W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: #148: Reasonable Assurances and H2C

From: Julian Reschke <julian.reschke@greenbytes.de>
Date: Fri, 26 Feb 2016 08:26:41 +0100
To: Mark Nottingham <mnot@mnot.net>, Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>
Cc: HTTP WG <ietf-http-wg@w3.org>
Message-ID: <56CFFE31.6090503@greenbytes.de>
On 2016-02-26 01:56, Mark Nottingham wrote:
> I've taken a stab at this:
>    https://github.com/httpwg/http-extensions/commit/f1024d233157e
>
> Please review.
>
> Cheers,

That says:

>    For the purposes of this document, "reasonable assurances" can be
>    established through use of a TLS-based protocol with the certificate
>    checks defined in [RFC2818].  Other means of establishing them MUST
>    be documented in an RFC that updates this specification.  Clients MAY
>    impose additional criteria for establishing reasonable assurances.

As far as I understand, this is a hook for 
draft-ietf-httpbis-http2-encryption-03, which is currently labeled 
"experimental". It is my understanding that experimental RFCs will have 
a hard time "updating" a standards-track RFC, though...

Best regards, Julian
Received on Friday, 26 February 2016 07:27:09 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC