Re: HTTP 2.0 and a Faster, more Mobile-friendly web

On Mon, 30 Jul 2012 17:09:57 +0200, patrick mcmanus <>  

> On 7/30/2012 12:02 AM, Poul-Henning Kamp wrote:
>> It is not clear to me exactly what these major implementers mean when
>> they say "TLS is mandatory"
>> Do they mean "TLS MUST be supported" or "TLS MUST be used" ?
> I mean that HTTP/2 must be secure against (at least) passive  
> eavesdropping attacks at all times. TLS is the bird-in-hand for that  
> right now, but it does not exclude other solutions. Other properties of  
> TLS are desirable too, but they don't necessarily rise to the level of  
> mandatory to implement for me.

I think such requirement will immediately prompt development of  
HTTP/2-light without TLS for use in intra-data-center communications (and  
China and India).

/Martin Nilsson

Using Opera's revolutionary email client:

Received on Monday, 30 July 2012 17:14:52 UTC