httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <>
Subject Re: RFC 7540 (HTTP/2) wrt reusable connections and SNI
Date Tue, 09 Jun 2015 17:43:59 GMT
> On Jun 9, 2015, at 3:42 AM, Yann Ylavic <> wrote:
> It just needed to get out :)
> But I agree that since we are to implement the RFC, we must comply,
> and find a way to still comply with HTTP/1.
> Both checks on SNI and renegotiation occur in the post_read_request
> hook, so we should be able to deal with vhost's parameters (configured
> Protocols, ProtocolTransports...), and do the right thing.
> On Tue, Jun 9, 2015 at 12:09 PM, Stefan Eissing
> <> wrote:
>> Yann, I am with you and feel at least unease about this mixing.
>> But the RFC has been approved and browsers will adhere to it. So if we do not enforce
some policies in the server, connections will fail for mysterious reasons. And tickets will
be raised...

Well, don't be too hasty.  There are a number of requirements in the RFC that
have nothing to do with HTTP and should be summarily ignored in the core implementation.
There are other requirements in the RFC that might turn out to be wrong or unnecessary,
just as we found in RFC2068, and it is our task to implement what works and change
the RFCs later.

However, the server as a whole should be configurable to be compliant (by default)
in the relevant code.  All of the requirements around TLS, for example, need to be
available in the SSL configs, but it is not h2's responsibility to ensure that it
has an RFC7540-compliant TLS config.  That is the admin's responsibility/choice.

WRT renegotiation, it is fair to say that the WG punted on the idea due to lack of time.
If someone figures out a way to safely renegotiate an h2 connection (and all of its
streams), then go ahead and implement it, describe it in an I-D, and submit it to
the httpbis WG.  There is nothing wrong with Apache leading by example.



View raw message