W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: HTTP 2.0 and a Faster, more Mobile-friendly web

From: Martin Nilsson <nilsson@opera.com>
Date: Mon, 30 Jul 2012 19:14:19 +0200
To: ietf-http-wg@w3.org
Message-ID: <op.wh9rh50uiw9drz@uranium.quadriga.com>
On Mon, 30 Jul 2012 17:09:57 +0200, patrick mcmanus <pmcmanus@mozilla.com>  
wrote:

> On 7/30/2012 12:02 AM, Poul-Henning Kamp wrote:
>>
>> It is not clear to me exactly what these major implementers mean when
>> they say "TLS is mandatory"
>>
>> Do they mean "TLS MUST be supported" or "TLS MUST be used" ?
>
> I mean that HTTP/2 must be secure against (at least) passive  
> eavesdropping attacks at all times. TLS is the bird-in-hand for that  
> right now, but it does not exclude other solutions. Other properties of  
> TLS are desirable too, but they don't necessarily rise to the level of  
> mandatory to implement for me.
>

I think such requirement will immediately prompt development of  
HTTP/2-light without TLS for use in intra-data-center communications (and  
China and India).

/Martin Nilsson

-- 
Using Opera's revolutionary email client: http://www.opera.com/mail/
Received on Monday, 30 July 2012 17:14:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 30 July 2012 17:14:58 GMT