I replied to Julian's message on a W3C list. Julian, is there more discussion you'd like to have about these points? Adam On Thu, Aug 25, 2011 at 9:32 AM, Julian Reschke <julian.reschke@xxxxxx> wrote: > Below a few late comments.. > > 6. Serializing Origins > > - It really really seems that the two algorithms need to be swapped (the > first one converts to ASCII, but the second does not). > > - Also, I'd prefer a declarative definition. > > 7. The HTTP Origin header > > - header *field* > > - the syntax doesn't allow multiple header fields, and the prose says > clients MUST NOT generate them; what is the recipient supposed to do when it > get's multiple instances anyway? Is the default approach (ignoring them all) > good enough? Do we need to warn recipients so that they check? > > 11. References > > - the WEBSOCKETS reference should be updated (if a new draft is produced) > > Best regards, Julian > _______________________________________________ > websec mailing list > websec@xxxxxxxx > https://www.ietf.org/mailman/listinfo/websec > _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf