> On Jun 7, 2018, at 3:13 AM, Patrick McManus <pmcmanus@mozilla.com> wrote: > > Hi Ben, thanks for the review - > > > On Wed, Jun 6, 2018 at 9:36 PM, Ben Campbell <ben@nostrum.com> wrote: > > Substantive: > §5: Is the scheme pseudo-header expected to match the security status of the > existing connection? > > > 7540 indicates the security requirements for carrying https or http schemes, which conveniently are the schemes used by this draft. > Okay, let me check my understanding here. If I want to setup a tunnel for “wss” , :scheme must be https, and that’s only possible if the connection for the stream is running over TLS. And you are also disallowed to setup a tunnel for “ws” if the stream is running over a connection setup for HTTPS? > The draft doesn't require that you use the connection that the markup was received on - though that's obviously desirable when possible. I’m a bit confused by that statement. I understand this mechanism to upgrade an existing stream to WebSocket. How would you do that on a different connection? > > Editorial: > §4, first bullet: This sort of deep link into the IANA registries makes it hard > for them to evolve their registry organization over time. Please consider > referencing the registry by name. > > > Julian replied here, and the current reference style is based on a last call comment from him. If you believe this needs to be changed after that discussion please flag explicitly so we can get the right people together. Personally, I'm agnostic on the issue. > I can live with it as is. Thanks! Ben.
Received on Thursday, 7 June 2018 22:01:55 UTC