Bug description
I created a ServiceEntry for a host like this:

apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
  name: a-svc-entry
spec:
  hosts:
    - 'a.test.com'
  exportTo:
    - "."
  ports:
    - number: 443
      name: https
  location: MESH_EXTERNAL
  resolution: DNS

And suddenly all outgoing https traffic to any host started showing errors about mismatching certificate. I found the reason, it's a missing protocol for port and of course reference documentation says it's a mandatory field, but why does it work at all or why it works that way or why I can't find this described in docs or why it doesn't figure out protocol from name

[X] Docs
[ ] Installation
[X] Networking
[ ] Performance and Scalability
[ ] Extensions and Telemetry
[ ] Security
[ ] Test and Release
[ ] User Experience
[ ] Developer Infrastructure

Expected behavior
Failing validation maybe, I'm not sure

Steps to reproduce the bug
Create ServiceEntry for https port without protocol and try to connect any other https host

Version (include the output of istioctl version --remote and kubectl version --short and helm version if you used Helm)
$ istioctl version --remote
client version: 1.7.3
control plane version: 1.7.3
data plane version: 1.7.1 (2 proxies), 1.7.3 (35 proxies)

$ kubectl version --short
Client Version: v1.18.8
Server Version: v1.19.0-34+1a52fbf0753680

$istioctl proxy-config listeners mypod
ADDRESS PORT MATCH DESTINATION
...
0.0.0.0 443 App: HTTP Route: 443
0.0.0.0 443 ALL Cluster: outbound|443||a.test.com
...