From: Peter Kirk (peterkirk@qaya.org)
Date: Fri Sep 26 2003 - 08:04:22 EDT
On 26/09/2003 11:34, jon@spin.ie wrote:
>>Is server software actually obliged to perform such conversions on
>>request?
>>
>>
>
>No, there is no obligation.
>
> Surely, rather, browsers should be expected to support a
>
>
>>certain minimum set of encodings,
>>
>>
>
>Ah but how minimum is acceptable?
>
>Of course, and I've said this already in this thread, we can now just make sure that every server and ever client supports UTF-8 and UTF-16. However it will be some time before servers can assume all browsers can accept these, and before all browsers can assume that all servers can send them. ...
>
Since there is plenty of good and free browser software available which
does support UTF-8, perhaps servers should start assuming that browsers
can support it, and that will gently encourage software vendors and
users to upgrade. Well, actually it won't affect most US users as they
mostly only use ASCII. For us in the UK and Ireland, we will just get
mojibake pounds and euros.
Anyway, isn't this the way W3C standards are going? I thought they were
moving to XML compatibility which implies UTF-8 support. Browsers which
can't support the latest W3C standards will surely become obsolete very
quickly.
>... The rule of http headers over-riding embedded self-desciption is going to be necessary until this has come to pass.
>Even after then it's going to be necessary as there is only one http header which states encoding, but there is an unlimited number of mechanisms for self-description in an unlimited number of potential document types.
>
>
This follows only if you accept the principle that the carrier has the
duty to ensure that the recipient can understand what they receive. I
don't accept that the carrier has the duty or even the right to do that.
In fact I would suggest that it is an infringement of my civil liberties
to do so just as much as it would be for the snail mail service to
censor or even reformat my mail.
Perhaps they have the right to check for security holes, yes, but that
is a separate issue. A carrier has the right to check for security
issues which might compromise their service, yes, and perhaps the right
to check for certain kinds of illegal activity which might include
deliberately spreading viruses - but only if such things are clearly set
out in the carrier's conditions of service or by law. But the carrier
does not have the right to mess around with the content because it
thinks that there might be some possibility of compromising the security
of ill-configured software at the recipient. The recipient is
responsible for their own security, and should not rely on carriers for
this except as part of a specific value-added agreement.
Summary: Servers, keep your hands off my e-mail and web pages! What I
have written I have written, and if it's garbage that's my problem, not
yours. If it really is a virus etc, I'll let you make that an exception,
but you must have real evidence, not just an assumption that anything
with a particular encoding is dangerous.
Well, that's my opinion, anyway.
-- Peter Kirk peter@qaya.org (personal) peterkirk@qaya.org (work) http://www.qaya.org/
This archive was generated by hypermail 2.1.5 : Fri Sep 26 2003 - 08:45:25 EDT