Ignore:
Timestamp:
Sep 18, 2012, 12:53:38 AM (7 years ago)
Author:
fielding@…
Message:

https requires and end-to-end secured connection. Addresses #383

Refer just to TLS, not SSL/TLS.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p1-messaging.html

    r1901 r1903  
    449449  }
    450450  @bottom-center {
    451        content: "Expires March 21, 2013";
     451       content: "Expires March 22, 2013";
    452452  }
    453453  @bottom-right {
     
    492492      <meta name="dct.creator" content="Reschke, J. F.">
    493493      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p1-messaging-latest">
    494       <meta name="dct.issued" scheme="ISO8601" content="2012-09-17">
     494      <meta name="dct.issued" scheme="ISO8601" content="2012-09-18">
    495495      <meta name="dct.replaces" content="urn:ietf:rfc:2145">
    496496      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
     
    524524            </tr>
    525525            <tr>
    526                <td class="left">Expires: March 21, 2013</td>
     526               <td class="left">Expires: March 22, 2013</td>
    527527               <td class="right">greenbytes</td>
    528528            </tr>
    529529            <tr>
    530530               <td class="left"></td>
    531                <td class="right">September 17, 2012</td>
     531               <td class="right">September 18, 2012</td>
    532532            </tr>
    533533         </tbody>
     
    556556         in progress”.
    557557      </p>
    558       <p>This Internet-Draft will expire on March 21, 2013.</p>
     558      <p>This Internet-Draft will expire on March 22, 2013.</p>
    559559      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    560560      <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    10811081      <p id="rfc.section.2.7.1.p.7">Although HTTP is independent of the transport protocol, the "http" scheme is specific to TCP-based services because the name
    10821082         delegation process depends on TCP for establishing authority. An HTTP service based on some other underlying connection protocol
    1083          would presumably be identified using a different URI scheme, just as the "https" scheme (below) is used for servers that require
    1084          an SSL/TLS transport layer on a connection. Other protocols might also be used to provide access to "http" identified resources
     1083         would presumably be identified using a different URI scheme, just as the "https" scheme (below) is used for resources that
     1084         require an end-to-end secured connection. Other protocols might also be used to provide access to "http" identified resources
    10851085         — it is only the authoritative interface used for mapping the namespace that is specific to TCP.
    10861086      </p>
     
    10951095      <div id="rfc.iref.u.4"></div>
    10961096      <p id="rfc.section.2.7.2.p.1">The "https" URI scheme is hereby defined for the purpose of minting identifiers according to their association with the hierarchical
    1097          namespace governed by a potential HTTP origin server listening for SSL/TLS-secured connections on a given TCP port.
     1097         namespace governed by a potential HTTP origin server listening to a given TCP port for TLS-secured connections <a href="#RFC5246" id="rfc.xref.RFC5246.2"><cite title="The Transport Layer Security (TLS) Protocol Version 1.2">[RFC5246]</cite></a>.
    10981098      </p>
    10991099      <p id="rfc.section.2.7.2.p.2">All of the requirements listed above for the "http" scheme are also requirements for the "https" scheme, except that a default
    1100          TCP port of 443 is assumed if the port subcomponent is empty or not given, and the TCP connection <em class="bcp14">MUST</em> be secured through the use of strong encryption prior to sending the first HTTP request.
     1100         TCP port of 443 is assumed if the port subcomponent is empty or not given, and the TCP connection <em class="bcp14">MUST</em> be secured, end-to-end, through the use of strong encryption prior to sending the first HTTP request.
    11011101      </p>
    11021102      <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.25"></span>  <a href="#https.uri" class="smpl">https-URI</a> = "https:" "//" <a href="#uri" class="smpl">authority</a> <a href="#uri" class="smpl">path-abempty</a> [ "?" <a href="#uri" class="smpl">query</a> ]
     
    17901790         effective request URI is constructed as follows.
    17911791      </p>
    1792       <p id="rfc.section.5.5.p.4">If the request is received over an SSL/TLS-secured TCP connection, then the effective request URI's scheme is "https"; otherwise,
     1792      <p id="rfc.section.5.5.p.4">If the request is received over a TLS-secured TCP connection, then the effective request URI's scheme is "https"; otherwise,
    17931793         the scheme is "http".
    17941794      </p>
     
    18101810      <p>has an effective request URI of</p>  <pre class="text">http://www.example.org:8080/pub/WWW/TheProject.html
    18111811</pre> <div id="rfc.figure.u.49"></div>
    1812       <p>Example 2: the following message received over an SSL/TLS-secured TCP connection</p>  <pre class="text">OPTIONS * HTTP/1.1
     1812      <p>Example 2: the following message received over a TLS-secured TCP connection</p>  <pre class="text">OPTIONS * HTTP/1.1
    18131813Host: www.example.org
    18141814</pre> <div id="rfc.figure.u.50"></div>
     
    37373737                     </ul>
    37383738                  </li>
    3739                   <li><em>RFC5246</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5246.1">2.3</a>, <a href="#RFC5246"><b>10.2</b></a></li>
     3739                  <li><em>RFC5246</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5246.1">2.3</a>, <a href="#rfc.xref.RFC5246.2">2.7.2</a>, <a href="#RFC5246"><b>10.2</b></a></li>
    37403740                  <li><em>RFC5322</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5322.1">2.1</a>, <a href="#rfc.xref.RFC5322.2">3</a>, <a href="#rfc.xref.RFC5322.3">5.7</a>, <a href="#RFC5322"><b>10.2</b></a><ul>
    37413741                        <li><em>Section 3.6.7</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC5322.3">5.7</a></li>
Note: See TracChangeset for help on using the changeset viewer.