httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <ste...@eissing.org>
Subject Re: svn commit: r1732027 - /httpd/httpd/trunk/docs/manual/mod/mod_http2.xml
Date Wed, 24 Feb 2016 09:11:37 GMT

> Am 24.02.2016 um 08:12 schrieb elukey@apache.org:
> 
> +
> +        <p><code>h2</code> (HTTP/2 over TLS) is the preferred connection
scheme chosen by browsers up to now, but the HTTP/2 protocol <a href="https://http2.github.io/faq/#does-http2-require-encryption">does
not require</a> the use of encryption. To enable <code>h2c</code> (HTTP/2
over TCP) please check the <directive module="mod_http2">H2Direct</directive>
directive first.</p>
> +
> +        <p>Refer to the official <a href="https://http2.github.io/faq">HTTP/2
FAQ</a> for any doubt about the protocol.</p>

Yes and no. "H2Direct" use is orthogonal to "Protocols" settings. So, the following combinations
are all fine:

# in a vhost using TLS, this allows h2 negotiation via ALPN *and*, 
# if the client does not talk ALPN, via HTTP/2 preamble checking 
# (the "direct" mode)
    Protocols h2 http/1.1
    H2Direct on

# in a non-TLS server (vhost not possible since without TLS connection 
# does not indicate a server name), this allows "Upgrade:" to h2c and 
# disables the direct mode. So, a client wanting to talk HTTP/2 *needs* 
# to Upgrade. 
    Protocols h2c http/1.1
    H2Direct off

# As a default setting on a server, will enable HTTP/2 for TLS and 
# non-TLS connections. The default allow Direct mode on non-TLS and 
# will not sniff for Direct on TLS connections.
    Protocols h2 h2c http/1.1

Hope this helps. Questions welcome.

-Stefan
Mime
View raw message