W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: HTTPS 2.0 without TLS extension?

From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Date: Mon, 22 Jul 2013 22:24:13 +0300
To: Zhong Yu <zhong.j.yu@gmail.com>
Cc: Mike Belshe <mike@belshe.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20130722192413.GA9158@LK-Perkele-VII>
On Mon, Jul 22, 2013 at 11:47:48AM -0500, Zhong Yu wrote:
> Suppose a TLS connection is established without ALPN. Then an HTTP/1.1
> request is sent over with Upgrade: HTTP/2.0. How should the server
> respond?
<snip>

There's also second abnormal case:
TLS handshake without ALPN, but the application data starts with
HTTP/2.0 magic...

> Though "Upgrade" mechanism is less ideal than ALPN, since the server
> must support it anyway on TCP connections, I don't see why we should
> forbid it on TLS connections.

What about servers that are not willing to implement upgrade (it is fair
amount of complexity)?

I.e. is there path to totally obsolete HTTP/1.1 in the far future?

-Ilari
Received on Monday, 22 July 2013 19:24:38 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:14 UTC