W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Feedback on Fallback

From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Date: Mon, 22 Sep 2014 23:09:00 +0300
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20140922200900.GA15270@LK-Perkele-VII>
On Mon, Sep 22, 2014 at 07:24:48PM +0000, Mike Bishop wrote:

> Some apps we support depend on the ability to emit raw HTTP protocol
> text. 

Are there any HTTP/1.1 messages that can't be gatewayed into HTTP/2?

I know earlier there were some, but I thought those problems have
been fixed.

> Others require client certs as a matter of local law and we don't
> have a way to retrieve the client cert without renegotiation. 

Renegotiation is dangerous in multiplexed protocols. And even more
dangerous with typical usage of HTTP.

I thought there was proposal for httpauth and TLS extensions to
tackle usage of client certificates in HTTP/2? What's the status
of those?

Also, I think those extensions, along with some other stuff
could be useful in order to implement usable client certificate
authentication (right now, CC is infamous for terrible UX).


-Ilari
Received on Monday, 22 September 2014 20:09:27 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC