Partly because more things use HTTPS and encourage users and servers to HTTPS. Firefox and Chrome developers said this is generally good. For users and users, security and privacy.
This also applies to broken "medium boxes" deployed on the Internet, which assume that TCP traffic over port 80 (which may look like HTTP / 1.1) means HTTP / 1.1, and then they will intervene to "improve" or filter out traffic somewhat. Performing HTTP / 2 transparent text on such networks produces significantly worse results. By insisting on encryption, these middle boxes will never get the chance to spoil traffic.
In addition, there is a certain percentage of deployed HTTP / 1.1 servers that return an error message about an update: with an unknown protocol (for example, "h2c", which is HTTP / 2 in clear text), which also complicates the implementation in a widely used browser. Negotiating over HTTPS is much less error prone, since โnot supportingโ simply means switching to the secure old HTTP / 1.1 approach.
Daniel Stenberg
source share