On 01/06/2015 16:35, jean-frederic clere wrote:
> On 06/01/2015 05:15 PM, jan i wrote:
>> On 1 June 5 at 17:10, Leif Hedstrom <[email protected]> wrote:
>>
>> you guys are the specialists, so if you feel a combined track (but then a
>> full track) is the best, then totally ok with me.
>>
>> I actually thought that HTTP2 had very little to do with SSL/TLS,
>> sorry for
>> being naive.
>
> The first reason is that SSL/TLS is common for httpd, tomcat and traffic
> server, second HTTP/2 requires some new SSL features which have to be
> added in the 3 projects, so we can push it together.
I've already submitted a Tomcat 9 progress report presentation - of
which HTTP/2 and TLS will be a part. I could certainly take the HTTP/2
and TLS part and expand it into a separate presentation.
Something along the lines of:
HTTP/2 and TLS for Java
Outline:
- Overview of HTTP/2
- Requirements on TLS
- JavaEE and HTTP/2
- Client support
- Server support
- Overview of TLS
- SNI
- what is it?
- why do we need it?
- The unbelievably poor SNI implementation in Java 8
- What you have do to to make server side SNI useful
- ALPN
- what is it?
- why do we need it?
- APLN proposals for Java 9
- Fun and games since Java EE will require ALPN and but have to run
on Java 8
- Multiple certificates for the same host (RSA, DSA, ECC)
- what is it?
- why do we need it?
- More fun and games to get this working in Java
Let me know if you want me to submit something.
Mark
