- From: James Cloos <cloos@jhcloos.com>
- Date: Wed, 23 Apr 2014 13:17:33 -0400
- To: Matthew Kerwin <matthew@kerwin.net.au>
- Cc: William Chan (ιζΊζ) <willchan@chromium.org>, Patrick McManus <pmcmanus@mozilla.com>, K.Morgan@iaea.org, Mark Nottingham <mnot@mnot.net>, Julian Reschke <julian.reschke@gmx.de>, Daniel Stenberg <daniel@haxx.se>, HTTP Working Group <ietf-http-wg@w3.org>, C.Brunhuber@iaea.org, Roland Zink <roland@zinks.de>
There is another good reason to remove the implicit c-e, AFAICT, all of the browser vendors have refused to do HTTP/2.0 outside of tls. As such they will avoid the implicit c-e's declared raison d' etre anyway. Any intermediary which can MitM the tls will fubar things no matter what an rfc specifies. -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Received on Wednesday, 23 April 2014 17:21:09 UTC