Re: 2 questions

On 30.03.2015 10:45, Amos Jeffries wrote:
> On 30/03/2015 12:34 a.m., Walter H. wrote:
>> On 29.03.2015 03:19, Constantine A. Murenin wrote:
>>> On 2015-03-28 7:43, Glen wrote:
>>>> 1. What were the reasons for HTTP/2 not requiring TLS?
>>>>
>>>> Is there a significant performance consideration, is it related to
>>>> the cost of certificates (which is now fairly low or even free), or
>>>> are there other technical reasons?
>>> This is incorrect.  The cost of certificates for webmasters is not
>>> "fairly low or even free".
>> In fact they are fairly low or even free, because nobody tells you
>> buying at the most expensive dealer ;-)
>>
>> just try e.g. StartCom ;-)
> Tried that. Got a far as where their Terms and Conditions forbid me from
> getting certs on behalf of my clients.
can't your clients do this for themselves?
(didn't you think, that when someone offers something really for free, 
that it may not be reselled ...)
>>> Think of all the consumer electronic devices like the 15 USD 802.11n
>>> wireless routers -- who's going to be paying for their certificates?
>> any cheap routing box, either with WLAN or not does use self-signed
>> certificates; and business environments have different use cases and/or
>> hardware;
>> and there they can have their own CA, too ...
> Go ahead. Try it. The modern browsers will all throw up confusing
> looking popups about security thingys,
I have no problems doing this ...
>   red stop signs, unlocked padlocks, etc in front of their users on each request using self-signed
> certs and
using just a self signed CA cert in e.g. squid is not enough ...
>   Chrome will not even permit the device control pages to be opened.
a default setting, I'm using Chrome because of heavy security bugs in 
newer FF releases ...