Alexey replied:
>
> On 27/08/2012 21:18, Tobias Gondrom wrote:
>> Hello dear websec fellows,
>>
>> <hat="WG chair">
>> we have so far only very few comments regarding this. If you feel
>> strongly either way, please say so ASAP, within the next 5 days (until
>> Sep-1), otherwise we will have to go with the few comments we received
>> to judge consensus based on them.
>
> <hat type="participant">
>
> I don't have strong feelings either way. I don't believe we have many
> (if any at all) standardized extensions anyway.
yes, we don't have any imagined extensions on the table at this time. But given
how we defined the ABNF, it's inherently extensible.
> If people believe that there would be extensions,
I don't imagine any extensions at this time (as I've said before in this
thread), however..
Ben Campbell's suggestion to select an IANA registry policy now is procedurally
driven -- i.e., without specifying it now, someone could down the road create an
independent-submission-stream I-D that extends the STS header, creates an IANA
registry with a policy of their choice, and many of us might never notice
> I have a slight
> preference for picking an IANA policy now. Probably IETF review.
agreed. I have already have the requisite language in -12..
Additional directives extending the semantic functionality of the STS
header field can be defined in other specifications, with a registry
(having an IANA policy definition of FOO [RFC5226]) defined for them
at such time.
..I just need to stick "IETF Review" in for FOO.
ok?
thanks,
=JeffH
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
