On 2011-11-09 01:31, Tom Ritter wrote:
My notes:
I believe the BNF (pseudo-BNF?) is incorrect:
Public-Key-Pins = "Public-Key-Pins" ":" LWS directives
directives = max-age LWS ";" LWS fingerprints
/ fingerprints LWS ";" LWS max-age
max-age = "max-age" LWS "=" LWS delta-seconds
pins = "pins" LWS "=" LWS fingerprints
fingerprints = fingerprint
/ fingerprint "," fingerprints
fingerprint = fp-type "-" base64-digits
fp-type = "sha1"
/ "sha256"
I believe 'directives' should replace "fingerprints" with "pins":
directives = max-age LWS ";" LWS pins
/ pins LWS ";" LWS max-age
================
...
By all means *please* consider re-using the syntax of an existing header
field. In particular, please read
<http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p2-semantics-17.html#rfc.section.3.1>
So decide whether you want to allow multiple header fields (in which
case you should use the ABNF list notation used in 2616/HTTPbis), *or*
define the syntax so that a "," introduced by header field recombination
can be detected by recipients.
Best regards, Julian
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
