W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Encouraging a healthy HTTP/2 ecosystem

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Thu, 03 Jul 2014 06:34:34 +0000
To: Yoav Nir <ynir.ietf@gmail.com>
cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <79221.1404369274@critter.freebsd.dk>
In message <7DB719C0-E22C-4954-9A72-3571C7193113@gmail.com>, Yoav Nir writes:

>Why would anyone deploy a website over SCTP then?

Because the carrot was big enough ?

If for instance HTTP/SCTP increased sales 10% in your webshop, that
would surely do it.  Not that I know how that would ever happen.

It should be borne in mind that there is a cost to even attempting:

Most of us are still carrying code around to handle HTTP/1.0 and that
code is seldom used and subject to code-rot and consequent security

More protocols -> more code -> more bugs -> more security holes.

In that light it was good that HTTP/SCTP never grew to any relevant
size:  It would be terrible to have to keep it around just for one
or two unescapable killer applications.

(Denmarks National identification system "NemID" is just now wiggling
out of the mandatory java-applet, ask any dane how much pain that
has been!)

Ideally our goal for any new HTTP version should have been to
outcompete all previous versions, with a simpler, faster and more
robust codebase, so that we ended up with less code and, fewer bugs
and better security in the long run.

But it is not obvious that will ever be possible: HTTP/1.1 became
a success for many good reasons.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 3 July 2014 06:34:59 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:35 UTC