- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 13 Aug 2015 19:00:24 +0200
- To: ietf-http-wg@w3.org
On 2015-08-05 20:48, Julian Reschke wrote: > <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-alt-svc-latest.html#rfc.section.9.5>: > > > "Alternative Services MUST NOT be advertised for a protocol that is not > designed to carry the scheme. In particular, HTTP/1.1 over TLS cannot > carry safely requests for http resources." > > ...which refers to the :scheme pseudo header field in HTTP/2 > (<http://greenbytes.de/tech/webdav/rfc7540.html#HttpRequest>). > > As far as I recall the intention of the statement above is to avoid that > when alt-svc is used to move http traffic to a TLSsy port such as 443, > the alternative server gets confused about whether it's serving HTTP or > HTTPS. > > Recently two questions come up related to this, one raised by Stefan > Eissing in the context of mod_h2, one off-line by people trying to use > alt-svc for a case we may have not considered. > > 1) In reality, even when the protocol *does* carry the scheme (such as > in HTTP/2), the *application* (think PHP running on top of Apache httpd) > is so distant from the actual server stack that it wouldn't have that > information. This is especially true as long many servers shield > applications from any knowledge about whether they are accessed over > HTTP/1.1 or HTTP/2. (Speaking of which, HTTP/1.1 can carry this > information as well, see > <http://greenbytes.de/tech/webdav/rfc7230.html#absolute-form>). Now <https://github.com/httpwg/http-extensions/issues/91>. > 2) The clause seems to be less relevant when alt-svc is used to > load-balance HTTP/1.1 http*s* traffic. Now <https://github.com/httpwg/http-extensions/issues/92>. Best regards, Julian
Received on Thursday, 13 August 2015 17:00:55 UTC