Yaron Sheffer writes: > Resending. There may be value in other URL methods, just maybe, but > OTOH they would confuse developers and add security issues.
I still reiterate that I do not think we can add "MUST NOT" for other URL methods, as that would be change that can make existing implementations non-conforming (if they happen to send some other url methods). We have been in other cases careful not to make changes that could make currently conforming implementations non-conforming, so I think this should be similar case. Btw, our implementation only sends http urls for now. > To improve interoperability, allow only the "http" URL method. The > current text (end of sec. 3.6) implies that any method is allowed, > although HTTP MUST be supported. I still think the current text mandating one method (MUST for http) provides good enough interoperability. I do not see nede to change this. See my previous comment about this: http://www.ietf.org/mail-archive/web/ipsec/current/msg04987.html -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
