Re: Do we kill the "Host:" header in HTTP/2 ? from Nico Williams on 2013-01-30 (ietf-http-wg@w3.org from January to March 2013)

From: Nico Williams <nico@cryptonector.com>
Date: Wed, 30 Jan 2013 15:37:17 -0600
To: "Adrien W. de Croy" <adrien@qbik.com>
Cc: Eliezer Croitoru <eliezer@ngtech.co.il>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <CAK3OfOgV98hT4=fs7Q1FZw+kAkUn491+r_-hNqUXdY10+TANBA@mail.gmail.com>

On Wed, Jan 30, 2013 at 3:31 PM, Adrien W. de Croy <adrien@qbik.com> wrote:
> from a proxy POV, it's very useful, nay vital that we can tell the
> difference between a request that a client thinks it is sending to a proxy,
> vs a request the client thinks it is sending to a server.
>
> [...]
> In fact for authentication, I would extend it to allow for the definition of
> the target of the auth.  If you have a request going through a chain, and
> several links require auth from the client, there's currently no way to do
> it safely.

There are separate headers for authentication to proxies.

Received on Wednesday, 30 January 2013 21:37:45 UTC