Re: [apps-discuss] I-D Action: draft-nottingham-http-browser-hints-02.txt
Mykyta Yevstifeyev <evnikita2@gmail.com> Wed, 31 August 2011 16:17 UTC
Return-Path: <evnikita2@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4968E21F8C43 for <apps-discuss@ietfa.amsl.com>; Wed, 31 Aug 2011 09:17:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.473
X-Spam-Level:
X-Spam-Status: No, score=-3.473 tagged_above=-999 required=5 tests=[AWL=0.126, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YSCZ5ChgQccL for <apps-discuss@ietfa.amsl.com>; Wed, 31 Aug 2011 09:17:45 -0700 (PDT)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by ietfa.amsl.com (Postfix) with ESMTP id 71BFD21F8C74 for <apps-discuss@ietf.org>; Wed, 31 Aug 2011 09:17:45 -0700 (PDT)
Received: by mail-bw0-f44.google.com with SMTP id r4so1210121bka.31 for <apps-discuss@ietf.org>; Wed, 31 Aug 2011 09:19:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=hX9HHQ7CPi7jquJU4+KLvnZyX3c2l6k4Vgy9CcRBAyE=; b=ane4pze9FDPqAM1rWHSS9WJJxxkwAh56CF+cYxcPFz0rdvg7LNiZIz6d0kojvrAsE1 gOKJ98ylHtI7Q3M00VUl+dwjL76bgUgCFK5KUxugXGak5IBflf/IHNm3D6EnOZIs5bbI gj57Sq+Z+PbIKeiWbVIruV8KdFOZWaYcpYY6Q=
Received: by 10.204.131.148 with SMTP id x20mr356233bks.321.1314807555935; Wed, 31 Aug 2011 09:19:15 -0700 (PDT)
Received: from [127.0.0.1] ([195.191.104.224]) by mx.google.com with ESMTPS id y3sm435211bkw.16.2011.08.31.09.19.14 (version=SSLv3 cipher=OTHER); Wed, 31 Aug 2011 09:19:15 -0700 (PDT)
Message-ID: <4E5E5F22.4010407@gmail.com>
Date: Wed, 31 Aug 2011 19:19:46 +0300
From: Mykyta Yevstifeyev <evnikita2@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: Barry Leiba <barryleiba@computer.org>
References: <20110531062229.28776.82429.idtracker@ietfa.amsl.com> <0CE9268E-5802-4B0A-B643-F580E7F048B5@mnot.net> <4E5BB162.6010101@gmail.com> <D42B156C-33BD-4F8F-8958-A2E7900E055D@mnot.net> <4E5E47BB.3010403@gmail.com> <4E5E47FB.9050100@stpeter.im> <4E5E49A5.1020106@gmail.com> <CAC4RtVCms5uqJFTjXRjmVOtSr88qZFJN632KeRKhekVaMXETyA@mail.gmail.com>
In-Reply-To: <CAC4RtVCms5uqJFTjXRjmVOtSr88qZFJN632KeRKhekVaMXETyA@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Mark Nottingham <mnot@mnot.net>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] I-D Action: draft-nottingham-http-browser-hints-02.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2011 16:17:46 -0000
31.08.2011 17:53, Barry Leiba wrote: >>>> I understand that HSTS is only useful when site declares that HTTPS must >>>> be used any time when connecting to it. Specific areas/resources may >>>> not be declared to be so (If I'm wrong, correct me). >>> What is the use case for that feature? >> This provides a way for client which prefers to use secure variant to learn >> which areas of the site are fine to be accessed so, without attempting to >> use HTTPS where it isn't possible. > Let me see if I understand this correctly: > > A client that wants to use HTTPS, but isn't sure whether this part of > the site supports it, can do it one of two ways: > > 1. Try HTTPS. If it doesn't work, fall back to HTTP. > > 2. Use HTTP. If a "hint" is included in the HTTP response that says > HTTPS is OK, then switch to HTTP. > > You're proposing 2. Is that right? > > Assuming that's right, I'm saying that 1 is better. You're right. But: a client needs to do 1 for each time it tries to access something whereas 2 would only be required once. 2 is more practical; are there any other considerations which led you to the conclusion that 1 is better? Mykyta > > Barry >
- [apps-discuss] Fwd: I-D Action: draft-nottingham-… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mark Nottingham
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Dzonatas Sol
- Re: [apps-discuss] Fwd: I-D Action: draft-notting… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Peter Saint-Andre
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Barry Leiba
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mykyta Yevstifeyev
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Barry Leiba