Re: [TLS] WGLC comments on draft-ietf-tls-applayerprotoneg-01

[Yoav Nir <ynir@checkpoint.com>]

On Aug 20, 2013, at 7:53 PM, Martin Thomson <martin.thomson@gmail.com> wrote:

> On 19 August 2013 22:54, Yoav Nir <ynir@checkpoint.com> wrote:
>> It's not meant to be displayed to the end user, as in my mother surfing the web. But it's nice to be able to see a recognizable string in Wireshark. So yes, keep HTTP/1.1 (and HTTP/2.0). SPDY, however, should be experimental or some such. There's no reason to keep it in the registry forever, or place it in the registry in the first place.
> 
> I have no trouble keeping "HTTP/1.1".  I do have a concern that the
> string "http/1.1" will cause confusion though.  Is it really so
> difficult to register an uppercase string?

Well, uppercase letters tend to be bigger, which may be an issue for constrained devices.

+1 on harmonizing with the string we all know and love.

>> I agree with the RFC. I prefer a private space that has an "owner".
> 
> Rather than inventing a new semantic-free, structured identifier
> space, which the RFC in question specifically recommends against, why
> don't we just do what RFC 6648 recommends and create a registry.
> Registration is cheap.  And if you feel the urge to experiment without
> registering your codepoint, that's cool too.

This tends to make registries fill up with failed and obsoleted experiments. For example, if all goes well, there will be no need to ever again use "spdy/1", "spdy/2", and "spdy/3" in a year or so from now. "spdy/1" and "spdy/2" can probably already be pulled out of the proposed initial assignment. But there is never a procedure to remove stuff from registries.

Anyway, registration is cheap or not based on policy. I've just noticed that this draft does not specify an IANA policy (RFC 5226). So I propose that the following sentence be added to section 6: "The assignment policy for this new registry shall be 'First Come, First Served'." 

Yoav