Re: draft-ietf-httpbis-http2-encryption-06.txt

Mike Bishop <Michael.Bishop@microsoft.com>: (Fri Jun 24 02:58:02 2016)
> Yes, I think that would also be a worthwhile improvement.
> 
> -----Original Message-----
> From: Mark Nottingham [mailto:mnot@mnot.net] 
> Sent: Thursday, June 23, 2016 4:57 PM
> To: Mike Bishop <Michael.Bishop@microsoft.com>
> Cc: Martin Thomson <martin.thomson@gmail.com>; Kari Hurtta <hurtta-ietf@elmme-mailer.org>; HTTP working group mailing list <ietf-http-wg@w3.org>
> Subject: Re: draft-ietf-httpbis-http2-encryption-06.txt
> 
> Would it help to adjust the Introduction to portray them more as alternative options?
> 
> 
> > On 24 Jun 2016, at 9:52 AM, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> > 
> > Kari's feedback, I'll let him weigh in with his own opinion.
> > 
> > As I understand the issue, I think removing "tls-ports" from this particular example is sufficient.  As noted, there's nothing that breaks if they're both present (so normative prohibition probably not needed); it's just silly to do so, and we shouldn't encourage it by including it in an example.


Yes. "tls-ports" should removed from that example.
So that it is not encouraged that both are used
same time.

The Introduction (or some other place) should mention 
that "tls-ports" and "tls-commit" are alternative options. 
And also mention that including them both on same origin 
object is likely mistake.

They not need to be formally mutually exclusive
(that is: including both members does not make 
 /.well-known/http-opportunistic invalid).

This allows clients, which does not support
commintment, totally ignore "tls-commit"
member. If they are formally exclusive,
then client need still check "tls-commit"
to see is /.well-known/http-opportunistic
valid).

/ Kari Hurtta

> > -----Original Message-----
> > From: Martin Thomson [mailto:martin.thomson@gmail.com] 
> > Sent: Thursday, June 23, 2016 4:38 PM
> > To: Mike Bishop <Michael.Bishop@microsoft.com>
> > Cc: Kari Hurtta <hurtta-ietf@elmme-mailer.org>; HTTP working group mailing list <ietf-http-wg@w3.org>; Mark Nottingham <mnot@mnot.net>
> > Subject: Re: draft-ietf-httpbis-http2-encryption-06.txt
> > 
> > On 24 June 2016 at 07:44, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> >> But "tls-ports" at the same time tells me what ports I should accept referrals to *without* requiring authentication.
> > 
> > So you are saying that any port is OK if you can authenticate the server.  That's true.  Is this as simple as removing the example, or do you think we need to say that the two members are mutually exclusive?
> 
> --
> Mark Nottingham   https://www.mnot.net/
> 

Received on Friday, 24 June 2016 06:29:11 UTC