RFC 6546, "Transport of Real-time Inter-network Defense (RID) Messages over HTTP/TLS", April 2012Source of RFC: mile (sec)
See Also: RFC 6546 w/ inline errata
Errata ID: 3455
Publication Format(s) : TEXT
Reported By: John Field
Date Reported: 2013-01-14
Verifier Name: Sean Turner
Date Verified: 2013-03-16
Section 3 says:
If a RID system receives an improper RID message in an HTTP Request, it MUST return an appropriate 4xx Client Error result code to the requesting RID system.
It should say:
If a RID system receives an improper HTTP Request, it MUST return an appropriate 4xx Client Error result code to the requesting RID system.
There has been some discussion of this issue on the MILE mailing list. Another possible option for the corrected text is to say nothing at all. That is, by changing the specification to focus on an improper HTTP request, rather than an improper RID message, the corrected text is simply a restatement of existing HTTP behavior. (Either way, this still does constitute a technical change since we would no longer be requiring the 400 status code when the error is with the *RID* content). On this technical point, we had consensus on the MILE mailing list: we SHOULD NOT require an HTTP 4xx status code when there is an error with the RID content itself (as opposed to the HTTP layer). HTTP 4xx status is reserved for errors occurring in the HTTP protocol layer. Errors in the RID content will be reported via the RID Acknowledgement message type, with appropriate choices for the RequestStatus element, and Justification attribute.