The biggest difference compared to the old spec, is that there is simply a lot more text. A lot of things are easier to understand and read, and parts where there were ambiguity has been resolved.
A second change is that the core specification has now been split up over 6 separate specs, whereas before there was just RFC 2616 for HTTP, and RFC 2617 for Basic and Digest authentication.
Just for those reasons alone it may make a lot of sense for API authors to read the specs from end-to-end. Guarenteed you'll learn and get inspired into doing better HTTP api design.
Furthermore the 308 status code is now standard, which provides a 4th redirect status. 308 is a permanent redirect. Clients that receive a 308 are expected to follow the redirect and execute the exact same request again. This, as opposed to the 301, where clients usually change the method into a GET.
RFC 7239 standardizes a Forwarded header, which is supposed to replace headers such as X-Forwarded-For and X-Forwarded-Proto.
A far from complete list of interesting things that have changed.
- Clarifications around dealing with unexpected whitespace, which should fix response splitting vulnerabilities.
- The limit of two connections per server has been removed.
- HTTP/0.9 support has been dropped.
- Default charset of ISO-8859-1 has been removed.
- Servers are no longer required to handle all Content-* header fields.
- Content-Range has been explicitly banned in PUT requests.
- It's now suggested to use the about:blank uri in the Referer header when no referer exists, to distinguish between "there was no referrer" and "I don't want to send a referrer".
- The 204, 404, 405, 414 and 501 status codes are now cachable.
- The status codes 301 and 302 have been changed to allow user agents to rewrite the method from POST to GET. This is a good example of a case where everybody has been (incorrectly) already doing this, and the spec now reflects the real world implementation.
- The Location header can now contain relative uri's as well as fragment identifiers.
- Content-MD5 has been removed.