- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Fri, 24 Jun 2016 15:55:06 +1200
- To: ietf-http-wg@w3.org
On 24/06/2016 11:52 a.m., Mike Bishop wrote: > Kari's feedback, I'll let him weigh in with his own opinion. > > As I understand the issue, I think removing "tls-ports" from this > particular example is sufficient. As noted, there's nothing that > breaks if they're both present (so normative prohibition probably not > needed); it's just silly to do so, and we shouldn't encourage it by > including it in an example. It seems to me that this use of tls-ports is a mechanism to say that both an authenticated path is available and certain ports are *not* safe to use that way. The parameter name is just very odd for that meaning. Use case would along the lines of a load balancer sitting in front of the server diverts those ports somewhere else special that has authentication but not for the service wanted. (just throwing up wild ideas in case nones thought about it yet). Amos
Received on Friday, 24 June 2016 03:55:49 UTC