Re: ORIGIN - suggested changes from Frederik Deweerdt on 2017-02-01 (ietf-http-wg@w3.org from January to March 2017)

From: Frederik Deweerdt <fdeweerdt@fastly.com>
Date: Wed, 1 Feb 2017 08:46:32 -0800
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAM8YLWn6Q7UhwfVoG7LT+-hyf5dBEOpnQds17BiXwq3NXYb0uw@mail.gmail.com>

Hello,

On Wed, Feb 1, 2017 at 2:11 AM, Martin Thomson <martin.thomson@gmail.com>
wrote:
[...]
> >   - Redefines the initial Origin Set as whatever SNI included (if
anything).
>
> If you do support this feature, the second change leads to having no
> valid origins initially if you don't use SNI.  It also could be read
> to prohibit coalescing as we do today.  Presumably the set is whatever
> we have today until you see an ORIGIN frame.  You should probably say
> something about that.
>

I'm confused by the "if you don't use SNI part", how can that happen with
RFC 7540, 9.2. stating:
+    The TLS implementation MUST support the Server Name Indication (SNI)
+    [TLS-EXT] extension to TLS.  HTTP/2 clients MUST indicate the target

I've seen HTTP/2 servers reject the connection if the client doesn't send
an SNI.

Frederik

Received on Wednesday, 1 February 2017 16:47:06 UTC