Since the entire point of Brad's post is the distinction between http/https as it applies to HTTP/2.0 and specifically TrustedProxy, I call "shenanigans" on the idea that you actually read either of these.
I got what you mean the second time I went through both of the texts, my bad. I thought HTTP2.0 was about always-on TLS layer, which is false so. And to be fair, reading the draft is kinda hard to understand the exact meaning, especially since they added the 6th paragraph (posted above), which in this case doesn't really make sense. If the connection is non-encrypted anyway, why ask the user a permission to tunnel the connection through TLS?
ps. I really did read them both, I just tend to be a little strong-opinionated.
ps. I really did read them both, I just tend to be a little strong-opinionated.