- From: Adrien W. de Croy <adrien@qbik.com>
- Date: Sun, 25 Mar 2012 20:24:01 +0000
- To: "HTTP Working Group" <ietf-http-wg@w3.org>
- Message-Id: <em149b14d6-6d88-4f21-b25d-8f878bf19a3a@boist>
Hi all I think there's a goal that hasn't been stated for HTTP/2.0. The ability to control and enforce acceptable use policy, as practised by countless enterprises. Currently, HTTP is open enough that such control can be implemented. HTTPS poses several problems wrt this aim. This requirement is real, and is not going to go away. Adopting an SSL/TLS only option for any replacement protocol makes life difficult for a) proxy vendors (have to code MITM software) b) their customers (have to deploy certificates to make MITM work) For this reason alone I don't see SPDY in its current form as a viable successor to HTTP. Since I believe the main reason to adopt TLS for SPDY was to enable "out of band" negotiation of which protocol was going to be used, then we would require another method for this. Proxies are an important part of HTTP infrastructure, and wanted by customers. Developing a successor to HTTP/1.1 without enabling reliable / simple proxy function would be a huge mistake IMO. Willy / Amos, I'm keen to see what you guys come up with. Adrien
Received on Sunday, 25 March 2012 20:24:24 UTC