I'm suggesting that IF a site supports HTTP/2 over TLS (generally over :443, but that isn't required as we know, e.g. https://foo.com:1234/bar): It MUST accept HTTPS schemed URLS. It MAY accept HTTP schemed URLS And: If a site does accept HTTP schemed URLS, it MUST NOT reject them with a status code indicating that the client shouldn't retry HTTP schemed URLs over TLS. If a site does NOT accept HTTP schemed URLS, it MUST reject them with a status code indicating that the client shouldn't retry HTTP schemed URLs over TLS. This requires nothing new, makes nothing uncompliant. -=R On Tue, Nov 19, 2013 at 10:06 PM, Eliot Lear <lear@cisco.com> wrote: > Roberto, > > > On 11/20/13 4:57 AM, Roberto Peon wrote: > > How about: > HTTPS schemed URLs MUST be sent on an authenticated TLS channel. > HTTP schemed URLs MAY be sent as unencrypted HTTP2 plaintext, or may be > sent over a TLS channel. > > > s/TLS channel/via TLS atop the same port/ > > > ? > > > If a server does not wish to handle HTTP schemed URLs over a TLS > channel, it MUST reject these requests with a RST_STREAM or GOAWAY with an > error code that indicates that the server does not support HTTP schemed > URLs on port 443. > -=R > > I'm a little concerned about backward compatibility with this approach. > There do exist many web sites that offer different content today on the two > ports. Are you suggesting that they would become non-compliant? > > Eliot >
Received on Wednesday, 20 November 2013 06:20:07 UTC