-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS server support? #46
Comments
Good point! Perhaps the |
Seems like a good plan to me. I can work on an |
I wrote a server example for
|
It's really easy to get started climbing Mount Everest! All you have to do is book a commercial flight to the nearest international airport. I just got done going through the walkthrough demonstrating HTTP2, and the second I realized I hadn't been told to use a server cert and key anywhere I just about gave up. I'm not looking for an implementers proof of concept marketed to someone looking to spin their own TLS. We all know encryption isn't supposed to be DIY, so there should be at most 3 libraries to choose from when it comes to using hyper with HTTPS. So if you don't have your 3 libraries yet, then this getting started guide makes sense, because you need it to market to your third-party library implementers to show them how easy it would be to create a server they can wrap in TLS. I definitely don't know enough about HTTP2 to know what this proof of concept even proves. If I can't accept HTTP2 connections from the browser, then I have no idea what I'm looking at. Does the listener loop return a TCP stream or an individual HTTP2 session request stream? I don't see a headers object like I would see in node, so I'm assuming this is a TCP stream, but the getting started guide doesn't say anything about this. Ok, to be fair, this setup does make sense if I want to bring multiple listener's tcp streams into one http2 session manager, but the session manager is pretty tightly integrated into the TLS handshake, isn't it? Now I'm having to guess or try to figure out how I'm supposed to implement HTTP2, which is exactly what w3.org was trying to avoid by make the http2 spec so tight and specific. If you're going to market this to everyone, implementing TLS is absolutely essential, otherwise you should probably replace the guides with a page that says "We don't intend you to use this in your application directly. Instead, here is a list of production ready implementations which use our stack."
|
The guide doesn't mention TLS server support, which I would argue is an important feature for many users. I realise that third-party crates are required to support TLS with
hyper
, but how about linking to some of them or providing an example to make it a bit easier for new users to find? For comparison, TLS configuration is mentioned for thehyper
client and there is a link tohyper-tls
Similar to how
reqwest
is mentioned in thehyper
README.md
as a high-level easy-to-use wrapper over thehyper
client, is it intended for higher-level server frameworks likewarp
to be easy-to-use wrappers over thehyper
server that provide TLS? In which case how about linking to some or even to the Web Development Frameworks page on arewewebyet.orgWould you accept a PR for this?
The text was updated successfully, but these errors were encountered: