Roger Price <ro...@rogerprice.org> writes: > I received the following comment from the Independent Submissions Editor > (ISE): > > The command VER is hazardous because it encourages exploiting of > implementation peculiarities that are not well documented in a > protocol. The best example of such a failure is the browser version > field in HTTP. A complete disaster. You should warn against use of > this command, or even better, deprecate it. > > I was not aware of the disaster in the browser version field, but I > will warn against use of VER, and deprecate it, if you agree.
I am quite aware of it, but I haven't seen it called out like this. The basic issue is that we now have a culture of web servers serving N different versions of pages based on the User-Agent field, instead of coding to standards and expecting clients to meet standards. "Disaster" might be a slightly strong word, but it isn't at all confused. So a good question is whether it's necessary. Perhaps it's just a management plane concept, but for SMTP the two sides don't specify their software or protocol versions. In general, a fair question is "What if we deleted this? If we wouldn't have trouble, why are we keeping it?"
signature.asc
Description: PGP signature
_______________________________________________ Nut-upsuser mailing list Nut-upsuser@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser
