Re: Upgrade, hmmm...

Nick Harper <> Sat, 01 August 2020 00:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A0E313A0DB7 for <>; Fri, 31 Jul 2020 17:34:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.519
X-Spam-Status: No, score=-10.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XgnrwvNk-Uxj for <>; Fri, 31 Jul 2020 17:34:41 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7A56F3A0DF2 for <>; Fri, 31 Jul 2020 17:34:41 -0700 (PDT)
Received: from lists by with local (Exim 4.92) (envelope-from <>) id 1k1fTa-0006x4-Kb for; Sat, 01 Aug 2020 00:34:14 +0000
Resent-Date: Sat, 01 Aug 2020 00:34:14 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <>) id 1k1fTZ-0006wR-8P for; Sat, 01 Aug 2020 00:34:13 +0000
Received: from ([2607:f8b0:4864:20::232]) by with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <>) id 1k1fTX-0005sU-5o for; Sat, 01 Aug 2020 00:34:12 +0000
Received: by with SMTP id 25so4704661oir.0 for <>; Fri, 31 Jul 2020 17:34:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lX7TE0KuTmP1XXUm4ZtM7nRthZpniqU1b8QdbLRwmNU=; b=eczaXkqUy0U+ZyUw+9jFMFMFcrayckecRqR6GSg35PzppDYsaH9ldre8ZkrczvEIXs xuMpO6lUtbIULLAcN2hP60ThH1opUwIme6/3ab7rfvJjrQxpfU1UyoXd5JOvlvGpWIIw bow3fyuAGoQ4B7McCYgxSMNm2tqYpCyHCYeCIyOWJdSCcrH34aO1c8PEQsD7vzRn5XgR YuRuyCm+FxW89isD919byWFXptj5Jdh2Klpbkho25nttuKOjlp70FG0W76uqKSWjyD4Z qGQ57dppSlxEmEVzNF6Trowb8FlBa0JviYm3Q7Ojh7rLbeDNX5xLPZFRqr8ubPXEIrxf LAWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lX7TE0KuTmP1XXUm4ZtM7nRthZpniqU1b8QdbLRwmNU=; b=LiZXTCcgQD2awl81VE4SPv6bE/m7b65xicfgHy6UMygSlA26PB61hfTC7WpiO4+im3 ph8n3U6A11PMBOHudfg4Qj6Ofegsz0c7TUig2EPPJoknqEz2GUMPCnyr4j37+HiHi6rP KEivYhTXSfWUlXp7saRiT5TcOk2kziHP/OzGA3nVJwsyDdx/xuEoJ4y/mKzxhb2Ezfzi kqgMUuf0Iq+sHhSUsKaqKSGbkCFmJlM8fsllFDvzc4+nElhkQovP4DMYg5DMLSY6Gp9S K3XM+5Ua0STJNvjmuASn8kC4RcgkhOi9tBCGCkGfDG1E8p3eX3+a+79gsvN7zANYRd99 xImw==
X-Gm-Message-State: AOAM5332+/Uf7ewnMSak2VAcv3wF7tyGLiSP7bz6bs7NkryKTBwmeK9D 4JeJMIRSfg+rmZY/4FFAczx2P1+nCiZF35owLYIMtg==
X-Google-Smtp-Source: ABdhPJz2Sr3PB9y9R6HJz6x0rv2JS/ue92mrHkKJqG9aIj61SehnosSHTHec65zYHconwYtqbDhz/y4qMnJcsAsRubM=
X-Received: by 2002:aca:4cce:: with SMTP id z197mr4710928oia.118.1596242039791; Fri, 31 Jul 2020 17:33:59 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <>
In-Reply-To: <>
From: Nick Harper <>
Date: Fri, 31 Jul 2020 17:33:48 -0700
Message-ID: <>
To: Eric J Bowman <>
Cc: Ietf Http Wg <>
Content-Type: multipart/alternative; boundary="000000000000c22d6205abc60ff6"
Received-SPF: pass client-ip=2607:f8b0:4864:20::232;;
X-W3C-Hub-Spam-Status: No, score=-19.6
X-W3C-Scan-Sig: 1k1fTX-0005sU-5o c1effff8dfcb243ede30045ff8fc6ac4
Subject: Re: Upgrade, hmmm...
Archived-At: <>
X-Mailing-List: <> archive/latest/37919
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

This isn't just my interpretation of Upgrade, it is how it is defined in
RFC 7230, section 6.7.

If you want to say "I also support these other protocols", check out
Alt-Svc (RFC 7838).

On Fri, Jul 31, 2020 at 5:31 PM Eric J Bowman <> wrote:

> Not how current browsers work, no. But, a client asking for that upgrade
> and getting an affirmative response via TCP, can feel free to repeat the
> request via UDP. At the cost of a round-trip. I'm taking under
> consideration your interpretation of Upgrade as being meant for the same
> connection, my way would be a different connection, you're right. What's
> the downside?
> -Eric
> (sorry for the double-post if I forgot to reply all, oops)
> ---- On Fri, 31 Jul 2020 16:59:20 -0700 *Nick Harper <
> <>>* wrote ----
> On Fri, Jul 31, 2020 at 4:51 PM Eric J Bowman <> wrote:
> Please refer me to previous discussions about why h2 and h2c, but no h1,
> h1c, or h3.
> I'm coding a webserver from scratch, with the goal of serving an
> index.html file and its ancillaries, over any of HTTP/1.1, HTTP/2, HTTP/3,
> FTP, WAKA (if Roy ever publishes it), or "ERIC" because I have my own
> ideas. Encrypted or not (I realize "not" isn't an option with HTTP/3). So
> the main loop is protocol-negotiation hell worse than any conneg/langneg
> I've ever coded.
> If I'm hosting multiple websites on my service, I might want to default to
> h2, at this time. But if one of those client websites is a law firm, they
> don't care about serving legal definitions over "h1c" to incarcerated
> clients, who aren't allowed to use encryption unless it's attorney-client
> privileged communication. So, how does a gateway at the prison wall connect
> using h2 but request "Downgrade: h1c"? Or maybe there could be a "Protocol"
> header with a weighted list (lol).
> (Taking a presentation I watched on YouTube by PHK, to heart -- some
> sovereign states disallow encryption, and heck, America's own FBI wants to
> kill it. But I agree it's important to be able to downgrade to cleartext.)
> Or, why can't an h2c connection request Upgrade: h3? Coding my webserver
> to shift those gears, turns out to be trivial, all things considered at
> this point. So, why are only h2/h2c standardized as Upgrade tokens?
> The Upgrade header is used to suggest switching protocols on the *same*
> connection. Given that an h2 (or h2c) connection runs on TCP and HTTP/3
> runs on UDP, there's no way to upgrade the existing connection to HTTP/3.
> -Eric