Ah,
I think there is misunderstanding here. It's normal to discuss an erratum
in many WGs with no procedural aim. I certainly am not trying to get
something pushed through in this case. I do think it is a bug, but very
much agree that it will require a consensus process.
I also think this
Again 'hold for update' is the only logical choice. We aren't fixing vague
language with an errata. When this RFC comes up for update, I hope you
will participate.
Deb
On Mon, Jan 15, 2024 at 7:41 AM Rob Sayre wrote:
> On Mon, Jan 15, 2024 at 3:42 AM Deb Cooley wrote:
>
>> Items being
https://dl.acm.org/doi/10.1145/2736277.2741089
Think this is the attack rfc mentions
Anyway as we can't use certificate for trust for https in validation context
https does no better job than http
On 2024년 1월 15일 오후 9시 41분 41초 GMT+09:00, Rob Sayre 작성함:
>On Mon, Jan 15, 2024 at 3:42 AM Deb
On Mon, Jan 15, 2024 at 3:42 AM Deb Cooley wrote:
> Items being brought up for discussion need to have specific and concrete
> examples within scope.
>
I think the issue is that the spec is not specific or concrete:
"Because many web servers
allocate a default HTTPS virtual host to a
Given the discussion and lack of consensus it is clear to me that 'hold for
update' is the right call for this errata.
In addition, we need to keep our discussions polite on this list, there
will be no bullying here. Items being brought up for discussion need to
have specific and concrete
