- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Mon, 24 Feb 2014 22:05:30 +1300
- To: ietf-http-wg@w3.org
On 24/02/2014 7:37 p.m., Mark Nottingham wrote: > > On 24 Feb 2014, at 5:35 pm, William Chan (ιζΊζ) <willchan@chromium.org> wrote: > >> I don't think that there's anything HTTP/2 specific about "secure" proxies. > > That's kind of what I'm getting at... > >> Should we decouple it and just standardize it separately from HTTP/2 (although I think it's likely that the HTTP/2 spec may want to reference it)? > > Well, my point was that I wasn't even sure it's something "we" need to do (i.e., this WG). What actually would need to be written down? > I think a BCP statement that connections to explicit proxy should be doen or at least allowed to use a TLS encrypted connection. Along with a list of the current explicit proxy discovery mechanisms in use and how TLS should be signalled in each (ie. environment variable http_proxy="https://..." vs. https_proxy="...") Guidance for implementers to follow that will provide interoperable code. Amos
Received on Monday, 24 February 2014 09:05:58 UTC