Skip to main content

Last Call Review of draft-ietf-httpbis-bcp56bis-12

Request Review of draft-ietf-httpbis-bcp56bis
Requested revision No specific revision (document currently at 15)
Type Last Call Review
Team Transport Area Review Team (tsvart)
Deadline 2021-07-23
Requested 2021-07-09
Authors Mark Nottingham
I-D last updated 2021-07-13
Completed reviews Tsvart Last Call review of -12 by David L. Black (diff)
Genart Last Call review of -13 by David Schinazi (diff)
Secdir Last Call review of -12 by Joseph A. Salowey (diff)
Secdir Telechat review of -14 by Joseph A. Salowey (diff)
Assignment Reviewer David L. Black
State Completed
Request Last Call review on draft-ietf-httpbis-bcp56bis by Transport Area Review Team Assigned
Posted at
Reviewed revision 12 (document currently at 15)
Result Ready w/issues
Completed 2021-07-13
This document has been reviewed as part of the transport area review team's
ongoing effort to review key IETF documents. These comments were written
primarily for the transport area directors, but are copied to the document's
authors and WG to allow them to address any issues raised and also to the IETF
discussion list for information.

When done at the time of IETF Last Call, the authors should consider this
review as part of the last-call comments they receive. Please always CC if you reply to or forward this review.

This draft provides guidance on application use of HTTP - it is a complete
replacement of RFC 3205, reflecting considerable changes to HTTP and the
associated ecosystem over the nearly 2 decades since publication of RFC 3205.
The draft is clear and well-written - the one Issue that I found is a relatively
minor one concerning a reference.

Most of the material in this draft is about application-level use of HTTP.
The one core transport topic, transport ports, is covered in Section 4.4.3,
which is a fine example of how to deal with transport ports.  That section
contains a mercifully short discussion that includes the specific ports used
by HTTP (tcp/80 and tcp/443) complemented by a reference to RFC 7605 for
further guidance.  I tip my virtual hat in the author's direction for arranging
for that section to be numbered 4.4.3 ;-).

I did notice one non-Transport ISSUE of potential concern - Section 4.3 on
Specifying Client Behavior leads off with these two paragraphs:

   An application's expectations for client behaviour ought to be
   closely aligned with those of Web browsers, to avoid interoperability
   issues when they are used.

   One way to do this is to define it in terms of [FETCH], since that is
   the abstraction that browsers use for HTTP.

Based on this text, I was surprised to see that not only is [FETCH] an
informative reference, but that it is also a reference to a non-archival source
(WHATWG, "Fetch - Living Standard").   Given the prominent use of that
citation, I'd think that the reference ought to be a normative reference to an
archival document, perhaps complemented with advice on where to find
updated versions of that document.