Thank you for the additional context, Carlo. I agree the loss of support
for non-TLS requests would not only restrictive, but potentially backwards
incompatible.

Shannon Coen
Product Manager, Cloud Foundry
Pivotal, Inc.

On Tue, Feb 2, 2016 at 9:05 PM, Carlo Alberto Ferraris <
carlo.ferraris(a)rakuten.com> wrote:

With this limitation in mind, an upstream component could still terminate
TLS, but couldn't Gorouter also?

Just as a small followup, consider that companies might have internal
regulations mandating how and where SSL termination needs to happen
(Rakuten is among them, for example...). As described in my previous mail,
there are workarounds (e.g. using a separate TLS session between LB/RP and
gorouter) but this may add further deployment complexity (and overhead).