Note: This ballot was opened for revision 13 and is now closed.
Summary: Needs 3 more YES or NO OBJECTION positions to pass.
Additional directives extending the semantic functionality of the STS
header field can be defined in other specifications, with a registry
(having an IANA policy definition of IETF Review [RFC5226]) defined
for them at such time.
Is IETF Review really necessary? Seems to me "Specification Required" is more
than sufficient, and I would not be completely averse to "First Come First
15: Why not set up the directives registry now?
This is a very well written document. Thanks!
Only comment I have is that 6.1 says that directives are
optional or required according to their definitions. Is it actually
possible to define a new required directive without breaking
interop with this spec? If not then I think saying that would
Thanks for addressing all of my comments.
I was going to say "Well written indeed" and leave it at that but I thought s14
In s11.2: Maybe make this a SHOULD:
Additionally, server implementers should consider employing a default
max-age value of zero in their deployment configuration systems.
Additionally, it is RECOMMENDED that server implementers employ
a default max-age value of zero in their deployment configuration