> On Wed, Nov 9, 2011 at 1:45 PM, Julian Reschke <[email protected]> > wrote: > > >> Could anyone propose exact ABNF grammar that is acceptable given the > >> above constraints? Currently, I have it as: > >> ... > > > > I made a proposal; is there something specific you didn't like? > > Your proposal is fine â thank you! It's just that I am almost > certainly going to write the ABNF wrong, and then we'll have a whole > long thread about that. :)
While revisiting the ABNF, should "fp-type" be made into 'token' instead of an explicit list ( "sha1" / "sha256" )? Rather than dealing with the minimal set of "must-implements" in the grammar, define it in the text for processing rules. This is similar to the conversation that happened for the STS grammar rules. I'm just wondering how legacy parsers would be expected to handle future versions with say, SHA-3. Defining it as a token would at least allow it to be syntactically valid and parsed, even if fingerprints of that type are not understood/supported. _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
