On 2012-01-05 09:20, Anne van Kesteren wrote:
On Thu, 05 Jan 2012 05:55:10 +0100, Tobias Gondrom
<[email protected]> wrote:
as it seems there is disagreement on how to resolve this, with only
very few people having spoken out so far, I would like to invite
comments from other working group members on this topic to see whether
we might have missed something.
I don't really get what the advantage of allowing quoted string here is.
If we can use a simpler production, what is wrong with using that?
The advantages are:
- you can express values that you can't express with token syntax; if
future extensions need non-token characters they will need invent yet
another escaping syntax
- principle of least surprise and consistency - if quoted-string works
in other header fields with param syntax, why not here?
etc.
On the other hand, I haven't seen convincing arguments for not allowing
q-s. Yes, it adds to the complexity of the parser, but this has been
implemented many times before already.
Best regards, Julian
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
