On Tue, Sep 20, 2011 at 1:30 PM, SM <s...@resistor.net> wrote: > Under Status of this Memo: > > This Internet-Draft is submitted in full conformance with the > provisions of BCP 78 and BCP 79. > > Section 10 of RFC 2026 has been updated by newer RFCs. > > The Copyright Notice should be according to the IETF Trust legal provisions. > This can be generated automatically ( see > www.rfc-editor.org/rfc-editor/intro_xml2rfc.pdf ).
I didn't write that text, it was auto-generated by the xml2rfc tool itself. If that tool does the wrong thing, we should poke its maintainer... > In terms of style, the requirement (SHOULD) should not be directed to the > reader. You could rewrite that as: > > The certificate SHOULD be revoked by whatever means Ok. > "CDNs MAY, and SHOULD, also use certificate pinning independently of > any of their customers." > > There is always some long discussion in the IETF about RFC 2119. To keep it > simple, don't say MAY and SHOULD do X. The MAY is not needed in this case. Done. > As you are defining a new HTTP header field, add an IANA Considerations > section for it to be registered. You can deal with that as the work on the > I-D progresses. Well, it's an extension to the HSTS header field, not a whole new field. _______________________________________________ websec mailing list websec@ietf.org https://www.ietf.org/mailman/listinfo/websec
