- From: 陈智昌 <willchan@chromium.org>
- Date: Tue, 26 Feb 2013 19:43:47 -0800
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAA4WUYgGD2XWRH0xXYJOR7zY16hf2w+d4XTVk8_rx+DV5iG3Ug@mail.gmail.com>
I agree with the outcome of this thread (always requiring magic). On Thu, Feb 21, 2013 at 1:11 AM, Mark Nottingham <mnot@mnot.net> wrote: > Based upon discussion both at the Interim and subsequently, this is where > I think we are for the upgrade/negotiation process, at least in terms of > the 1st implementation draft: > > 1. HTTPS URLs > - use NPN (or its replacement); uses OPAQUE TOKEN to negotiate > - NO magic > - SETTINGS first > > 2. HTTP URLs > > a. existing connection / new connection without context > - Upgrade Dance; uses OPAQUE TOKEN to negotiate > - NO magic > - SETTINGS first > > b. new connection with context (e.g., because you used DNS hint, header > hint, prior knowledge) > - NO upgrade dance > - Magic > - SETTINGS first > QQ over here. Is this assuming only unencrypted HTTP/2? I believe Patrick was hoping to bootstrap serving http:// URLs via HTTP/2 over SSL, using the external discovery mechanism (DNS most likely). If so, I'm unclear on whether or not we need to describe behavior WRT TLS-NPNesque negotiation. Perhaps we should fork the thread for this... > The decision as to whether to use 2(a) or 2(b) in a particular situation > is up to implementations, but of course we'll give (non-normative) guidance. > > Does this make sense to everyone? > > Regards, > > > -- > Mark Nottingham http://www.mnot.net/ > > > > >
Received on Wednesday, 27 February 2013 03:44:15 UTC