The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)
draft-ietf-httpbis-rfc7238bis-03
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2015-03-26
|
03 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
|
2015-03-23
|
03 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
|
2015-03-16
|
03 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
|
2015-03-02
|
03 | Suresh Krishnan | Request for Last Call review by GENART Completed: Ready. Reviewer: Suresh Krishnan. |
|
2015-02-11
|
03 | Amy Vezza | IESG state changed to RFC Ed Queue from Approved-announcement sent |
|
2015-02-10
|
03 | (System) | RFC Editor state changed to EDIT |
|
2015-02-10
|
03 | (System) | Announcement was received by RFC Editor |
|
2015-02-10
|
03 | (System) | IANA Action state changed to RFC-Ed-Ack from In Progress |
|
2015-02-09
|
03 | (System) | IANA Action state changed to In Progress |
|
2015-02-09
|
03 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
|
2015-02-09
|
03 | Amy Vezza | IESG has approved the document |
|
2015-02-09
|
03 | Amy Vezza | Closed "Approve" ballot |
|
2015-02-09
|
03 | Amy Vezza | Ballot approval text was generated |
|
2015-02-05
|
03 | Gunter Van de Velde | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Sarah Banks. |
|
2015-02-05
|
03 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Sandra Murphy. |
|
2015-02-05
|
03 | Cindy Morgan | IESG state changed to Approved-announcement to be sent from Waiting for AD Go-Ahead |
|
2015-02-05
|
03 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
|
2015-02-05
|
03 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
|
2015-02-05
|
03 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
|
2015-02-05
|
03 | Julian Reschke | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
|
2015-02-05
|
03 | Julian Reschke | New version available: draft-ietf-httpbis-rfc7238bis-03.txt |
|
2015-02-04
|
02 | Spencer Dawkins | [Ballot comment] Thanks for working through Ted's comments. I shared them. |
|
2015-02-04
|
02 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
|
2015-02-04
|
02 | Richard Barnes | [Ballot comment] "This specification contains no technical changes from the experimental RFC 7238, which it obsoletes." Then why are we wasting time with a … [Ballot comment] "This specification contains no technical changes from the experimental RFC 7238, which it obsoletes." Then why are we wasting time with a new document? |
|
2015-02-04
|
02 | Richard Barnes | [Ballot Position Update] New position, Abstain, has been recorded for Richard Barnes |
|
2015-02-04
|
02 | Kathleen Moriarty | [Ballot comment] Thanks for addressing my prior discuss with some text in the security considerations section to explain the following is possible without TLS: Couldn't … [Ballot comment] Thanks for addressing my prior discuss with some text in the security considerations section to explain the following is possible without TLS: Couldn't an attacker substitute the URI that the user gets permanently redirected to a malicious site or a competitor, etc.? The security considerations of RFC7231 are pretty thorough, but I didn't see mention of using TLS to prevent session interception for this type of attack or for the privacy protection section. |
|
2015-02-04
|
02 | Kathleen Moriarty | [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss |
|
2015-02-04
|
02 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
|
2015-02-03
|
02 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick |
|
2015-02-03
|
02 | Kathleen Moriarty | [Ballot discuss] I have a question on the security considerations, since the session isn't necessarily encrypted. Couldn't an attacker substitute the URI that the user … [Ballot discuss] I have a question on the security considerations, since the session isn't necessarily encrypted. Couldn't an attacker substitute the URI that the user gets permanently redirected to a malicious site or a competitor, etc.? The security considerations of RFC7231 are pretty thorough, but I didn't see mention of using TLS to prevent session interception for this type of attack or for the privacy protection section. If I missed something, please let me know where to look. Thank you. |
|
2015-02-03
|
02 | Kathleen Moriarty | [Ballot Position Update] New position, Discuss, has been recorded for Kathleen Moriarty |
|
2015-02-03
|
02 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
|
2015-02-03
|
02 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
|
2015-02-03
|
02 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
|
2015-02-03
|
02 | Ted Lemon | [Ballot comment] I found the text below a bit confusing: Note: This status code is similar to 301 (Moved Permanently) … [Ballot comment] I found the text below a bit confusing: Note: This status code is similar to 301 (Moved Permanently) ([RFC7231], Section 6.4.2), except that it does not allow changing the request method from POST to GET. The issue is that if you permanently cache this redirect, then there is no request, and hence no request method to change. I think that what you mean is that if the request that produced the 308 result was a POST, then the redirect is only valid for future POSTs, and if it was a GET, it's only valid for future GETs. I'm fairly confident this is what you intended to say, and the text as is could be read that way, but it might be better expressed this way: Note: This status code is similar to 301 (Moved Permanently) ([RFC7231], Section 6.4.2), except that it applies only to future requests with the same method. For example, if the 308 status code is received in response to a request with a method of GET, then the redirect only applies to future requests that also have a method of GET. This also possibly addresses my other probably naive question, which is whether this applies to request methods other than GET and POST. |
|
2015-02-03
|
02 | Ted Lemon | Ballot comment text updated for Ted Lemon |
|
2015-02-03
|
02 | Ted Lemon | [Ballot comment] I found the text below a bit confusing: Note: This status code is similar to 301 (Moved Permanently) … [Ballot comment] I found the text below a bit confusing: Note: This status code is similar to 301 (Moved Permanently) ([RFC7231], Section 6.4.2), except that it does not allow changing the request method from POST to GET. The issue is that if you permanently cache this redirect, then there is no request, and hence no request method to change. I think that what you mean is that if the request that produced the 308 result was a POST, then the redirect is only valid for future POSTs, and if it was a GET, it's only valid for future GETs. I'm fairly confident this is what you intended to say, and the text as is could be read that way, but it might be better expressed this way: Note: This status code is similar to 301 (Moved Permanently) ([RFC7231], Section 6.4.2), except that it applies only to future requests with the same method. For example, if the 308 status code is received in response to a request with a method of GET, then the redirect only applies to future requests that also have a method of GET. This also possibly addresses my other probably naive question, which is whether this applies to request methods other than GET and POST. |
|
2015-02-03
|
02 | Ted Lemon | [Ballot Position Update] New position, No Objection, has been recorded for Ted Lemon |
|
2015-02-02
|
02 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
|
2015-01-29
|
02 | Adrian Farrel | [Ballot Position Update] New position, Yes, has been recorded for Adrian Farrel |
|
2015-01-28
|
02 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
|
2015-01-26
|
02 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
|
2015-01-26
|
02 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-httpbis-rfc7238bis-02. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-httpbis-rfc7238bis-02. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as possible. We received the following comments/questions from the IANA's reviewer: IANA understands that, upon approval of this document, there is a single action which IANA must complete. In the HTTP Status Codes registry located at: http://www.iana.org/assignments/http-status-codes/ IANA will update the reference for the existing registration 308 as follows: OLD: 308 Permanent Redirect [RFC7238] NEW: 308 Permanent Redirect [ RFC-to-be ] IANA understands that this is the only action that needs to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Please note that IANA cannot reserve specific values. However, early allocation is available for some types of registrations. For more information, please see RFC 7120. |
|
2015-01-26
|
02 | Barry Leiba | Changed consensus to Yes from Unknown |
|
2015-01-26
|
02 | Barry Leiba | Ballot has been issued |
|
2015-01-26
|
02 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
|
2015-01-26
|
02 | Barry Leiba | Created "Approve" ballot |
|
2015-01-20
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Sarah Banks |
|
2015-01-20
|
02 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Sarah Banks |
|
2015-01-15
|
02 | Jean Mahoney | Request for Last Call review by GENART is assigned to Suresh Krishnan |
|
2015-01-15
|
02 | Jean Mahoney | Request for Last Call review by GENART is assigned to Suresh Krishnan |
|
2015-01-15
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Sandra Murphy |
|
2015-01-15
|
02 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Sandra Murphy |
|
2015-01-14
|
02 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
|
2015-01-14
|
02 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (The Hypertext Transfer Protocol Status … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)) to Proposed Standard The IESG has received a request from the Hypertext Transfer Protocol WG (httpbis) to consider the following document: - 'The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)' as Proposed Standard This changes the status of RFC 7238 to Proposed Standard, from Experimental. We initially handled this with a status-change document, but needed to abandon that when a minor change came up in Section 4. The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-01-28. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies the additional Hypertext Transfer Protocol (HTTP) status code 308 (Permanent Redirect). The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc7238bis/ When IESG discussion begins, it can be tracked via http://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc7238bis/ballot/ No IPR declarations have been submitted directly on this I-D. |
|
2015-01-14
|
02 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
|
2015-01-14
|
02 | Barry Leiba | Notification list changed to httpbis-chairs@tools.ietf.org, draft-ietf-httpbis-rfc7238bis@tools.ietf.org, ietf-http-wg@w3.org from httpbis-chairs@tools.ietf.org, draft-ietf-httpbis-rfc7238bis@tools.ietf.org |
|
2015-01-14
|
02 | Barry Leiba | Placed on agenda for telechat - 2015-02-05 |
|
2015-01-14
|
02 | Barry Leiba | Last call was requested |
|
2015-01-14
|
02 | Barry Leiba | Ballot approval text was generated |
|
2015-01-14
|
02 | Barry Leiba | IESG state changed to Last Call Requested from AD Evaluation::External Party |
|
2015-01-14
|
02 | Barry Leiba | Last call announcement was changed |
|
2015-01-14
|
02 | Barry Leiba | Last call announcement was generated |
|
2015-01-14
|
02 | Barry Leiba | Ballot writeup was changed |
|
2015-01-14
|
02 | Barry Leiba | 1. Summary Mark Nottingham is document shepherd and Working Group Chair. Barry Leiba is the responsible Area Director. This document specifies the additional Hypertext Transfer … 1. Summary Mark Nottingham is document shepherd and Working Group Chair. Barry Leiba is the responsible Area Director. This document specifies the additional Hypertext Transfer Protocol (HTTP) status code 308 (Permanent Redirect). It is a republication of RFC7238 with no technical changes, to update the status from Experimental to Proposed Standard, since there has been good deployment experience with the status code. 2. Review and Consensus At IETF 90, Julian Reschke made a presentation about the state of the current HTTP RFCs, including 7238: http://httpwg.github.io/wg-materials/ietf90/ietf-90-httpbis-progressing.pdf There, he demonstrated that support for the 308 status code was good in deployed implementations: http://greenbytes.de/tech/tc/httpredirects/#l-308 ... and suggested that this being the case, we update the status of the document from Experimental to Proposed Standard. Broad support for doing so was expressed at the meeting, and confirmed on-list. 3. Intellectual Property Julian confirms that he has no direct, personal knowledge of IPR related to this document. No other disclosures regarding this document have been made. 4. Other Points This document has no downward references, and the IANA Considerations seem appropriate. Since this is a direct copy of RC7238, additional review did not seem necessary. We initially tried to handle this with a status-change document, but that had to be abandoned when we decided on a minor change in Section 4. |
|
2015-01-14
|
02 | Barry Leiba | Ballot writeup was generated |
|
2015-01-14
|
02 | Julian Reschke | New version available: draft-ietf-httpbis-rfc7238bis-02.txt |
|
2014-10-07
|
01 | Barry Leiba | IESG state changed to AD Evaluation::External Party from AD Evaluation |
|
2014-10-07
|
01 | Barry Leiba | IESG state changed to AD Evaluation from Publication Requested |
|
2014-10-06
|
01 | Mark Nottingham | 1. Summary Mark Nottingham is document shepherd and Working Group Chair. Barry Leiba is the responsible Area Director. This document specifies the additional Hypertext Transfer … 1. Summary Mark Nottingham is document shepherd and Working Group Chair. Barry Leiba is the responsible Area Director. This document specifies the additional Hypertext Transfer Protocol (HTTP) status code 308 (Permanent Redirect). It is a republication of RFC7238 with no technical changes, to update the status from Experimental to Proposed Standard, since there has been good deployment experience with the status code. 2. Review and Consensus At IETF 90, Julian Reschke made a presentation about the state of the current HTTP RFCs, including 7238: http://httpwg.github.io/wg-materials/ietf90/ietf-90-httpbis-progressing.pdf There, he demonstrated that support for the 308 status code was good in deployed implementations: http://greenbytes.de/tech/tc/httpredirects/#l-308 ... and suggested that this being the case, we update the status of the document from Experimental to Proposed Standard. Broad support for doing so was expressed at the meeting, and confirmed on-list. 3. Intellectual Property Julian confirms that he has no direct, personal knowledge of IPR related to this document. No other disclosures regarding this document have been made. 4. Other Points This document has no downward references, and the IANA Considerations seem appropriate. Since this is a direct copy of RC7238, additional review did not seem necessary. It might be useful to mention the document's relationship to RFC7238 in the abstract. |
|
2014-10-06
|
01 | Mark Nottingham | State Change Notice email list changed to httpbis-chairs@tools.ietf.org, draft-ietf-httpbis-rfc7238bis@tools.ietf.org |
|
2014-10-06
|
01 | Mark Nottingham | Responsible AD changed to Barry Leiba |
|
2014-10-06
|
01 | Mark Nottingham | IETF WG state changed to Submitted to IESG for Publication from WG Document |
|
2014-10-06
|
01 | Mark Nottingham | IESG state changed to Publication Requested |
|
2014-10-06
|
01 | Mark Nottingham | IESG process started in state Publication Requested |
|
2014-10-06
|
01 | Mark Nottingham | Intended Status changed to Proposed Standard from None |
|
2014-10-06
|
01 | Mark Nottingham | Changed document writeup |
|
2014-10-06
|
01 | Mark Nottingham | Changed document writeup |
|
2014-10-06
|
01 | Mark Nottingham | Document shepherd changed to Mark Nottingham |
|
2014-09-15
|
01 | Julian Reschke | New version available: draft-ietf-httpbis-rfc7238bis-01.txt |
|
2014-08-20
|
00 | Julian Reschke | New version available: draft-ietf-httpbis-rfc7238bis-00.txt |