- From: Mark Nottingham <mnot@mnot.net>
- Date: Sat, 1 Feb 2014 15:25:46 +1100
- To: Martin Thomson <martin.thomson@gmail.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
As I was writing this, I was wondering whether the MAY ought to be a SHOULD; i.e., when possible, clients are encouraged to reuse connections. Thoughts? On 1 Feb 2014, at 5:23 am, Martin Thomson <martin.thomson@gmail.com> wrote: > I think that this is mostly right: > >>>> > Partial proposal: insert after 9.1 Connection Management second paragraph: > > Clients MAY use a single connection for more than one origin when each > origin's hostname resolves to the same IP address, and they share the > same port. When an origin's scheme is "https", the server's > certificate MUST be valid for the origin's hostname to be used in this > fashion; this might be accomplished using a "wildcard certificate", > subjectAltName [RFC3280], or some other mechanism. > <<< > > However, 3280 is out of date. I wonder if 6125 is not a better > reference to use here. As in: > > When an origin's scheme is "https", the server MUST be authenticated, > either by validating the server certificate against the hostname in > the origin [RFC6125], or by some other mechanism. > -- Mark Nottingham http://www.mnot.net/
Received on Saturday, 1 February 2014 04:26:15 UTC