W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: SPDY = HTTP/2.0 or not ?

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Mon, 26 Mar 2012 05:56:53 +0000
To: Brian Pane <brianp@brianp.net>
cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <1945.1332741413@critter.freebsd.dk>
In message <CAAbTgTu7qbPiREWRRqFddgoko0FCt0jmxR=NP1gqsiARCwscew@mail.gmail.com>
, Brian Pane writes:

>Nonetheless, I think it would be reasonable for HTTP/2.0 to require SSL.

I think you need to talk to some people with big websites ;-)

There are a large swath of the HTTP traffic that doesn't need and cannot
afford the overhead of crypto and if you mandate that HTTP/2.0 use
crypto, they will simply stay on HTTP/1.1 forever.

If we act sensibly and make room for multiple transports, it is a non
issue, because then you can have one transport with and one without
crypto.

Which is amazingly just like the situation today:  The servers which care
about ident/auth/integ/priv/... run HTTPS, everybody else runs HTTP.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Monday, 26 March 2012 05:57:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:57 GMT