The following errata report has been submitted for RFC7469, "Public Key Pinning Extension for HTTP".
-------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata/eid5377 -------------------------------------- Type: Technical Reported by: Julian Reschke <[email protected]> Section: 2.3.4 Original Text ------------- 2.3.4. HTTP-Equiv <Meta> Element Attribute UAs MUST NOT heed http-equiv="Public-Key-Pins" or http-equiv="Public-Key-Pins-Report-Only" attribute settings on <meta> elements [W3C.REC-html401-19991224] in received content. Corrected Text -------------- (remove the section) Notes ----- The spec attempts to make a normative requirement on HTML consumers. It can't do that; that's the role of the HTML spec. In addition to that, this is already covered by what recent HTML specs say about http-equiv extensibility. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7469 (draft-ietf-websec-key-pinning-21) -------------------------------------- Title : Public Key Pinning Extension for HTTP Publication Date : April 2015 Author(s) : C. Evans, C. Palmer, R. Sleevi Category : PROPOSED STANDARD Source : Web Security Area : Applications Stream : IETF Verifying Party : IESG _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
