draft-ietf-httpbis-http2-encryption (was wrong draft) | Re: (rephrasing, sorry for duplicate) | Re: draft-ietf-httpbis-encryption-encoding

Martin Thomson <martin.thomson@gmail.com>: (Wed Jan 11 00:29:30 2017)
> On the one hand, if a server advertises alternatives that are broken,
> that really is a server problem.  On the other, clients do these sorts
> of things all the time to improve robustness, so that's entirely
> reasonable to do.  I just don't think we need to *require* it.

Yes, client needs that "Opportunistic Security for HTTP"
(draft-ietf-httpbis-http2-encryption) only to improve robustness.

Otherwise "HTTP Alternative Services" (RFC7838) is enough.

( Seems that I have "draft-ietf-httpbis-encryption-encoding"
  on subject when it should be "draft-ietf-httpbis-http2-encryption".
  Paste error? )

On the other hand "Opportunistic Security for HTTP" need specify
only that part where collaboration between client and server
is needed.

/ Kari Hurtta

Received on Wednesday, 11 January 2017 06:38:22 UTC