- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Wed, 3 Sep 2014 13:49:13 -0700
- To: "Roy T. Fielding" <fielding@gbiv.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 3 September 2014 13:32, Roy T. Fielding <fielding@gbiv.com> wrote:
> A slight (editorial) suggestion:
>
> Connections that are made to an origin server, either directly or
> through a tunnel created using the <xref target="CONNECT">CONNECT method</xref>,
> MAY be reused for requests with different URI authority components
> if that origin server is also <xref target="authority">authoritative</xref>
> for those other authority components.
Thanks.
> though this begs the question: why is this a MAY instead of a
> MUST NOT ... unless X?
Mainly because they are basically the same in effect, but a positively
worded statements is easier to comprehend.
A MUST NOT would require two exclusions: one for connections directly
to proxies (easy) and the other for origin servers that offer
credentials that are valid for the other domain. It seems like a net
zero gain.
> First sentence seems a bit garbled.
That's because I botched up the copy paste in my haste. The text I
have is instead
For "https" resources, connection reuse additionally depends on
having a certificate that is valid for the host in the URI. A server
might offer a certificate [...]
> I suggest using "origin server" here instead of server.
Thanks.
>> ADD:
>> + A client that is configured to use a proxy directs
>> requests to that proxy through a
>> + single connection. That is, all requests sent via a
>> proxy reuse the connection to the
>> + proxy.
>
> In general, I don't think the protocol should specify such things.
> A proxy might not even be using HTTP to its clients, for example.
Would limiting the scope to a proxy *using HTTP/2* suffice? I think
that this is still of some use.
Received on Wednesday, 3 September 2014 20:49:41 UTC