W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

Re: Reminder: Call for Proposals - HTTP/2.0 and HTTP Authentication

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Fri, 27 Apr 2012 09:16:00 +0000 (UTC)
To: ietf-http-wg@w3.org
Message-ID: <loom.20120427T104110-359@post.gmane.org>
Hi,

Would it be possible to publish a list of specific questions and have each
proposal submitter answer how its proposal answers each of them? Just to make
sure no use-case falls through the cracks? Sure one can read each proposal and
guess the answers, but I think proposal submitters are the best to answer how
their proposal could be used. And this way one won't have to fish list archives
for answers to common questions.

I'd especially like an answer to the following:

1. Can the proposal permit secure http/2.0 communication without letting malware
punch random protocols through firewalls using the http/2.0 secure port?

2. How can intermediary network nodes request (re-)authentication on secure
networks when client credentials expire?

3. How can they communicate authentication location to the client (or is it
implied and how)? Does this mechanism work for dumb (not-browser) web clients?

4. How could other intermediary messaging be handled?

5. Is the proposed protocol feature-complete or does it require an http/1.1
downgrade to handle some existing http use-cases (esp. proxy ones)?

6. Is the http/2.0 namespace a superset of the http/1.1 namespace? Are error
codes specific to the protocol version used or should it be assumed they'd apply
the same if the protocol was up/down graded?

7. How will the proposal make writing tools that process HTTP headers and logs
simpler? Does it reduce HTTP reliance on conventions not commonly used in
mainstream application writing?

8. Does it add specific logging constrains that didn't exist in http/1.1?

9. How will the proposal improve network efficiency?


Best regards,

-- 
Nicolas Mailhot
Received on Friday, 27 April 2012 09:16:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 09:16:41 GMT