On 10/19/09 3:46 PM, "Dave Cridland" <dave at cridland.net> wrote: > 1) You probably don't want to require features. Instead, you only > want to drop the ones the clients not allowed to use right now. We at least need to require TLS, because in some installations you want it required (high security), and in others it needs to be optional (e.g. mobile clients on a trusted network). In the past we've used "required" for this, and there's no good reason to switch it to "optional". > 2) Optional might not be needed either. If it is, it's only for the > session feature, and that only if it's actually required to be > listed, and that could be solved by a new feature, pipelining, or a > specific child for session's feature. My understanding was that we had some consensus to drop session start. In order to deal with backward-compatibility, we need to signal to new clients that the feature is optional. TLS and session don't need to use the same syntax for expressing these optional or required, but some have expressed that desire. That's how we've gotten to this point. We could also (obviously) decide that this is out of scope. > So really, I think we're chasing ghosts, here. If there's > optimizations to be made, let's please figure them out and make them. > But making things too generic is simply over-engineering something > that actually works just fine right now. Hence the "several bad ideas" I referred to in my previous mail. I don't think anyone has proposed an acceptable solution to modifying stream features on the fly, so in the absence of an extraordinarily compelling use case, I agree that keeping it simple makes sense. -- Joe Hildebrand
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.