draft-ietf-httpbis-http2-encryption (was wrong draft) | Re: (rephrasing, sorry for duplicate) | Re: draft-ietf-httpbis-encryption-encoding from Kari Hurtta on 2017-01-11 (ietf-http-wg@w3.org from January to March 2017)

From: Kari Hurtta <hurtta-ietf@elmme-mailer.org>
Date: Wed, 11 Jan 2017 08:37:44 +0200 (EET)
To: Martin Thomson <martin.thomson@gmail.com>
CC: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP working group mailing list <ietf-http-wg@w3.org>
Message-Id: <201701110637.v0B6bij1011488@shell.siilo.fmi.fi>

Martin Thomson <martin.thomson@gmail.com>: (Wed Jan 11 00:29:30 2017)
> On the one hand, if a server advertises alternatives that are broken,
> that really is a server problem.  On the other, clients do these sorts
> of things all the time to improve robustness, so that's entirely
> reasonable to do.  I just don't think we need to *require* it.

Yes, client needs that "Opportunistic Security for HTTP"
(draft-ietf-httpbis-http2-encryption) only to improve robustness.

Otherwise "HTTP Alternative Services" (RFC7838) is enough.

( Seems that I have "draft-ietf-httpbis-encryption-encoding"
  on subject when it should be "draft-ietf-httpbis-http2-encryption".
  Paste error? )

On the other hand "Opportunistic Security for HTTP" need specify
only that part where collaboration between client and server
is needed.

/ Kari Hurtta

Received on Wednesday, 11 January 2017 06:38:22 UTC