You may find interesting the fact that most of the IETF basically agree to base HTTP 2.0 on SPDY, with those disagreeing being mostly Microsoft delegates voting for Microsoft's S+M proposal.
Partly true. I found the discussions on solving the cookie problem, with better session mechanism, and using binary header that are not encrypted, to be extremely interesting. Using encryption everywhere just because we should is dumb. What will happen is that we'll enforce a TLS handshake and use a NULL algorithm. Mandatory encryption will just make load balancing so much slower, and only 5/10% of the HTTP traffic inside a datacenter really deserves to be encrypted.