- From: Mark Nottingham <mnot@mnot.net>
- Date: Fri, 26 Feb 2016 18:29:48 +1100
- To: "Julian F. Reschke" <julian.reschke@greenbytes.de>, Barry Leiba <barryleiba@computer.org>
- Cc: Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP WG <ietf-http-wg@w3.org>
> On 26 Feb 2016, at 6:26 PM, Julian Reschke <julian.reschke@greenbytes.de> wrote: > > On 2016-02-26 01:56, Mark Nottingham wrote: >> I've taken a stab at this: >> https://github.com/httpwg/http-extensions/commit/f1024d233157e >> >> Please review. >> >> Cheers, > > That says: > >> For the purposes of this document, "reasonable assurances" can be >> established through use of a TLS-based protocol with the certificate >> checks defined in [RFC2818]. Other means of establishing them MUST >> be documented in an RFC that updates this specification. Clients MAY >> impose additional criteria for establishing reasonable assurances. > > As far as I understand, this is a hook for draft-ietf-httpbis-http2-encryption-03, which is currently labeled "experimental". It is my understanding that experimental RFCs will have a hard time "updating" a standards-track RFC, though... Barry, any insights here? -- Mark Nottingham https://www.mnot.net/
Received on Friday, 26 February 2016 07:30:22 UTC