[mdx] Joe on section 2.1
Ian Young
ian at iay.org.uk
Thu Sep 26 08:00:54 PDT 2013
Joe:
> -- 2.1 requires ("MUST") use HTTP version 1.1 per RFC2616, but 5.1
> urges ("RECOMMEND[S]") use of SSL/TLS at the transport layer,
> among other possible options. Does the requirement for HTTP 1.1
> per RFC2616 preclude SSL/TLS per RFC5246?
Leif:
> Good point. Suggest we reformulate to make it clear those
> are not exclusive
There was no dissent on this question as far as I can see. Personally, I don't understand why HTTP 1.1 should preclude TLS 1.2 per RFC5246, but perhaps someone can explain why they think that might be the implication.
If it is indeed unclear, I'm open to suggestions as to how to clarify this?
Joe:
> Will the 2.1 specific requirement that HTTP 1.1 *in particular*
> be used become problematic as the HTTP spec evolves? For example,
> I notice that the HTTPbis Working Group actually kicked out a
> dash 6 rev for the HTTP v2 spec just yesterday, see
> http://www.ietf.org/id/draft-ietf-httpbis-http2-06.txt (so I'm
> hopeful that at some point we'll move beyond RFC2616)
Leif:
> Agree. Lets say "HTTP 1.1 or later"
Again, no objection seen and it sounds sensible to me as long as there is no implication that there is a requirement on the server to implement later versions of HTTP.
Comments welcome on whether just adding "or later" is the appropriate change here.
-- Ian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20130926/b823453f/smime.p7s>
More information about the mdx
mailing list