On Sun, 14 May 2006 14:30:28 +0200, Jim Ley <[EMAIL PROTECTED]> wrote:
Sure, but if the groups aim is to work in public, then it needs to work
in public, ie provide the motivations for the decisions, and not just
the decisions, otherwise exactly what happens here happens and all we
get is discussion on the public list that exactly reflects the existing
discussions already had at a f2f or in a telcon etc. Which wastes
everyones time. Just reporting decisions is unhelpful, especially when
they reverse previous public decisions of the group.
I agree. I guess there's some delay at some point in the process.
What was raised against that is that it hurts adoption of new HTTP
methods. That's true for all other types of APIs as well though.
Internet Explorer 7 as opposed to Internet Explorer 6 uses a whitelist
and other browsers vendors are planning to do the same thing. The
whitelist would contain all "safe methods" currently spreaded over
various RFCs.
I assume the whitelist is a SHOULD requirement - a MUST requirement
would be absolutely wrong as it prevents user agents from denying them
for security reasons.
That's something else we resolved. All security related "requirements" are
going to be SHOULDs so you can ignore them if you have good reasons.
Please let me know if you find a place in the specification where this is
not the case.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
