IETF 86 - HTTPbis -22 Changes Overview

Julian Reschke, greenbytes

History

• -18: published January 2012
• -19: published March 2012 (before IETF 83)
• -20: published July 2012 (before IETF 84)
• -21: published October 2012 (before IETF 85)
• -22: published February 2013 (before IETF 86)

First Working Group Last Call for Parts 4, 5, 6, and 7 ended April 12, 2012

First Working Group Last Call for Parts 1 & 2 ended November 25, 2012

Second Working Group Last Call for Parts 4, 5, 6, and 7 ended November 25, 2012

Changes - General

Lots of rewrites/rearrangements in Parts 1 & 2, plus...:

Changes - P1

• Cite HTTPS URI scheme definition (Ticket 128)
• mention of "proxies" in section about caches (Ticket 389)
• use of ABNF terms from RFC 3986 (Ticket 390)
• editorial improvements to message length definition (Ticket 392)
• userinfo in absolute form of request target (Ticket 393)
• when can authority be empty or undefined? (Ticket 394)
• Connection header field MUST vs SHOULD (Ticket 395)
• editorial improvements to persistent connections section (Ticket 396)
• URI normalization vs empty path (Ticket 397)
• p1 feedback (Ticket 408)
• is parsing OBS-FOLD mandatory? (Ticket 409)
• HTTPS and Shared Caching (Ticket 410)
• Requirements for recipients of ws between start-line and first header field (Ticket 411)
• SP and HT when being tolerant (Ticket 412)
• Message Parsing Strictness (Ticket 414)
• "Render" (Ticket 415)
• Explicitly Hop-by-Hop (Ticket 416)
• Registering Connection Tokens (Ticket 417)
• No-Transform (Ticket 418)
• p2 editorial feedback (Ticket 419)
• Content-Length SHOULD be sent (Ticket 420)
• origin-form does not allow path starting with "//" (Ticket 431)
• ambiguity in part 1 example (Ticket 433)

Changes - P2

• ETag (and other metadata) in status messages (Ticket 22)
• Conditional GET text (Ticket 96)
• Clarify description of 405 (Not Allowed) (Ticket 146)
• Allowing heuristic caching for new status codes (Ticket 223)
• method semantics: retrieval/representation (Ticket 315)
• User confirmation for unsafe methods (Ticket 388)
• transferring URIs with userinfo in payload (Ticket 391)
• Tentative Status Codes (Ticket 404)
• No-Transform (Ticket 418)
• p2 editorial feedback (Ticket 419)
• Absence of Accept-Encoding (Ticket 424)
• p2 editorial feedback (Ticket 426)
• Accept-Language ordering for identical qvalues (Ticket 428)
• Review Cachability of Status Codes WRT "Negative Caching" (Ticket 432)
• mention in header field considerations that leading/trailing WS is lossy (Ticket 434)

Changes - P3

THERE IS NO PART 3!

Changes - P4

• Conditional GET text (Ticket 96)
• Optionality of Conditional Request Support (Ticket 350)
• Conditional Requests editorial suggestions (Ticket 366)
• unclear prose in definition of 304 (Ticket 384)
• ETags and Conneg (Ticket 401)
• Comparison function for If-Match and If-None-Match (Ticket 402)
• 304 without validator (Ticket 406)
• If-Match and 428 (Ticket 427)

Changes - P5

• Security consideration: range flooding (Ticket 175)
• Allowing heuristic caching for new status codes (Ticket 223)
• Add limitations to Range to reduce its use as a denial-of-service tool (Ticket 311)
• p5 feedback (Ticket 405)
• 416 and multipart/byteranges (Ticket 407)

Changes - P6

• Allowing heuristic caching for new status codes (Ticket 223)
• 304 without validator (Ticket 406)
• No-Transform (Ticket 418)
• definition public cache-control directive is incompatible with RFC2616 (Ticket 430)

Changes - P7

• Authentication and caching - max-age (Ticket 403)