-
Notifications
You must be signed in to change notification settings - Fork 329
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
section #connections is vague wrt connection is HTTP or HTTPS or HTTP/2 or QUIC #641
Comments
@equalsJeffH I'm working on Chrome's implementation of this, but I'm unclear about what the implications of this are? That is, at least as implemented in Chrome (and others, from what I've seen), whether or not to send a certificate is somewhat of a state independent of the underlying transport, and the underlying transport doesn't support certificates, it simply doesn't send them. Is the concern about it being specific to TLS? Would it also work to say: "If credentials is false, do not send a certificate" (e.g. omitting TLS to support QUIC or HTTP/2 certificate frames, and omitting client to avoid any ambiguity about what type of certificate) |
Separately, I'm not aware of implementations that guarantee opening specific connection types, nor would I think Chrome be supportive of such language or (web developer) flexibility :) |
thx for explanation @sleevi |
also, perhaps this:
..could explain more, e.g.: Set connection to the result of establishing an HTTP connection to origin . Depending on various factors, the connection may actually be HTTP (over insecure transport), HTTP over TLS ("HTTPS"), HTTP/2 ("h2") over TLS, QUIC, or perhaps HTTP over some other secure transport. [followed by appropriate series of spec references]. |
Could you help me understand why it matters or how it would be observable or relevant to consuming specs? |
The obtain a connection algorithm in section #connections presently says this:
However, one is not going to "send a TLS client certificate" if one is not running over TLS, and there is no context in this alg whether or not a HTTP or HTTPS or HTTP/2 or QUIC or whatever connection is established.
Given the associated Note says in part: "This is intentionally a little vague as the finer points are still evolving." this is likely understood, tho I did not find an already-open issue regarding this, thus am submitting this one.
Offhand, it seems one way to nominally address this is to:
The text was updated successfully, but these errors were encountered: