On 9/15/17 1:24 PM, Paul Hoffman wrote:
Yes, please. The charter should say "HTTP/2 over TLS". There is no reason for current browsers adding this feature to add it using an obsolete protocol.
I think you're assuming a tighter coupling between layers than actually exists.
In particular -- since you're talking about browsers -- it would easy to implement the current draft entirely in content JavaScript. In doing so, it would be impossible for the implementation to prevent its use over HTTP/1.1 (or QUIC): aside from some proprietary browser-specific APIs, there's no way for such an implementation to even tell what version of HTTP is in use, much less prevent certain queries from going out over unwanted ones.
This all bears more on the specified solution than the charter, but I suspect that (after a reasonable back-and-forth in the ensuing working group), one reasonable outcome will be that the mechanism works over HTTPS in general, simply because it will be too much of an implementation burden to prevent it from doing so.
I'd rather not preclude the ability to have that discussion in the working group by foreclosing it in the charter language.
/a