- From: Salvatore Loreto <salvatore.loreto@ericsson.com>
- Date: Mon, 24 Feb 2014 09:35:19 +0000
- To: Amos Jeffries <squid3@treenet.co.nz>
- CC: "<ietf-http-wg@w3.org>" <ietf-http-wg@w3.org>
On Feb 24, 2014, at 11:05 AM, Amos Jeffries <squid3@treenet.co.nz> wrote: > On 24/02/2014 7:37 p.m., Mark Nottingham wrote: >> >> On 24 Feb 2014, at 5:35 pm, William Chan (陈智昌) <willchan@chromium.org> wrote: >> >>> I don't think that there's anything HTTP/2 specific about "secure" proxies. >> >> That's kind of what I'm getting at… I tend to agree... the only thing that can be seen as strictly related even if not specific is the usage of http URIs over TLS and the role of "secure" proxies in the http URIs over TLS flow >> >>> Should we decouple it and just standardize it separately from HTTP/2 (although I think it's likely that the HTTP/2 spec may want to reference it)? >> >> Well, my point was that I wasn't even sure it's something "we" need to do (i.e., this WG). What actually would need to be written down? >> > > I think a BCP statement that connections to explicit proxy should be > doen or at least allowed to use a TLS encrypted connection. > Along with a list of the current explicit proxy discovery mechanisms in > use and how TLS should be signalled in each (ie. environment variable > http_proxy="https://..." vs. https_proxy="...") > > Guidance for implementers to follow that will provide interoperable code. I agree with Amos here that seems to be something reasonable to have in the main spec… but it would be great also to have a separate draft talking about new discovery mechanisms and the proxy interaction br Salvatore > > Amos >
Received on Monday, 24 February 2014 09:35:47 UTC