zlacker

[parent] [thread] 2 comments
1. superk+(OP)[view] [source] 2023-07-25 21:45:51
Because Mozilla didn't create QUIC or push the QUIC based HTTP/3 through the IETF like Google and Microsoft did. If anything I should've left out Apple, not added Mozilla. But yeah, Mozilla is using the same HTTP/3 libs as everyone else so it's browser is inherently broken too.

But this only becomes a serious problem when HTTP/1.1 support is removed. Mozilla will never remove HTTP/1.1 support from Firefox. Google/Microsoft/Apple are chomping at the bit to remove HTTP/1.1 from their products.

replies(1): >>agwa+Xn
2. agwa+Xn[view] [source] 2023-07-26 00:15:50
>>superk+(OP)
Mozilla was the first browser maker to announce an intent to deprecate non-secure HTTP[1]. Even if they keep HTTP/1.1 support, at some point they will require TLS for it, just as they already do for HTTP/2. This is not something new with HTTP/3 nor is it some big-corp conspiracy.

[1] https://blog.mozilla.org/security/2015/04/30/deprecating-non...

replies(1): >>superk+wK3
◧◩
3. superk+wK3[view] [source] [discussion] 2023-07-26 20:24:42
>>agwa+Xn
Well shit. I'm wrong and things at Mozilla are much worse than I imagined.

re: HTTP/2, yes, everyone is well aware it didn't allow HTTP connections from the start. But there was no risk of HTTP/1.1 going away at that time. And you can technically still use a non-CA self signed cert for the implementations of HTTP/2 in major browsers. But it is also a bad protocol like HTTP/3.

I have no idea what conspiracy theory stuff you're going on about. People just haven't thought through the consequences of these design decisions outside of their work headspace bubble. Much like with WEI.

[go to top]