Re: [quicwg/base-drafts] Require 8164 validation for non-https origins (#2973)

Martin Thomson <> Thu, 22 August 2019 00:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 399FE120113 for <>; Wed, 21 Aug 2019 17:13:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.382
X-Spam-Status: No, score=-6.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id drO9UfgJNJ9t for <>; Wed, 21 Aug 2019 17:13:38 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 435B912004C for <>; Wed, 21 Aug 2019 17:13:38 -0700 (PDT)
Date: Wed, 21 Aug 2019 17:13:37 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1566432817; bh=GO9QbnnTIiqmRFoBGz/lsC0RY6hBWeCVUsYpDZarbHQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SDhiQythKcM+Mj2nQ1qtxRPi4IIwP8GmTIl5hvgh5are+XGj8sXu1f3tY7Z4sAbKO ZhTSjdDjFHIB+suC0ywTpr7MTG4mGV/AOjerjnegDAfdvQKRyOdX2iKX1YuLpswaEt Y/H7bqru+hkXUDR+TZMG3aaaIlIvyaTzawzIp6eM=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2973/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Require 8164 validation for non-https origins (#2973)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d5dde31280fd_69c33ff5820cd96c391998"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 22 Aug 2019 00:13:40 -0000

martinthomson commented on this pull request.

> @@ -381,6 +381,10 @@ certificate for the origin before considering it authoritative. Clients MUST NOT
 assume that an HTTP/3 endpoint is authoritative for other origins without an
 explicit signal.
+If the client intends to make requests for an origin containing a scheme other
+than "https", it MUST also obtain a valid `http-opportunistic` response for the

I think that this requirement only applies to the "http" scheme.  It would not apply to the "ni" scheme, for instance.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: