Re: New Version Notification for draft-nottingham-http2-encryption-03.txt from Salvatore Loreto on 2014-05-21 (ietf-http-wg@w3.org from April to June 2014)

From: Salvatore Loreto <salvatore.loreto@ericsson.com>
Date: Wed, 21 May 2014 04:37:03 +0000
To: Mark Nottingham <mnot@mnot.net>
CC: HTTP Working Group <ietf-http-wg@w3.org>, Martin Thomson <martin.thomson@gmail.com>
Message-ID: <1A377DCF-F21B-4302-BEB5-4221E2BFA5D3@ericsson.com>

thanks for working on this, I do believe it is really important

one clarification about it usages in http2 

If I understand correctly the draft 
a browser asking for http:// URI (no matter if using http/1.1 or http2) may get back an answer with an alt-svc: h2 
in that case the will start a TLS connection (with a an ALPN value of h2) towards the server exactly as per any http2;
the only difference will be that the browser will not check the certificate
so there won't be any difference on the wire only a different behaviour within the browser
isn't it?

br
/Salvatore


On May 20, 2014, at 6:42 AM, Mark Nottingham <mnot@mnot.net> wrote:

> FYI - Martin went away and did some substantial revision of this draft, and is now an author.
> 
> Regards,
> 
> 
> Begin forwarded message:
> 
>> From: internet-drafts@ietf.org
>> Subject: New Version Notification for draft-nottingham-http2-encryption-03.txt
>> Date: 20 May 2014 1:40:54 pm AEST
>> To: "Mark Nottingham" <mnot@mnot.net>, Martin Thomson <martin.thomson@gmail.com>, "Martin Thomson" <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>
>> 
>> 
>> A new version of I-D, draft-nottingham-http2-encryption-03.txt
>> has been successfully submitted by Mark Nottingham and posted to the
>> IETF repository.
>> 
>> Name:		draft-nottingham-http2-encryption
>> Revision:	03
>> Title:		Opportunistic Encryption for HTTP URIs
>> Document date:	2014-05-20
>> Group:		Individual Submission
>> Pages:		9
>> URL:            http://www.ietf.org/internet-drafts/draft-nottingham-http2-encryption-03.txt
>> Status:         https://datatracker.ietf.org/doc/draft-nottingham-http2-encryption/
>> Htmlized:       http://tools.ietf.org/html/draft-nottingham-http2-encryption-03
>> Diff:           http://www.ietf.org/rfcdiff?url2=draft-nottingham-http2-encryption-03
>> 
>> Abstract:
>> This describes how "http" URIs can be accessed using Transport Layer
>> Security (TLS) to mitigate pervasive monitoring attacks.
>> 
>> 
>> 
>> 
>> Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at tools.ietf.org.
>> 
>> The IETF Secretariat
>> 
> 
> --
> Mark Nottingham   http://www.mnot.net/
> 
> 
> 
>

Received on Wednesday, 21 May 2014 04:37:31 UTC