Re: Is HTTP/1.0 still relevant? from Sergey Ponomarev on 2020-09-04 (ietf-http-wg@w3.org from July to September 2020)

From: Sergey Ponomarev <stokito@gmail.com>
Date: Fri, 4 Sep 2020 10:40:26 +0300
To: Daniel Stenberg <daniel@haxx.se>
Cc: Stefan Eissing <stefan.eissing@greenbytes.de>, Eric J Bowman <mellowmutt@zoho.com>, Willy Tarreau <w@1wt.eu>, Ietf Http Wg <ietf-http-wg@w3.org>
Message-ID: <CADR0UcXRFt8NCLgF0ExhXR8bWnYv63rxQo-XxmnJuHmSjFU-YQ@mail.gmail.com>

JFYI: current version BysyBox httpd web server for embedded devices uses
HTTP/1.0. If you are using Ubuntu you can run it locally `busybox httpd -h
/var/www -p 8080`.
But in the next release it will be upgraded to HTTP/1.1.
Chrome doesn't send cache validation headers like If-Modified-Since and
If-None-Match if previously it received the page with old HTTP/1.0.

If you are just implementing a web server then you can only implement
HTTP/1.1. It was released in 1999 and all clients support it. Even if a
client receives a header that it doesn't know it will ignore it.

On Fri, 4 Sep 2020 at 10:24, Daniel Stenberg <daniel@haxx.se> wrote:

> On Fri, 4 Sep 2020, Stefan Eissing wrote:
>
> > Many existing OCSP clients in servers (*cough*), use HTTP/1.0 to staple
> > certificates. I have no data from the IoT devices of the world, but I
> would
> > suspect many of them will do as well.
>
> On "IoT devices", meaning things that are smaller than what can
> comfortably
> run Linux, "HTTP(S) clients" are often the RTOS vendor's 100 lines of C
> code
> without error checks full of dirty assumptions which can only be
> considered
> HTTP/1.0 at best...
>
> Luckily, such devices often use a specific subset of servers for
> particular
> purposes so most of those won't randomly go using servers "in the wild".
>
> --
>
>   / daniel.haxx.se
>
>

-- 
Sergey Ponomarev <https://linkedin.com/in/stokito>, skype:stokito

Received on Friday, 4 September 2020 07:41:15 UTC