Re: Call for Proposals re: #314 HTTP2 and http:// URIs on the "open" internet from Eliot Lear on 2013-11-20 (ietf-http-wg@w3.org from October to December 2013)

From: Eliot Lear <lear@cisco.com>
Date: Wed, 20 Nov 2013 07:06:59 +0100
To: Roberto Peon <grmocg@gmail.com>, James M Snell <jasnell@gmail.com>
CC: Mark Nottingham <mnot@mnot.net>, Bjoern Hoehrmann <derhoermi@gmx.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <528C5183.5090402@cisco.com>

Roberto,

On 11/20/13 4:57 AM, Roberto Peon wrote:
> How about:
> HTTPS schemed URLs MUST be sent on an authenticated TLS channel.
> HTTP schemed URLs MAY be sent as unencrypted HTTP2 plaintext, or may
> be sent over a TLS channel.

s/TLS channel/via TLS atop the same port/

?
>
> If a server does not wish to handle HTTP schemed URLs over a TLS
> channel, it MUST reject these requests with a RST_STREAM or GOAWAY
> with an error code that indicates that the server does not support
> HTTP schemed URLs on port 443.
> -=R
I'm a little concerned about backward compatibility with this approach. 
There do exist many web sites that offer different content today on the
two ports.  Are you suggesting that they would become non-compliant?

Eliot

Received on Wednesday, 20 November 2013 06:07:32 UTC