One thought:
The https section should specify a recomendation of what the web site
should return when it sees a POST, and what if anything the generator
should do if the web site replies that the report is not to spec. Ie,
bad syntax or bad contents or the like.
It probably should be json and could be as simple as {true} or {false}.
Any uri which just accepts reports w/o trying to verify would then be
expected to give the ok reply.
OTOH, if the reporters SHOULDN'T care at all about whether the uri
accepted its report, and should just drop the socket as soon as the
packets are ACKed, then the document should specify that.
-JimC
--
James Cloos <[email protected]> OpenPGP: 0x997A9F17ED7DAEA6
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
