HTTP 2.0 in the clear and over TLS

<> Mon, 29 July 2013 16:39 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D2DC921F9970 for <>; Mon, 29 Jul 2013 09:39:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.597
X-Spam-Status: No, score=-10.597 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6IR0VEsM3NgS for <>; Mon, 29 Jul 2013 09:39:10 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4EBBB21F9A8E for <>; Mon, 29 Jul 2013 09:39:04 -0700 (PDT)
Received: from lists by with local (Exim 4.72) (envelope-from <>) id 1V3qS4-00026m-GJ for; Mon, 29 Jul 2013 16:37:40 +0000
Resent-Date: Mon, 29 Jul 2013 16:37:40 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtp (Exim 4.72) (envelope-from <>) id 1V3qRu-00025K-PP for; Mon, 29 Jul 2013 16:37:30 +0000
Received: from ([] by with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <>) id 1V3qRt-0000t0-AN for; Mon, 29 Jul 2013 16:37:30 +0000
Received: from (unknown [xx.xx.xx.1]) by (ESMTP service) with ESMTP id 915EF2646E0; Mon, 29 Jul 2013 18:37:02 +0200 (CEST)
Received: from Exchangemail-eme1.itn.ftgroup (unknown []) by (ESMTP service) with ESMTP id 7047E35C045; Mon, 29 Jul 2013 18:37:02 +0200 (CEST)
Received: from PEXCVZYM14.corporate.adroot.infra.ftgroup ([fe80::a42f:c628:bc76:d592]) by PEXCVZYH01.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.02.0328.009; Mon, 29 Jul 2013 18:37:02 +0200
From: <>
To: Michael Sweet <>, Eliot Lear <>
CC: =?utf-8?B?IFdpbGxpYW0gQ2hhbiAo6ZmI5pm65piMKSA=?= <>, Zhong Yu <>, HTTP Working Group <>
Thread-Topic: HTTP 2.0 in the clear and over TLS
Thread-Index: Ac6MeaX5+9su0YDZR4C8HsvAF4ce/A==
Date: Mon, 29 Jul 2013 16:37:01 +0000
Message-ID: <32754_1375115822_51F69A2E_32754_8403_1_5AE9CCAA1B4A2248AB61B4C7F0AD5FB906C6BC40@PEXCVZYM14.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_5AE9CCAA1B4A2248AB61B4C7F0AD5FB906C6BC40PEXCVZYM14corpo_"
MIME-Version: 1.0
X-PMX-Version:, Antispam-Engine:, Antispam-Data: 2013.7.29.145416
Received-SPF: pass client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-1.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001
X-W3C-Scan-Sig: 1V3qRt-0000t0-AN 0e3993ef158b586ba6b739d29b6ee26e
Subject: HTTP 2.0 in the clear and over TLS
Archived-At: <>
X-Mailing-List: <> archive/latest/18960
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>


HTTP2 must work in the clear and over TLS. This is required because HTTP1.1 and HTTP2 must coexist to ease the migration to HTTP2, and to accelerate HTTP2 deployments.


De : Michael Sweet []
Envoyé : dimanche 28 juillet 2013 14:12
À : Eliot Lear
Cc : William Chan (陈智昌) ; Zhong Yu; HTTP Working Group
Objet : Re: HTTPS 2.0 without TLS extension?

... and don't forgot some of the more obscure usage of HTTP, such as HTTP over USB in the USB-IF's IPP USB Specification:

There isn't much point in using TLS over USB (and a lot of cost issues for that class of printer against it), and we need to continue to use the same USB end points/interfaces, so upgrade remains an important feature of HTTP/2.0 for me/Apple...

Sent from my iPad

On 2013-07-28, at 12:46 AM, Eliot Lear <<>> wrote:

On 7/23/13 7:34 PM, William Chan (陈智昌) wrote:
FWIW, it seems reasonable to me to have the spec allow HTTPS 2.0 without TLS extension. If you want to Upgrade, be my guest. I have no plans for my browser to support that, and I don't think Google servers will support it either, because we care strongly about the advantages of TLS-ALPN vs Upgrade.

Not only that, I don't think we can reasonably call this HTTP 2.0 if we have no path to do it in the clear.


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.