W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2016

Re: SETTINGS_MIXED_SCHEME_PERMITTED | Re: I-D Action: draft-ietf-httpbis-http2-encryption-07.txt

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 6 Oct 2016 01:07:16 +1100
Message-ID: <CABkgnnVaBVE8mUxuGXYe-WeM_OkiNHcA=egnb1-nOxtdujShfw@mail.gmail.com>
To: Kari Hurtta <hurtta-ietf@elmme-mailer.org>
Cc: Patrick McManus <mcmanus@ducksong.com>, Kari Hurtta <khurtta@welho.com>, Mike Bishop <Michael.Bishop@microsoft.com>, HTTP working group mailing list <ietf-http-wg@w3.org>
On 6 October 2016 at 00:36, Kari Hurtta <hurtta-ietf@elmme-mailer.org> wrote:
>> >> "tls-ports"  should perhaps now be "mixed-scheme-listeners"
>> >> giving [ "alternative-server:port" ].
>
> because should we really say that particular alternative server / port
> combination for given origin supports http: -scheme over TLS.

I interpreted that as:

  { "http://example.com": {
      "mixed-scheme-listeners": [ "example.net:767", "example.com:3324" ]
    },
    "http://other.example.com" { ... }
  }

This is saying that "http://example.com" is served (in addition to the
cleartext version) on those alternatives.

Whereas I was suggesting just taking the keys from the top-level object:

  [ "https://example.com", "http://other.example.com" ]

But I realize that this information is better obtained more simply
because you need to make a request for a .wk resource on every origin
you are interested in:

  GET http://example.com/.well-known/http-opportunistic HTTP/1.1
  Host: example.com

  200 OK
  Content-Length: 0
  Cache-Control: max-age=123

> Particular alternative server / port may be reverse proxy
> where behind of it there is several origins on different servers.
>
> But also for particular origin there may be several
> alternative servers which are not equal.

Not sure that I follow: are you suggesting that the .wk resource would
advertise the other origins, or that we need some sort of additional
protection?
Received on Wednesday, 5 October 2016 14:08:04 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 5 October 2016 14:08:07 UTC