> From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED]] > > At 06:08 PM 5/3/2002, Ian Holsman wrote: > > >Cliff Woolley wrote: > >>On Fri, 3 May 2002, Rasmus Lerdorf wrote: > >> > >>Possibly. I guess I draw the line by saying that it's okay to announce > >>version numbers, but configuration parameters are out. I don't have so > >>much of a problem with third-party modules announcing themselves. > >>mod_ssl and OpenSSL I find questionable at this point, however. <shrug> > > > >On this note > >what do people think in making the 'default' install only show the major > >version (ie.. Apache 2.0) instead of showing everything? > > -0 here too... the problem is that a proxy engine, knowing of a specific > bug with > Apache 2.0.41 and prior could compensate for that shortcoming. Having no > version information means the proxy or other client may be unable to > accommodate > that discrepancy with the HTTP specification.
How prevalent is that in reality? I mean we allow anybody to bring what we report down to just major version number, so we really can't expect proxy servers to use what we report to circumvent problems, can we? Ryan
