Comments (2)
First, let's remember that this describes the state of the discussion as it was a few years ago.
how does this compare against a connection that was initiated directly with https?
HTTPS://
in the URL would imply authenticated TLS. That the name is verified against the certificate and the certificate is signed by a trusted CA. A secure connection.
wouldn't use any padlock in the UI" this is obscure
Maybe, but it is there to underscore that there would be nothing in the UI to hint or suggest that the connection would be secure.
"there is no way to tell.." what isn't plain old HTTP exactly? The new connection where the user is being redirected to? Why would a client assume that? Why would a user?
One of the strong arguments mentioned against opportunistic HTTPS back in the day was exactly that users would be satisfied with this level and thus not go all the way and do proper HTTPS for sites. Thus it seemed relevant to underscore that there would be no indication to users that it is "HTTPS", as it wouldn't be HTTPS as it otherwise works for clients.
from http2-explained.
First, let's remember that this describes the state of the discussion as it was a few years ago.
Sure, it was not meant as a (non-constructive) critique. I really didn't understand the passage and I still doubt I'm understanding it properly.
I probably misread the whole paragraph like this:
YADDA YADDA it isn't plain old HTTP,
butthis is still opportunistic TLS and some people YADDA
instead of this:
YADDA YADDA it isn't plain old HTTP, but this is still opportunistic TLS
andsome people YADDA
i.e. the but refers only to the "it isn't plain old HTTP" and not to the whole sequence of arguments before.
It would help to have a simpler sentence structure like: "Some people are very firm against Opportunistic TLS because this, this and that as well".
from http2-explained.
Related Issues (20)
- Portuguese version on choose language HOT 2
- Little spelling mistake in ru/part6 HOT 1
- Little mistake in ru/part12 HOT 1
- Spelling
- HTTP/2 is only supported over TSL in all major browser HOT 2
- 8.1 head of line blocking
- 8.4.7. layering violations
- Line indicating author's employer needs update
- regd. SPDY/NPN removal in Chrome
- http2 support in browsers update HOT 1
- http2 support by major server operators & server implementations
- or --> of
- {curl, libcurl} http2 enable status on linux HOT 2
- Since 7.47.0, curl enables http2 by default
- applicaton --> application
- zh: title page name
- Headers in wrong order HOT 3
- Latest EPUB, so you don't have to build it.
- Add small link to the next file in the bottom for easier reading on github HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from http2-explained.