From 4898a8419d333f6b3ce92c7c61471bd2feaa2b5c Mon Sep 17 00:00:00 2001 From: Gaspard Wierzbinski Date: Tue, 9 Apr 2024 04:03:30 -1000 Subject: [PATCH] Update HTTP wording --- docs/spec.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/spec.md b/docs/spec.md index f8e172a..cd8eca2 100644 --- a/docs/spec.md +++ b/docs/spec.md @@ -51,7 +51,7 @@ All JSON objects disseminated during federation **MUST** be handled as follows: ## Requests and Responses -All HTTP requests **MUST** be transmitted over HTTPS. Servers **MUST NOT** accept HTTP requests, unless for development purposes (e.g., if a server is operating on localhost or another local network). +All Hypertext Transfer Protocol requests MUST be transmitted using the Hypertext Transfer Protocol Secure Extension. Servers MUST NOT accept requests without TLS (HTTPS), except for development purposes (e.g., if a server is operating on localhost or another local network). Servers should support HTTP/2 and HTTP/3 for enhanced performance and security. Servers **MUST** support HTTP/1.1 at a minimum. @@ -72,4 +72,4 @@ All responses **MUST** include at least the following headers: - `Signature` if the response body is signed (which is typically the case) - `Cache-Control: no-store` on entities that can be edited directly without using a [Patch](objects/patch), such as [Actors](objects/actors) - A cache header with a `max-age` of at least 5 minutes for entities that are not expected to change frequently, such as [Notes](objects/publications) -- A cache header with a large `max-age` for media files when served by a CDN or other caching service under the server's control \ No newline at end of file +- A cache header with a large `max-age` for media files when served by a CDN or other caching service under the server's control