The secret message hidden in every HTTP/2 connection

The secret message hidden in every HTTP/2 connection ( blog.jgc.org )

submitted 2015-11-30T16:07 by djsumdog

4 comments

klongtoey 2015-11-30T21:19

discussion here https://news.ycombinator.com/item?id=10649442

too techy for me to understand tho.

link

european 2015-11-30T18:17

I wonder what happened between May 29, 2013 and July 8, 2013? Could it be "U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program"?

right , so originally is said foo ba

but a news report on surveillance operation prism is realeased, so the devs decide to include reference to it? this seems a bit backwards. If there was anything suspicous surely references to prism would be removed not added , surely?

link

pitenius 2015-11-30T18:45

Couldn't possibly be that the IETF was moving an explicitly declared example into an implementation.

HTTP/2.0 uses the same "http" and "https" URI schemes used by HTTP/1.1. HTTP/2.0 shares the same default port numbers: 80 for "http" URIs and 443 for "https" URIs. As a result, implementations processing requests for target resource URIs like "http://example.org/foo" or "https://example.com/bar" are required to first discover whether the upstream server (the immediate peer to which the client wishes to establish a connection) supports HTTP/2.0.

I just wonder what nefarious implementations are coming for that data block!

Foo: bar DATA - END_STREAM {binary data} HEADERS + END_STREAM + END_HEADERS foo: bar

My headers read:

666: JOOZ DATA - END_STREAM [binary data} HEADERS + END_STREAM + END_HEADERS 666: JOOZ

link

pitenius 2015-11-30T16:27

PRI ; SM

link