Gorry Fairhurst's No Objection on draft-ietf-httpbis-optimistic-upgrade-05: (with COMMENT)

Gorry Fairhurst has entered the following ballot position for
draft-ietf-httpbis-optimistic-upgrade-05: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-optimistic-upgrade/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thank you for providing this useful update around linking both the old and new
http worlds.

I have two comments for consideration:

1. I *think* the only normaltive change is in section 5.3, to me it would be
super-helpful if this was up-front so it cannot be lost.  I wonder if a few
sentences in section 1 could tell the reader: * There is a review of the
background and security issues * Consideration of the impact on HTTP Upgrade
with Existing Upgrade Tokens - including normative changes in section 5.3 *
Guidance for future use of upgrade tokens and the use of HTTP CONNECT.

2. In a similar vein, for the abstract:

The current abstract says the document "discusses the security considerations"
..., and "updates RFC 9112 and RFC 9298 to avoid related security issues". That
seems true, but I wonder if it is worth saying "updates the requirements in RFC
9112 and RFC 9298 to avoid related security issues". I'd be really sad if
someone glanced at the abstract and skipped it thinking it was a security
discussion rather than something they needed to action.

Received on Thursday, 11 September 2025 09:28:02 UTC