The author also seems to prioritize his own convenience of development over end user experience (the prime benefit of performance).
Google hasn't had any trouble implementing SPDY proxies. SPDY is actually an opportunity for a proxy like Varnish because anyone could get the performance gain of SPDY just by plugging a SPDY-to-HTTP1 proxy in between.
I would like to see a built in password-based mutual authentication in addition to Basic and Digest authentication.
Additionally, I would like to see a header to drop and forget HTTP authentication.
Also, can't the server just send a multipart message with assets in it (like SPDY's server push) already (by the spec...support is a different question)?