Re: Another try at OPTIONS

Josh Cohen (josh@netscape.com)
Wed, 23 Jul 1997 19:20:48 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeffrey Mogul: "Re: Another try at OPTIONS"
Previous message: Joel N. Weber II: "Re: can't really be LAST CALL, "HTTP State Management Mechanism (Rev1) " to Propo"
Maybe in reply to: Jeffrey Mogul: "Another try at OPTIONS"
Next in thread: Jeffrey Mogul: "Re: Another try at OPTIONS"
Reply: Jeffrey Mogul: "Re: Another try at OPTIONS"

This is a cryptographically signed message in MIME format.

--------------ms74E3913673AD287DB1B697C7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Scott Lawrence wrote:
> 
> >>>>> "Henry Sanders (Exchange)" <henrysa@EXCHANGE.MICROSOFT.com>:
> 
> HS> This proposal sounds good, except for the bit about having a
> HS> Compliance:  header on any request. I really dislike that part -
> HS> it's just one more thing for the server to have to check for and
> HS> deal with on every request. What's the rationale behind that? I'd
> HS> much prefer to see it specifed as only applicable to OPTIONS.
> 
>   For the time being (that is, the next version of HTTP/1.1) I think
>   that introducing Compliance (and possibly Non-Compliance) as a
>   header to be used with OPTIONS is sufficient.  If we do not define
>   any behaviour for it with other methods, future versions of HTTP can
>   attempt to do so based on experience with the many new aspects we
>   are defining.
> 
I agree, it opens too many cans of worms.  As a clarification to scott's
previous remark about Jeff's changes to my OPTIONS spec, I agreee with 
those changes, to make the OPTIONS use a header instead of the request
body.

By using the header, we have made it possible for this issue to
come up, using the compliance with a non options request.

The original motivation I had to write the OPTIONS clarification/spec
was to allow a simple, required mechanism to detect extensions in
HTTP/1.1
which would be in the spec.  I specifically avoided making it very 
complicated to avoid the difficulties that PEP has faced.
PEP is very flexible and powerful, and I beleive, a "good thing".
However that complexity is something that has kept it from 
being included in HTTP/1.1. So, rather than rush PEP or cobble
together a subset of it, it seems that a baseline OPTIONS is
needed in the protocol, as a MUST.

Sine PEP can do what the compliance header w/ non options method can
do, I beleive we should leave that alone, and not define 
compliance: header behavior with non OPTIONS messages.

Additionally, excluding the goals of PEP, the reasons I can think
of for using compliance: with a non OPTIONS method can be addressed
by existing headers such as upgrade:...


-- 
-----------------------------------------------------------------------------
Josh Cohen				      Netscape Communications Corp.
Netscape Fire Department	           	     #include<disclaimer.h>
Server Engineering
josh@netscape.com                         
http://people.netscape.com/josh/
-----------------------------------------------------------------------------
--------------ms74E3913673AD287DB1B697C7
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIIGvwYJKoZIhvcNAQcCoIIGsDCCBqwCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
BSYwggJlMIIBzqADAgECAgIEtTANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzEsMCoG
A1UEChMjTmV0c2NhcGUgQ29tbXVuaWNhdGlvbnMgQ29ycG9yYXRpb24xHDAaBgNVBAsTE0lu
Zm9ybWF0aW9uIFN5c3RlbXMxHDAaBgNVBAMTE3Jvb3RjYS5uZXRzY2FwZS5jb20wHhcNOTcw
NjE4MDMzNDM0WhcNOTcxMjE1MDMzNDM0WjCBhDELMAkGA1UEBhMCVVMxJjAkBgNVBAoTHU5l
dHNjYXBlIENvbW11bmljYXRpb25zIENvcnAuMRUwEwYDVQQDEwxKb3NoIFIgQ29oZW4xIDAe
BgkqhkiG9w0BCQEWEWpvc2hAbmV0c2NhcGUuY29tMRQwEgYKCZImiZPyLGQBARMEam9zaDBc
MA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDOhb62VH0eutOs2TOSlez9LDZ/Npc7WOR0A/noE6GI
sVnEiwsa3smYNsXPNdMOrTV/IeLhIh2WMlog8lAxDGidAgMBAAGjNjA0MBEGCWCGSAGG+EIB
AQQEAwIAoDAfBgNVHSMEGDAWgBT84FToB/GV3jr3mcau+hUMbsQukjANBgkqhkiG9w0BAQQF
AAOBgQCD8SxLEPSi8sO9sY3dUNOvFhrZe1IzQ/mPDWFKlMz8VnN+jyPXaL7rfmIhpAz2Q58W
tyU7x5qxw/pTbna9bYL+C/SWyXY6bKSvowl0adPrA0jxSkx1EmSwmpXSgSiotcSZhfWtmcBh
lw/xn5ImodY7lrgybtG3RV6sZAWjsODEVDCCArkwggIioAMCAQICAQEwDQYJKoZIhvcNAQEE
BQAwdzELMAkGA1UEBhMCVVMxLDAqBgNVBAoTI05ldHNjYXBlIENvbW11bmljYXRpb25zIENv
cnBvcmF0aW9uMRwwGgYDVQQLExNJbmZvcm1hdGlvbiBTeXN0ZW1zMRwwGgYDVQQDExNyb290
Y2EubmV0c2NhcGUuY29tMB4XDTk3MDMyNjAxNDQzOFoXDTk5MDMyNjAxNDQzOFowdzELMAkG
A1UEBhMCVVMxLDAqBgNVBAoTI05ldHNjYXBlIENvbW11bmljYXRpb25zIENvcnBvcmF0aW9u
MRwwGgYDVQQLExNJbmZvcm1hdGlvbiBTeXN0ZW1zMRwwGgYDVQQDExNyb290Y2EubmV0c2Nh
cGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBqj7+LT+lh8NH3/vabdgYoEU9
+cebQ84ntFoTnBF9v9LyiF7Hv7KLebqn5SgLQKaOmTFVxfjOlgZeIoR2vwEiYsOpmSe7CGgR
FMcKftyyh/jH4CQwAbwtloXnGcMuoZN3LDQYL/vfokiz56CvegPki4x1pC2TIIwgOVSnRbpA
ZQIDAQABo1UwUzARBglghkgBhvhCAQEEBAMCAAQwHQYDVR0OBBYEFPzgVOgH8ZXeOveZxq76
FQxuxC6SMB8GA1UdIwQYMBaAFPzgVOgH8ZXeOveZxq76FQxuxC6SMA0GCSqGSIb3DQEBBAUA
A4GBAFn32xtcegbE5sWYYYQYzvoGSyCxJMr8WX4/GPHkvqwQ2UrSaY9u/JHK9QQcCq65+so5
7E0AGaZnlMzlQFtZhCSS8AEsGeQLLzsc9g8bhUXsw5fx4LpAy91XcYngi0lwSR/dtss0b2/P
LyHkU9EZZo9nYvDd7h1IKvBHe4N0h3nIMYIBYTCCAV0CAQEwfTB3MQswCQYDVQQGEwJVUzEs
MCoGA1UEChMjTmV0c2NhcGUgQ29tbXVuaWNhdGlvbnMgQ29ycG9yYXRpb24xHDAaBgNVBAsT
E0luZm9ybWF0aW9uIFN5c3RlbXMxHDAaBgNVBAMTE3Jvb3RjYS5uZXRzY2FwZS5jb20CAgS1
MAkGBSsOAwIaBQCgfTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP
Fw05NzA3MjQwMjIwNDhaMB4GCSqGSIb3DQEJDzERMA8wDQYIKoZIhvcNAwICASgwIwYJKoZI
hvcNAQkEMRYEFFvLtd1Xw2efbPDZ1JcL3t9a8aQSMA0GCSqGSIb3DQEBAQUABEAxUullOkgu
18tJVJAHZnDBozvTTp5YUnOl4FY/4dEZcjTt1N/EAN+DHOpWt3eia/LLYkcyj8VzfNGQsflC
tZ7f
--------------ms74E3913673AD287DB1B697C7--

Next message: Jeffrey Mogul: "Re: Another try at OPTIONS"
Previous message: Joel N. Weber II: "Re: can't really be LAST CALL, "HTTP State Management Mechanism (Rev1) " to Propo"
Maybe in reply to: Jeffrey Mogul: "Another try at OPTIONS"
Next in thread: Jeffrey Mogul: "Re: Another try at OPTIONS"
Reply: Jeffrey Mogul: "Re: Another try at OPTIONS"