Re: HTTPS 2.0 without TLS extension?

Amos Jeffries <squid3@treenet.co.nz> Tue, 23 July 2013 03:20 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1340A11E81D4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 22 Jul 2013 20:20:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x+74T7nWW2Q3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 22 Jul 2013 20:20:23 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 8555311E81D5 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 22 Jul 2013 20:20:22 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1V1T7i-0003uK-Rd for ietf-http-wg-dist@listhub.w3.org; Tue, 23 Jul 2013 03:18:50 +0000
Resent-Date: Tue, 23 Jul 2013 03:18:50 +0000
Resent-Message-Id: <E1V1T7i-0003uK-Rd@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <squid3@treenet.co.nz>) id 1V1T7W-0003ry-Ni for ietf-http-wg@listhub.w3.org; Tue, 23 Jul 2013 03:18:38 +0000
Received: from ip-58-28-153-233.static-xdsl.xnet.co.nz ([58.28.153.233] helo=treenet.co.nz) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <squid3@treenet.co.nz>) id 1V1T7V-0004qd-N1 for ietf-http-wg@w3.org; Tue, 23 Jul 2013 03:18:38 +0000
Received: from [192.168.1.218] (ip202-27-218-168.satlan.co.nz [202.27.218.168]) by treenet.co.nz (Postfix) with ESMTP id 6534EE6D59 for <ietf-http-wg@w3.org>; Tue, 23 Jul 2013 15:18:09 +1200 (NZST)
Message-ID: <51EDF5F0.2050002@treenet.co.nz>
Date: Tue, 23 Jul 2013 15:18:08 +1200
From: Amos Jeffries <squid3@treenet.co.nz>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: ietf-http-wg@w3.org
References: <CACuKZqEBAqXs-cQF1U-g3npaXGR0LEoXZYxDv-3a+ftn-YG=_g@mail.gmail.com> <CABaLYCtT33y3Gbh5rduHNL8hFsamz34epciG+36pYbkMdwpujQ@mail.gmail.com>
In-Reply-To: <CABaLYCtT33y3Gbh5rduHNL8hFsamz34epciG+36pYbkMdwpujQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=58.28.153.233; envelope-from=squid3@treenet.co.nz; helo=treenet.co.nz
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-2.499, BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1V1T7V-0004qd-N1 ec76d769917e8b70a6203d49a1dedac7
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTPS 2.0 without TLS extension?
Archived-At: <http://www.w3.org/mid/51EDF5F0.2050002@treenet.co.nz>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18872
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 23/07/2013 4:01 a.m., Mike Belshe wrote:
> It should be available quite easily through OpenSSL and NSS long 
> before http/2 ships.
>

Sigh. Missed the news yesterday? come relatively large number of 
corporates are still using Java installations installed since 1994.

We are expecting HTTP/2 to start "shipping" preliminary implementations 
in the next year or two right? You can expect a minimum 5 years upgrade 
window (sorry terrible pun) if the libraries are ready and published 
*today*. Depending on the library like this just won't cut enough slack.

> The structured integration with the SSL handshake is a much cleaner 
> protocol.

Sure, and the sane people will use it. Not everybody is sane though.

Eliminating viable options for moving to HTTP/2 does not seem like a 
reasonable path to be taking this early in the process.

Amos