RFC Errata

Errata Search

Source of RFC  
Summary Table Full Records

RFC 7469, "Public Key Pinning Extension for HTTP", April 2015

Source of RFC: websec (app)

Errata ID: 5377
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Julian Reschke
Date Reported: 2018-06-02

Section 2.3.4 says:

2.3.4.  HTTP-Equiv <Meta> Element Attribute

   UAs MUST NOT heed http-equiv="Public-Key-Pins" or
   http-equiv="Public-Key-Pins-Report-Only" attribute settings on <meta>
   elements [W3C.REC-html401-19991224] in received content.

It should say:

(remove the section)


The spec attempts to make a normative requirement on HTML consumers. It can't do that; that's the role of the HTML spec.

In addition to that, this is already covered by what recent HTML specs say about http-equiv extensibility.

Report New Errata