On Tue, Apr 19, 2016 at 11:26 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote:
> On Tue, Apr 19, 2016 at 11:04 AM, Jacob Champion <champio...@gmail.com> > wrote: > >> On 04/19/2016 08:47 AM, William A Rowe Jr wrote: >> > I agree with your analysis, "h2" is not an upgrade candidate. >> > >> > "h2c" is an upgrade candidate. >> >> Is an h2c upgrade allowed over an HTTP/1.1+TLS connection? 7540 seems to >> hint that it's not ("The 'h2c' string is reserved from the ALPN >> identifier space but describes a protocol that does not use TLS"), but I >> can't find any "MUST NOT" language. >> > > Not according to the HTTP/2 wg, they declared that SNI ALPN "h2" > connections were the only way to establish TLS h2 connections, and > that h2c is plaintext, by their definition. > (There is a suggestion that HTTP/2 wg proscribed the *client* behavior, and that server implementors are free to offer h2c over https upgrade, or h2 over http upgrade, but if there is no client that would consume that behavior... well...)