- From: David Krauss <potswa@gmail.com>
- Date: Fri, 27 Jun 2014 15:09:46 +0800
- To: Amos Jeffries <squid3@treenet.co.nz>
- Cc: ietf-http-wg@w3.org
On 2014–06–27, at 2:29 PM, Amos Jeffries <squid3@treenet.co.nz> wrote: > On 27/06/2014 2:22 p.m., Martin Thomson wrote: > >> It's different with headers. If we cap header size, then it becomes >> literally impossible to make some requests. > > HTTP/1.1 header size is capped at 64KB by Squid. Other implementators > previously stated 4KB, 8KB and 16KB caps. What is new? > > Ability to announce and negotiate a size will be added benefit for > HTTP/2 if accepted. +1. Ignoring literally 99.98% of usage (add more 9’s for the 64K limit) is not only a mistake, it’s against the rules of any sane governing body. Has anyone contacted the Kerberos guys? I know nothing about security but it makes sense that an authentication protocol wouldn’t worry about proxyability. Without proxies to worry about, the client can be sure that headers sent by HTTP/1 will only be received as HTTP/1, and authentication sent via HTTP/2 will only be received by a server expecting it. It becomes a non-issue. RFC 4559 appears to cover the culprit and appears to suggest that it is MSIE. Perhaps a Microsoft rep on this list can find out whether HTTP/2 support for SPNEGO Kerberos will be needed?
Received on Friday, 27 June 2014 07:10:08 UTC