Thursday, 5 December 2019
It’s become common for Web sites – particularly those that host third-party or user-generated content – to make a “safe” mode available, where content that might be objectionable is hidden. For example, a parent who wants to steer their child away from the rougher corners of the Internet might go to their search engine and put it in “safe” mode.
Tuesday, 31 July 2018
For better or worse, Requests for Comments (RFCs) are how we specify many protocols on the Internet. These documents are alternatively treated as holy texts by developers who parse them for hidden meanings, then shunned as irrelevant because they can’t be understood. This often leads to frustration and – more significantly – interoperability and security issues.
Thursday, 11 May 2017
There’s more than a little confusion and angst out there about HTTP status codes. I’ve received
more than a few e-mails (and IMs, and DMs) over the years from stressed-out developers (once at
2am, their time!) asking something like this:
Wednesday, 9 March 2016
The IESG has approved “HTTP Alternative Services” for publication as a Proposed Standard.
Friday, 18 December 2015
Today, the IESG approved publication of “An HTTP Status Code to Report Legal Obstacles”. It’ll be an RFC after some work by the RFC Editor and a few more process bits, but effectively you can start using it now.
Wednesday, 25 March 2015
Yesterday at IETF92 in Dallas, we had a “Bar BoF” (i.e., informal meeting) about improving the behaviour and handling of Captive Portals — those login pages that you have to click through to get onto networks in hotels, airports, and many other places.
Wednesday, 18 February 2015
The IESG has formally approved the HTTP/2 and HPACK specifications, and they’re on their way to the RFC Editor, where they’ll soon be assigned RFC numbers, go through some editorial processes, and be published.
Saturday, 27 December 2014
A few months ago I went to the Internet Governance Forum, looking to understand more about the IGF and its attendees. One of the things I learned there was a different definition of “intermediary” — one that I think the standards community should pay close attention to.
Saturday, 7 June 2014
Don’t use RFC2616. Delete it from your hard drives, bookmarks, and burn (or responsibly recycle) any copies that are printed out.
Monday, 17 March 2014
The IETF now considers “pervasive monitoring” to be an attack. As Snowden points out, one of the more effective ways to combat it is to use encryption everywhere you can, and “opportunistic encryption” keeps on coming up as one way to help that.
Thursday, 30 January 2014
HTTP/2 is getting close to being real, with lots of discussions and more implementations popping up every week. What does a new version of the Web’s protocol mean for you? Here are some early answers:
Saturday, 4 January 2014
Recently, one of the hottest topics in the Internet protocol community has been whether the newest version of the Web’s protocol, HTTP/2, will require, encourage or indeed say anything about the use of encryption in response to the pervasive monitoring attacks revealed to the world by Edward Snowden.
Wednesday, 15 May 2013
A common part of HTTP-based APIs is telling the client that something has gone wrong. Most APIs do this in some fashion, whether they call it a “Fault” (very SOAP-y), “Error” or whatever.
Saturday, 4 August 2012
The HTTPBIS Working Group is in a transitional phase; we’re rapidly finishing our revision of the HTTP/1.1 specification and just getting steam up on our next target, HTTP/2.0.
Saturday, 31 March 2012
We had two great meetings of the HTTPbis Working Group in Paris this week — one to start wrapping up our work on HTTP/1.1, and another to launch some exciting new work on HTTP/2.0.
Wednesday, 24 August 2011
It used to be that when you registered a media type, a URI scheme, a HTTP header or another protocol element on the Internet, it was an opaque string that was a unique identifier, nothing more.
Tuesday, 1 March 2011
The IESG has received a request from the Hypertext Transfer Protocol Bis WG (httpbis) to consider the following document:
Friday, 1 October 2010
I’m going to try to start blogging more updates (kick me if I don’t!) about what’s happening in the world of HTTP.
Friday, 23 July 2010
Since SPDY has surfaced, one of the oft-repeated topics has been its use of TLS; namely that the SPDY guys have said that they’ll require all traffic to go over it. Mike Belshe dives into all of the details in a new blog entry, but his summary is simple: “users want it.”
Thursday, 6 May 2010
On a bit of a roll, RFC5861: HTTP Stale Controls has (finally) been published as an Informational RFC.
Wednesday, 7 April 2010
One of the nagging theoretical problems in the Web architecture has been finding so-called “site-wide metadata”; i.e., finding something out about a Web site before you access it. We wrestled with this in P3P way back when, and the TAG took it up after that.
Friday, 3 July 2009
The Stockholm IETF meeting is shaping up to be an interesting one (and not just because it’s in such a beautiful city).
Thursday, 25 June 2009
A (very) long time ago, I wrote the Cacheability Engine to help people figure out how a Web cache would treat their sites. It has a few bugs, but is generally useful for that purpose.
Tuesday, 14 April 2009
I had a lovely holiday weekend in Canberra with the family, without Web access. Perhaps I’ll blog about that soon — Canberra being in my opinion one of the nicest overlooked cities in the world — but that will have to wait. Going offline for a few days always brings a certain dread of what one’s inbox will hold when you get back, and this one was no exception.
Tuesday, 24 February 2009
Over the past few weeks the Free Software Foundation has had its knickers in a twist about TLS authentication — specifically, its patent encumbrance;
Wednesday, 18 February 2009
UPDATE: RFC6648 is now the official word on this topic.
Friday, 21 November 2008
There are lots of new “Web 2.0” specs emerging — many beginning with “o” — that are both exciting and concerning.
Thursday, 16 October 2008
Metadata discovery is a nagging problem that’s been hanging around the Web for a while. There have been a few stabs at this problem (including at least one by yours truly), but no real progress.
Friday, 4 July 2008
Here’s a gem on a little-used mailing list:
Thursday, 15 May 2008
Huh. The Atom Format RFC has been out for a while, and as one of the authors, I get the odd mail now and again asking a question or just saying “thanks.”
Wednesday, 2 April 2008
It’s become quite fashionable for large IT shops to give blanket Royalty-Free licenses for implementation of “core” technologies, such as XML, Web Services and Atom. I’ll refrain from linking to any of them, as the purpose of this post* is not to pick on any single one**.
Sunday, 17 February 2008
It’s 7am, I’m sitting in the Auckland Koru Club on my way home and reading the minor kerfuffle regarding PATCH with interest.
Friday, 4 January 2008
The stale-while-revalidate and stale-if-error extensions aren’t the only fiddling we’ve been doing with the HTTP caching model. Now that Squid 2.7 is starting to see daylight, I can explain about a much more ambitious project — Cache Channels.
Wednesday, 12 December 2007
We use caching extensively inside Yahoo! to improve scalability, latency and availability for back-end HTTP services, as I’ve discussed before.
Sunday, 9 December 2007
I haven’t talked about it here much, but I’ve spent a fair amount of time over the last year and a half working with people in the IETF to get RFC2616 — the HTTP specification — revised.
Saturday, 8 September 2007
Feed Paging and Archiving (nee Feed History) has finally made it to a standards-track RFC.
Wednesday, 10 May 2006
Anne-Thomas Manes extolls the virtues of WS-*;
Thursday, 20 April 2006
Back at the W3C Technical Plenary, I argued that Working Groups need to concentrate on making more Web-friendly specifications. Here’s an example of one such lapse causing security problems on today’s Web.
Friday, 7 April 2006
It’s become axiomatic in some circles — especially in WS-* land, as well as in many other uses of XML — that the preferred (or only) means of offering extensibility is through URI-based namespaces, along with a flag to tell consumers when an extension needs to be understood (a.k.a. mustUnderstand).
Wednesday, 15 March 2006
Microsoft and friends (of the keep your enemy closer variety, I suspect) have submitted WS-Transfer to the W3C. I found the Team comment interesting; e.g.,
Wednesday, 10 August 2005
For some time, I’ve noticed that people defining XML formats spend an inordinate amount of time talking about the structure of the format. This is especially apparent in standards working groups, where hours — no, days — can be spent agonizing over whether to make something an attribute or an element.
Friday, 22 July 2005
Don Box (whose blog doesn’t seem to be taking comments any more, so I’ll do it over here) points out some very cool technology he’s using, Microsoft’s Office Communicator. Sounds very slick, I’m jealous (with my old tech phone line and last year’s GSM mobile)!
Friday, 15 July 2005
It’s been covered before elsewhere, but just a friendly reminder: ‘feed’ URIs are bad for the Web, as are any that are used solely for dispatch (e.g., ‘itms’, ‘ pcast’).
Monday, 27 June 2005
I don’t talk much about it here, but I’m honoured to be the Chair of the W3C Web Services Addressing Working Group. This is something of an experiment for the W3C, so I gave an update on its progress as part of a panel discussion at the Advisory Committee meeting a few weeks ago. I’d like to share some of what I presented there.
Monday, 7 February 2005
Werner makes an excellent point;
Monday, 24 January 2005
Sunday, 23 January 2005
There are MEPs in SOAP and MEPs in WSDL; both describe patterns of messages, but at potentially different layers.
Wednesday, 19 January 2005
More than a year after my modest suggestion, Google takes a step to fix comment spam. Hopefully, other people who re-publish Web content (like mailing list archives) will start doing this as well.
Wednesday, 8 September 2004
Ever wonder where the heck a particular HTTP header is defined?
Thursday, 2 September 2004
…I have learned that to be right and useful, one must accept a continuing divergence between approved belief — what I have elsewhere called conventional wisdom — and the reality. And in the end, not surprisingly, it is the reality that counts.
Saturday, 23 August 2003
I’ve had a fairly large and annoying bee in my bonnet for the past few months, regarding media type registration. It started buzzing when I tried (and failed) to register a media type for RSS, and has continued to grow as I attempt to do the same for SOAP, on behalf of the XML Protocol Working Group.
Sunday, 22 June 2003
Looks like a good to-read list:
John Beatty: Economics of Standards
Wednesday, 28 May 2003
I agree with just about everything that Jim Waldo says here (at least for protocol standards). Well said!
Sunday, 10 November 2002
Finally, the IESG puts its money where its mouth is; this tool allows you to see the status and individual AD’s comments about a particular I-D. It’s only a start, but at least you have some idea of what’s going on, instead of being left out in the cold.