I wanted to draw attention to Mark Nottingham’s excellent blog article about strengthening HTTP. The article is available from this link. Like his previous posts on the topic, he raises important issues about the design of HTTP 2.0 and how to ensure that we can provide as good security protection as possible for Internet users employing HTTP 2.0.
This is obviously extremely important for the Internet and its evolution. Such a large part of our Internet use happens on the web that its key building blocks matter. And the web protocol stack is not just used by us humans and our browsers; it is also used by countless applications. As an example, the world of intelligent objects around us is to a large extent being constructed on top of the web protocol stack. HTTP 2.0 is likely to see very widespread use as the standard becomes available later this spring.
And improving the security is not easy, as Mark points out. But it is important. Can we do more? How can the current thinking be improved? Please join the discussion at the HTTPBIS working group.
Jari Arkko, Chair of the IETF