W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: The first settings

From: Takeshi Yoshino <tyoshino@google.com>
Date: Fri, 28 Feb 2014 06:28:00 +0900
Message-ID: <CAH9hSJbY7cYGVoM2EssE8r0+MkmJhwxXQS2sX7xN12vtZkJM8g@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Kazu Yamamoto <kazu@iij.ad.jp>, HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Feb 28, 2014 at 3:25 AM, Martin Thomson <martin.thomson@gmail.com>wrote:

> On 26 February 2014 21:14, Kazu Yamamoto <kazu@iij.ad.jp> wrote:
> > are MUST for Upgrade but optional for Direct and TLS?
> There's an asymmetry between Upgrade and the other modes.  In Upgrade,
> the server gets the first opportunity to send it's SETTINGS.  That
> means that clients are potentially exposed to the default values of
> these values, but only if they Upgrade.

It seems you're again explaining just the reason why we have the
HTTP2-Settings field in the Upgrade request. Sorry if it's just my bad.

Even when to start HTTP2 w/ prior knowledge, if the SETTINGS following the
client preface doesn't contain those parameters like an empty SETTINGS
frame as Cory mentioned, the clients are exposed to the default values. I
think Kazu is wondering why those two parameters are not also mandated for
such a preface SETTINGS frame exchanged in non-Upgrade modes.
Received on Thursday, 27 February 2014 21:28:48 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC