Re: https URI scheme from Henrik Nordstrom on 2008-08-12 (ietf-http-wg@w3.org from July to September 2008)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Tue, 12 Aug 2008 04:10:08 +0200
To: Julian Reschke <julian.reschke@gmx.de>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1218507008.8675.9.camel@henriknordstrom.net>

On sön, 2008-08-10 at 16:48 +0200, Julian Reschke wrote:

> Looking at the IANA URI registration reminded me that RFC 2616 doesn't 
> define HTTPS, thus our set of specs doesn't either.
> 
> HTTPS is defined in RFC 2818, an Informational RFC. Should we mention 
> that somewhere in Part 1?

It's informal due to the IAB position that protocol that can enable TLS
over their standard defined port should do so.. and defined for HTTP in
RFC 2817.

As result of this https:// is declared historical of doing things in
terms of specifications with RFC2817 Upgrade: TLS being the
standars-track way of enabling TLS. But industry use hasn't yet accepted
this at all from what I can tell.. Have anyone really seen an
application using RFC2817 Upgrade request to enable TLS?

Regards
Henrik

Received on Tuesday, 12 August 2008 02:18:20 UTC