HTTP 2.0 in the clear and over TLS from emile.stephan@orange.com on 2013-07-29 (ietf-http-wg@w3.org from July to September 2013)

From: <emile.stephan@orange.com>
Date: Mon, 29 Jul 2013 16:37:01 +0000
To: Michael Sweet <msweet@apple.com>, Eliot Lear <lear@cisco.com>
CC: William Chan (陈智昌) <willchan@chromium.org>, Zhong Yu <zhong.j.yu@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <32754_1375115822_51F69A2E_32754_8403_1_5AE9CCAA1B4A2248AB61B4C7F0AD5FB906C6BC40>

Hi,

HTTP2 must work in the clear and over TLS. This is required because HTTP1.1 and HTTP2 must coexist to ease the migration to HTTP2, and to accelerate HTTP2 deployments.

Regards
Emile

De : Michael Sweet [mailto:msweet@apple.com]
Envoyé : dimanche 28 juillet 2013 14:12
À : Eliot Lear
Cc : William Chan (陈智昌) ; Zhong Yu; HTTP Working Group
Objet : Re: HTTPS 2.0 without TLS extension?

... and don't forgot some of the more obscure usage of HTTP, such as HTTP over USB in the USB-IF's IPP USB Specification:

http://www.usb.org/developers/devclass_docs

There isn't much point in using TLS over USB (and a lot of cost issues for that class of printer against it), and we need to continue to use the same USB end points/interfaces, so upgrade remains an important feature of HTTP/2.0 for me/Apple...

Sent from my iPad

On 2013-07-28, at 12:46 AM, Eliot Lear <lear@cisco.com<mailto:lear@cisco.com>> wrote:

On 7/23/13 7:34 PM, William Chan (陈智昌) wrote:
FWIW, it seems reasonable to me to have the spec allow HTTPS 2.0 without TLS extension. If you want to Upgrade, be my guest. I have no plans for my browser to support that, and I don't think Google servers will support it either, because we care strongly about the advantages of TLS-ALPN vs Upgrade.

Not only that, I don't think we can reasonably call this HTTP 2.0 if we have no path to do it in the clear.

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

Received on Monday, 29 July 2013 16:37:30 UTC