Rewrite the "removing features" section, incorporating "Support Existing Content" from the HTTP Design Principles #588
Conversation
index.bs
Outdated
| This might require research, | ||
| for example by adding metrics to a popular user agent | ||
| and/or by [searching the HTTP Archive](https://har.fyi/guides/getting-started/). | ||
| Breaking content is harmful, |
There was a problem hiding this comment.
It would be good to
- Make this a positive statement.
- Reference other things we've said about this general thing.
index.bs
Outdated
| * Only a tiny amount of existing content depend on the feature or behavior. | ||
| * Only a tiny number of people see that content. | ||
| * The content only appears in test cases or examples. | ||
| * The content is currently broken in most recent popular user agents. |
There was a problem hiding this comment.
Does it matter if the user agent is popular if the change already affects most user agents?
Edit: I misread, but I think it's worth being specific about what "popular" means here
There was a problem hiding this comment.
I added more detail about why it matters that the other UAs are popular: it makes it more likely that they would have received bug reports if anyone's relying on the content, and it means that if we're increasing interoperability, we're not breaking the dramatically larger number of users.
| of a much larger amount of hidden breakage. | ||
| * The benefit of breaking content is very large. | ||
| For example, removing old SSL and TLS versions breaks lots of content | ||
| but prevents even more security breaches. |
There was a problem hiding this comment.
Is 'even more' really needed here?
| but prevents even more security breaches. | |
| but prevents security breaches. |
Or perhaps
| but prevents even more security breaches. | |
| but prevents emerging security breaches. |
(or something similar)?
There was a problem hiding this comment.
@matatk , "even more" could be dropped but it seems to match with "lots of" (or "significant"). Not sure if "far more" sounds better but here it is:
| but prevents even more security breaches. | |
| but prevents far more security breaches. |
There was a problem hiding this comment.
I think it's important that we compare the amount of breakage with the amount of benefit. "emerging" doesn't really do that. "far more", on the other hand, might set the bar too high. I'm not actually sure that we need more instances of benefit than instances of harm, if the severities of the instances compare well, but this is just inside the SSL example, where I think it does prevent quantitatively more potential attacks. @martinthomson would know the details there. We could also pick a different example; this one was just on my mind since Martin had mentioned it recently.
The following would be fine with me, if other people prefer it:
| but prevents even more security breaches. | |
| but prevents more security breaches. |
| Getting a single complaint is often a sign | ||
| of a much larger amount of hidden breakage. | ||
| * The benefit of breaking content is very large. | ||
| For example, removing old SSL and TLS versions breaks lots of content |
There was a problem hiding this comment.
| For example, removing old SSL and TLS versions breaks lots of content | |
| For example, removing old SSL and TLS versions breaks significant content |
There was a problem hiding this comment.
"Significant" invites a value judgement of how important the content is, while I was just trying to talk about the amount. We could use "many pages", I guess? But it's also an intentional choice to be somewhat informal here: we're trying to communicate, not impress people.
…ing Content" from the HTTP Design Principles
Co-authored-by: Martin Thomson <[email protected]>
Co-authored-by: Martin Thomson <[email protected]>
Co-authored-by: Martin Thomson <[email protected]>
Co-authored-by: Sarven Capadisli <[email protected]>
jyasskin
force-pushed
the
back-compat
branch
from
cd407d1 to
5b2ffa8
Compare
Co-authored-by: Sarven Capadisli <[email protected]>
Co-authored-by: Sarven Capadisli <[email protected]>
| of a much larger amount of hidden breakage. | ||
| * The benefit of breaking content is very large. | ||
| For example, removing old SSL and TLS versions breaks lots of content | ||
| but prevents even more security breaches. |
There was a problem hiding this comment.
I think it's important that we compare the amount of breakage with the amount of benefit. "emerging" doesn't really do that. "far more", on the other hand, might set the bar too high. I'm not actually sure that we need more instances of benefit than instances of harm, if the severities of the instances compare well, but this is just inside the SSL example, where I think it does prevent quantitatively more potential attacks. @martinthomson would know the details there. We could also pick a different example; this one was just on my mind since Martin had mentioned it recently.
The following would be fine with me, if other people prefer it:
| but prevents even more security breaches. | |
| but prevents more security breaches. |
| Getting a single complaint is often a sign | ||
| of a much larger amount of hidden breakage. | ||
| * The benefit of breaking content is very large. | ||
| For example, removing old SSL and TLS versions breaks lots of content |
There was a problem hiding this comment.
"Significant" invites a value judgement of how important the content is, while I was just trying to talk about the amount. We could use "many pages", I guess? But it's also an intentional choice to be somewhat informal here: we're trying to communicate, not impress people.
| Gaining a good understanding might require research, | ||
| for example by adding metrics to a widely-used user agent | ||
| or by [searching the HTTP Archive](https://har.fyi/guides/getting-started/). | ||
| Breaking content harms users, |
There was a problem hiding this comment.
Re @martinthomson's comment, I think we might have a higher-level principle that "The web is stable", which can cover both keeping backward compatibility and ensuring some forward compatibility. I'm inclined to try to merge this change, and then add that one, but I could reverse it if folks prefer.
Fixes #174.
Preview | Diff