The new paragraph added to 11.3.5 Sec-WebSocket-Version (page 65, line 32) contains text cut-and-pasted from Sec-WebSocket-Protocol, but missed updating the header name after the first one:
The |Sec-WebSocket-Version| header field MAY appear multiple times in
an HTTP response (which is logically the same as a single |Sec-
WebSocket-Protocol| header field that contains all values. However
the |Sec-WebSocket-Protocol| header field MUST NOT appear more than
once in an HTTP request.
-----Original Message-----
From: hybi-bounces@ietf.org [mailto:hybi-bounces@ietf.org] On Behalf Of Alexey Melnikov
Sent: Thursday, September 08, 2011 3:28 PM
To: internet-drafts@ietf.org
Cc: hybi@ietf.org; i-d-announce@ietf.org
Subject: Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-14.txt
internet-drafts@ietf.org wrote:
>A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the BiDirectional or Server-Initiated HTTP Working Group of the IETF.
>
> Title : The WebSocket protocol
> Author(s) : Ian Fette
> Alexey Melnikov
> Filename : draft-ietf-hybi-thewebsocketprotocol-14.txt
> Pages : 77
> Date : 2011-09-08
>
>
The list of changes in this version is as follows:
Addressed multiple DISCUSS issues from IESG:
Text based on a note from Roy Fielding about use of port 80/443.
Clarified that header fields are case-insensitive (Stephen).
Fixed a wrong version number in one place (multiple people).
Clarified what is meant by "If the server supports encryption" (Stephen).
base64 data can be empty. (Pete)
Clarified how multiple versions of WebSocket can be supported. (Stephen)
Clarified that frame payload lenght must use minimal encoding. (Stephen)
Allow frame-rsv* to be 1 in the ABNF (if negotiated via extensions). (Sean)
Clarified that multiplexing is not defined in this document.
Various clarifications about Pings (data is allowed, etc.)
Additional security consideration about cache poisoning when masking is
not used. (Russ/GenArt).
Expanded text about denial of service from receiving big frames or long
sequences of small frames. (Russ/GenArt).
MUST support TLS. Better cipher recommendations. (Stephen)
Clarified that no security properties are expected from SHA-1.
Additionally:
Allow to use quoted-string in extension-param (still restricted to ASCII).
Extended meaning of 1007 close status code (as per WG consensus).
Addressed some Comments from Pete Resnick (avoid use of "conformance"),
Robert Sparks and Wesley.
Reduced version of the text about history of masking.
Clarified that masking key is randomly generated in each frame.
Clarified that some header fields can appear multiple times. (per WG
discussion)
Fixed several typos.
Please note that this version doesn't address all DISCUSS comments
(blocking comments) from IESG and I also have a list of some other
remaining changes (both non blocking comments from IESG and some
comments from the WG.) So there would be a version -15 to address these.
_______________________________________________
hybi mailing list
hybi@ietf.org
https://www.ietf.org/mailman/listinfo/hybi
---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
