Avoid "HTTP(S)"/"HTTPS" and others in this cohort

[OliverPfaff]

I'd prefer to avoid "HTTP(S)"/"HTTPS" and others in this cohort ("CoAP(S)"/"CoAPS"/"MQTT(S)"/"MQTTS"), outside the reference section

This terminology appears to attract misconceptions: some people tend to believe "HTTPS" to be a single (!) protocol. But actually it is a combo of two independent protocols, one application protocol (HTTP) and an underlying security protocol (TLS), spec'ed independently from another and bound together in an extra spec

This differentiation is important in security since the overall security features are usually delivered on the different layers:

• HTTP layer: client/user authentication and request authorization
• TLS layer: server authentication, data origin authentication and encryption

To make the nature of the stack more clear the suggestion is to write "HTTP-over-TLS" (instead "HTTP(S)" or "HTTPS", note: "https" is okay [referring to an access scheme])

Similarly: CoAP-over-DTLS, MQTT-over-TLS

[ereshetova]

I think this is an excellent suggestion, this way it is indeed much more clearer for people what provides what.

[mmccool]

So this seems to be a straightforward "syntactic" change. We want in general to change "HTTPS" to "HTTP-over-TLS" and also "CoAPS" to "CoAP-over-DTLS" (there may even be cases where we use MQTTS...). So can someone do a PR for discussion? I will assign @OliverPfaff for now...

[OliverPfaff]

Done => unassigned myself

[mmccool]

Done, closing issue.