- From: Mike Bishop <Michael.Bishop@microsoft.com>
- Date: Tue, 19 Jan 2016 16:20:23 +0000
- To: Mark Nottingham <mnot@mnot.net>, Patrick McManus <pmcmanus@mozilla.com>
- CC: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Barry Leiba <barryleiba@computer.org>, "Julian F. Reschke" <julian.reschke@gmx.de>, "draft-ietf-httpbis-alt-svc@ietf.org" <draft-ietf-httpbis-alt-svc@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Still not wild about the character-for-character part, but as noted, that's off the critical path by moving to Opp-Sec. The Alt-Svc changes work for me. -----Original Message----- From: Mark Nottingham [mailto:mnot@mnot.net] Sent: Monday, January 18, 2016 4:40 PM To: Patrick McManus <pmcmanus@mozilla.com> Cc: Kari Hurtta <hurtta-ietf@elmme-mailer.org>; Stephen Farrell <stephen.farrell@cs.tcd.ie>; Mike Bishop <Michael.Bishop@microsoft.com>; Barry Leiba <barryleiba@computer.org>; Julian F. Reschke <julian.reschke@gmx.de>; draft-ietf-httpbis-alt-svc@ietf.org; HTTP Working Group <ietf-http-wg@w3.org> Subject: Re: non authenticated alternate services (was Re: AD review of draft-ietf-httpbis-alt-svc-10) > On 19 Jan 2016, at 10:15 am, Mark Nottingham <mnot@mnot.net> wrote: > > >> On 19 Jan 2016, at 7:32 am, Patrick McManus <pmcmanus@mozilla.com> wrote: >> >>> If the phrase "strong authentication" is making this hard to understand, we might use something else (e.g., "have reasonable assurances that the alternative service is under control of the origin"). >> >> that's better. maybe tweak with the "valid for the whole origin" concept? That would certainly include both valid cert as well as the .wk approach.. > > WFM. I'll update the branch. Diff from current ED here: https://github.com/httpwg/http-extensions/compare/altsvc-samehost?diff=split&name=altsvc-samehost -- Mark Nottingham https://www.mnot.net/
Received on Tuesday, 19 January 2016 16:20:55 UTC