- From: Michael Sweet <msweet@apple.com>
- Date: Mon, 09 Dec 2013 13:33:45 -0500
- To: Chris Burdess <dog@gnu.org>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Chris, On Dec 9, 2013, at 1:19 PM, Chris Burdess <dog@gnu.org> wrote: > ... > Obviously that isn't going to happen overnight, however it may well > happen before there is widespread deployed support for the current > NPN/ALPN proposal. In the meantime we want a confidentialy solution that > works. I propose that there be a standard STARTTLS-like HTTP Upgrade > mechanism that can convert the plaintext HTTP connection (on port 80) > not only to HTTP/2.0 but also start TLS. RFC 2817 defines how to upgrade a plaintext HTTP connection to TLS. Conceptually it could be combined with the plaintext HTTP/2.0 upgrade defined in the current draft - we'd just need to define the order of things when multiple upgrades are specified (i.e. TLS first, then the HTTP/2.0 startup sequence...) _______________________________________________________________ Michael Sweet, Senior Printing System Engineer, PWG Chair
Received on Monday, 9 December 2013 18:34:17 UTC