- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Thu, 02 Aug 2012 08:27:35 +0000
- To: Mike Belshe <mike@belshe.com>
- cc: James M Snell <jasnell@gmail.com>, ietf-http-wg@w3.org
In message <CABaLYCv7U7iLBu5+8Nb9Wa1VeQguoMLJw4VOCbDBQK3WoE-sFg@mail.gmail.com> , Mike Belshe writes: >> > * I don't think we need utf-8 encoded headers. Not sure how you'd pass >> them off to HTTP anyway? > >I just don't see any problem being solved by adding this? If there is no >benefit, we should not do it, right? If this would solve any major problems inside a 20 year horizon, we should do it. That being said, I am not a big fan of UTF8 in high-performance protocol context: It is much slower to process than 8bit string formats. UTF8 also gives rise to a number of interesting security aspects, primarily where humans eyeball for security and don't detect minor differences between glyphs, particularly in FQDNs, but I can't see how we can do anything about that in HTTP/2.0. It's not obvious to me, that we can evade the UTF8 requirement, so it might be worthwhile to consider what we can gain by embracing it. For instance, could we get rid of the %-encoding of URIs by allowing UTF8 ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 2 August 2012 08:27:58 UTC