Return-Path: <dev-return-86613-archive-asf-public=cust-asf.ponee.io@httpd.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 55D4E200B2D
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 16 Jun 2016 14:00:47 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 54500160A52; Thu, 16 Jun 2016 12:00:47 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 9E406160A51
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 16 Jun 2016 14:00:46 +0200 (CEST)
Received: (qmail 22393 invoked by uid 500); 16 Jun 2016 12:00:45 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 22342 invoked by uid 99); 16 Jun 2016 12:00:45 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 16 Jun 2016 12:00:45 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 3A46FC2853
	for <dev@httpd.apache.org>; Thu, 16 Jun 2016 12:00:45 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -1.527
X-Spam-Level: 
X-Spam-Status: No, score=-1.527 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=greenbytes.de header.b=CtnkhGvD;
	dkim=pass (1024-bit key) header.d=greenbytes.de header.b=G/iPE/e4
Received: from mx2-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id HiB5xIpltSeX for <dev@httpd.apache.org>;
	Thu, 16 Jun 2016 12:00:43 +0000 (UTC)
Received: from mail.greenbytes.de (mail.greenbytes.de [5.10.171.186])
	by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id 7E9DD5F298
	for <dev@httpd.apache.org>; Thu, 16 Jun 2016 12:00:42 +0000 (UTC)
Received: by mail.greenbytes.de (Postfix, from userid 117)
	id 55B9A15A0620; Thu, 16 Jun 2016 14:00:35 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=greenbytes.de; s=mail;
	t=1466078435; bh=bEfPx/R1rosyx9+n0bFG6aw1iRqPRPFlkAhE87nwbp8=;
	h=Subject:From:In-Reply-To:Date:References:To:From;
	b=CtnkhGvDVwRt+VSMwMF29wbbb7iOGQ142czjeX2YGhyBHUVZE29T8t/tE/zVnpLms
	 XkzGpJflo4pJ+zTxzl7m5YVaKitUnwMDUTYyoelMz2AGD8/YjFJeEs0yjls4CUNuUu
	 zG2HL+oc7cb4T2Z8exypQNaXZU91oP/W04OCJEFo=
Received: from [192.168.1.42] (unknown [192.168.1.1])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by mail.greenbytes.de (Postfix) with ESMTPSA id D2FC015A0448
	for <dev@httpd.apache.org>; Thu, 16 Jun 2016 14:00:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=greenbytes.de; s=mail;
	t=1466078434; bh=bEfPx/R1rosyx9+n0bFG6aw1iRqPRPFlkAhE87nwbp8=;
	h=Subject:From:In-Reply-To:Date:References:To:From;
	b=G/iPE/e4NxAnAswVP+5rjPWBnrbFSLuWFWjekmzXgDmB+d15xbqWeQZnHSb4sIFy4
	 1uLXAE1vq2UkkN2Aavc8GwJs3R05H44XOzjuQIswupNbdsmkIzM865UvdSyAyV29cL
	 edDHENRYUbN1FVi7tBRm2ZhH6GuXwfRho36k7JFw=
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Subject: Re: "Upgrade: h2" header for HTTP/1.1 via TLS (Bug 59311)
From: Stefan Eissing <stefan.eissing@greenbytes.de>
In-Reply-To: <CACsi251+a9oKxx5avZx8GUns-iFwG4U1=o4o9qBomVCMt6=zoA@mail.gmail.com>
Date: Thu, 16 Jun 2016 14:00:45 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <68D545A1-68D4-442A-B286-5B236FB4AA01@greenbytes.de>
References: <20160419144710.Horde.fEyz_FnLQe5b-8glHPB0ySG@webmail.michael-kaufmann.ch> <CACsi252Zc8SqBbW+gPUngUiZWX9gV6P0KRNQEj0ooQ6ebHS0wQ@mail.gmail.com> <CE051216-EAA0-4ED5-8132-90EEF2BB021A@greenbytes.de> <CACsi251ncQCkB+dM-Gd9k4HP8uppo+5Ke+DPxAAhh99a6kN8iA@mail.gmail.com> <20160609225218.Horde.El_vB3E_HAGC8AX_DHoPc1R@webmail.michael-kaufmann.ch> <CACsi25341fFid-yTu31H369qQdCnUp7Ti1V+T5iPm3iksZO=Xw@mail.gmail.com> <B388B626-2EC2-4F67-B418-98F8DF8D3968@greenbytes.de> <CACsi251E_DoG-xoHL-Y5bKFWwNouDGZYbadyemB2TCfFbNUH6g@mail.gmail.com> <CACsi253__TGTp7F1=o0_bhz7mV_6ryJra=kbwuM8x-SSEfKd=w@mail.gmail.com> <5761D770.1080409@gmail.com> <7FBF986F-55AC-44B8-9079-84E3EB14C1DB@greenbytes.de> <CACsi251+a9oKxx5avZx8GUns-iFwG4U1=o4o9qBomVCMt6=zoA@mail.gmail.com>
To: dev@httpd.apache.org
X-Mailer: Apple Mail (2.3124)
archived-at: Thu, 16 Jun 2016 12:00:47 -0000

Totally agree. This is all post 2.4.21 with the "Header unset Upgrade" =
available as workaround for 2.4.21.

> Am 16.06.2016 um 13:56 schrieb William A Rowe Jr =
<wrowe@rowe-clan.net>:
>=20
>=20
> On Jun 16, 2016 3:30 AM, "Stefan Eissing" =
<stefan.eissing@greenbytes.de> wrote:
> >
> > There are three things to address, one core related and one HTTP/2 =
related:
> >
> > 1. The whole discussion arose, because there are clients that =
seriously choke on
> >    *any* Upgrade: response header. No matter what tokens it =
contains. Those *can* now
> >    be addressed via mod_header with a "Header unset Upgrade" =
directive.
>=20
> I agree this is the workaround for broken clients.  Using SetEnvIf, =
this can even be conditional on said broken clients.
>=20
> It is a sufficient workaround for 2.4.21.
>=20
> >    Since Upgrade: is a core feature, it should maybe better be a =
core directive, such as
> >
> >      ProtocolsHttpUpgradeAnnounce on|off         # make no announce =
in a response header
> >      ProtocolsHttpUpgrade on|off                 # make no http =
Upgrade: at all
>=20
> One other ... right now your logic announces once, but HTTP/1 is =
stateless.  The upgrade advertising header should generally be presented =
with each applicable response.
>=20
> Perhaps a 'once' optimization could be added, to suppress on =
subsequent responses without the upgrade required status.
>=20
> This can certainly be deferred for 2.4.22.
>=20
> > 2. What kind of HTTP/1.1 Upgrade: paths we want to implement.
> >    - 'h2c' on a cleartext connection, I assume, is desired
> >    - 'h2' on a cleartext connection, I do not see a use case for. =
Same as 'TLS/1.x, HTTP/2'. It might be interesting to debate which is =
more according to which spec, but I do not plan to participate in that.
> >    - 'h2' on a TLS connection. This is currently supported, =
configured off by default. So we do conform to RFC7540, but one can =
configure a TLS HTTP/1.1 -> HTTP/2 upgrade path if one so desires.
>=20
> > As to the discussion of 'HTTP/2' or 'HTTP/2.0' vs. 'h2' on TLS =
connections, we could also decide to support that. I am +-0 on this. I =
think 'h2' is immediately clear to anyone that has read RFC7540 at least =
once. Regardless of it being only registered for ALPN.
>=20
> Agreed there is no urgency to doing either right at this moment, and =
note there are other schemes afoot...
>=20
> https://lists.w3.org/Archives/Public/ietf-http-wg/2016AprJun/0298.html
>=20
> > 3. The whole 'TLS/x.x, other-id' upgrade dance on cleartext =
connections has been discussed months ago. We should discuss how we =
address this in the core protocols_propose/switch API that has been =
marked experimental and needs to be re-visited after the experiences of =
the last months. Also, the requirements from Jacob in regard to =
WebSocket Upgrade should be factored in.
>=20
> Agreed, I set that down and need to pick this back up in the immediate =
future, but not prior to 2.4.21...