- From: Willy Tarreau <w@1wt.eu>
- Date: Wed, 13 Nov 2013 14:54:30 +0100
- To: Michael Sweet <msweet@apple.com>
- Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On Wed, Nov 13, 2013 at 08:21:17AM -0500, Michael Sweet wrote: > I also believe that HTTP/1.x has been so successful because of its ease (and > freedom) of implementation. But IMHO restricting its use to https:// will > only limit its use/deployment to sites/providers that can afford to deploy it > and prevent HTTP/2.0 from replacing HTTP/1.1 in the long run. That's a good point. I'd say I know some people who push *terabits* of pink pixels over the net and who had never heard about HTTP/2 nor SPDY before I talked to them about it and who still don't see the value there. Just like they do zero TLS and do not expect to ever use it. So there's a use for everything. But I think that we could specify all uses of the protocol (eg: think about web services running in clear text which would benefit from 2.0) and at the same time let browsers ship with the default options that suggests use of 2.0 for https:// and 1.1 for http:// just like we've had options in the past to talk 1.1 or 1.0 to proxies, etc... The protocol which will succeed will be the one which does not change the users' habits while still improving their experience. We need to keep that in mind. For example, if browsers emit a warning each time a user visits a porn site that does not enable encryption, the users will keep an older browser to visit these sites, and these sites will take care of supporting older browsers, it will be as simple as this! I think that both Pat and William told us several times that users don't want to be bothered. It's up to us to meet their expectations :-) Willy
Received on Wednesday, 13 November 2013 13:55:01 UTC