provisions of Section 10 of RFC 2026, which grants to the IETF and its participants certain licenses

198 views • 9 slides
WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor

WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor

WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an

450 views • 8 slides
Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources

Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources

Jari Arkko Sean Turner Greg Kapfer ISOC Board Chair, IETF ISOC CFO Treasurer Expert, Ericsson Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources 2008-2016 ( 2016 (US$ 000s S$ 000s) $7, $7,000 000

135 views • 11 slides
IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July 2019 Making the Internet work better IETF Administration LLC Who serves on the Board? Peter Maja Jason Sean Alissa Van Roste Livingood,

256 views • 13 slides
IETF Chair and IESG Report, IETF 105 This report, sent out before IETF 105 begins, is an effort to

IETF Chair and IESG Report, IETF 105 This report, sent out before IETF 105 begins, is an effort to

IETF Chair and IESG Report, IETF 105 This report, sent out before IETF 105 begins, is an effort to reduce reporting at the plenary and to provide an ability to discuss topics on list beforehand and afterwards. The plan is to provide only a brief

359 views • 7 slides
SIP -- IETF 68 Chairs: Keith Drage Dean Willis Jabber rooms: Debate: sip@jabber.ietf.org

SIP -- IETF 68 Chairs: Keith Drage Dean Willis Jabber rooms: Debate: sip@jabber.ietf.org

SIP -- IETF 68 Chairs: Keith Drage Dean Willis Jabber rooms: Debate: sip@jabber.ietf.org Transcript: sipscribe@jabber.ietf.org Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF

369 views • 7 slides
VWRAP WG IETF 77 Chairs: Barry Leiba & Joshua Bell Note Well Any submission to the IETF

VWRAP WG IETF 77 Chairs: Barry Leiba & Joshua Bell Note Well Any submission to the IETF

VWRAP WG IETF 77 Chairs: Barry Leiba & Joshua Bell Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet- Draft or RFC and any statement made within the context of an IETF

311 views • 5 slides
Moving to De anna Morrison, DCYF In- Pe r son Jason Bragg, Soc ial Se rvic e Worke r,

Moving to De anna Morrison, DCYF In- Pe r son Jason Bragg, Soc ial Se rvic e Worke r,

Rose We ntz, Visitation Consultant Moving to De anna Morrison, DCYF In- Pe r son Jason Bragg, Soc ial Se rvic e Worke r, Pare nts Re pre se ntation Visits dur ing Program COVID19: Katie Biron, F oste r/ Adoptive Pare

753 views • 39 slides
CS 188: Artificial Intelligence Search with other Agents II Instructor: Anca Dragan, Sergey

CS 188: Artificial Intelligence Search with other Agents II Instructor: Anca Dragan, Sergey

CS 188: Artificial Intelligence Search with other Agents II Instructor: Anca Dragan, Sergey Levine University of California, Berkeley [These slides adapted from Dan Klein and Pieter Abbeel] Minimax Example 3 3 2 2 3 12 8 2 4 6 14 5

661 views • 38 slides
T h e D a n g e r A statement involving such quantifier equivalents is sometimes dangerous

T h e D a n g e r A statement involving such quantifier equivalents is sometimes dangerous

T h e D a n g e r o u s A ll i n S p e c i fi c a t i o n s Daniel M. Berry, CSD, University of Waterloo, Canada Erik Kamsties, Fraunhofer IESE, Germany

852 views • 37 slides
Drupal and Apache Solr Search Go Together Like Pizza and Beer for Your Site Peter M. Wolanin,

Drupal and Apache Solr Search Go Together Like Pizza and Beer for Your Site Peter M. Wolanin,

February 2, 2013 Drupal and Apache Solr Search Go Together Like Pizza and Beer for Your Site Peter M. Wolanin, Ph.D. Momentum Specialist (principal engineer), Acquia, Inc. Drupal contributor drupal.org/user/49851 co-maintainer of the Drupal

550 views • 41 slides
bae urban economics ECONOMIC EVALUATION OF INNOVATION City of Davis Finance and Budget PARK

bae urban economics ECONOMIC EVALUATION OF INNOVATION City of Davis Finance and Budget PARK

bae urban economics ECONOMIC EVALUATION OF INNOVATION City of Davis Finance and Budget PARK PROPOSALS Commission 7-13-15 REPORT OVERVIEW Innovation Parks as an Economic Development Strategy Local Baseline Conditions Potential

306 views • 9 slides
Baumgartner, POLI 203 Spring 2016 Review April 27, 2016 Catching Up Prison visit this

Baumgartner, POLI 203 Spring 2016 Review April 27, 2016 Catching Up Prison visit this

Baumgartner, POLI 203 Spring 2016 Review April 27, 2016 Catching Up Prison visit this Friday, 8am Spaces available if you want to come Course evaluations What the heck, express your opinion It closes down tonight, so do it

399 views • 12 slides
1. Underground Lab Geography Science Levels CUBED BLBF 370 miles of tunnels from Surface to

1. Underground Lab Geography Science Levels CUBED BLBF 370 miles of tunnels from Surface to

1. Underground Lab Geography Science Levels CUBED BLBF 370 miles of tunnels from Surface to 8000 feet deep 12 miles maintained for science and facility operations Sanford Underground Research Facility 2. Overall Status Facility

274 views • 12 slides
Introduction to Data Mining Methods and Tools by Michael Hahsler Agenda What is Data Mining?

Introduction to Data Mining Methods and Tools by Michael Hahsler Agenda What is Data Mining?

Introduction to Data Mining Methods and Tools by Michael Hahsler Agenda What is Data Mining? Data Mining T asks Relationship to Statistics, Optimization, Machine Learning and AI T ools Data Legal, Privacy and Security

1.02k views • 69 slides

More recommend