Re: New Version Notification for draft-nottingham-http2-encryption-02.txt

Yep, that's been discussed a few times, it's an open question.

One possible use is that the server may want/need to know whether or not the client is validating the cert; e.g., a bank.


On 12 Dec 2013, at 2:04 pm, Paul Hoffman <> wrote:

> I'm still confused about "h2r". Why is the server offering this as something different than "h2t"? That is, if it is the client's choice whether or not to authenticate the server, why do you have this as something the server is offering?
> --Paul Hoffman

Mark Nottingham

Received on Thursday, 12 December 2013 04:52:52 UTC