- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Fri, 6 Apr 2012 17:19:05 +0200
- To: "William Chan (陈智昌)" <willchan@chromium.org>
- Cc: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>, ietf-http-wg@w3.org
Le Ven 6 avril 2012 16:43, William Chan (陈智昌) a écrit : >> If you want to add security to browsing make *very* sure there is little >> reason >> for legal-abiding entities to break it, or they will finance and build the >> tools >> criminals will use. That means using encryption sparingly, not as a blanket >> system. > This logic makes no sense to me. I disagree strongly. I'm not making a logic point, I'm stating how things are moving now, from direct experience. People have been blindly pushing for https everywhere those past years without handling the pain points this caused to corporations, and as a results lots of proxy providers are getting fat sums to break this encryption now (and btw browsers and google are not the only ones to blame, vendors like Citrix that have told IT it could just tunnel citrix through https and network admins would be none the wiser helped quite a lot too) -- Nicolas Mailhot
Received on Friday, 6 April 2012 15:19:36 UTC