W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: http+aes

From: Willy Tarreau <w@1wt.eu>
Date: Mon, 5 Mar 2012 23:24:26 +0100
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Ian Hickson <ian@hixie.ch>, Yngve Nysaeter Pettersen <yngve@opera.com>, URI <uri@w3.org>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20120305222426.GB2930@1wt.eu>
On Mon, Mar 05, 2012 at 09:41:59PM +0000, Poul-Henning Kamp wrote:
> In message <20120305200850.GI30594@1wt.eu>, Willy Tarreau writes:
> >On Mon, Mar 05, 2012 at 06:09:35PM +0000, Poul-Henning Kamp wrote:
> 
> >Example :
> >    Content-Encoding: aes-ctr-128; keyid=0x34751806
> >    Cache-control: no-transform
> >
> >This has the benefit of working out-of-the-box without affecting existing
> >intermediary components.
> 
> That doesn't really improve the crypto scheme or key-handling in
> any meaningful way.
> 
> It does make it slightly less hackish as HTTP considered.

That was precisely my point : make it do *the same* without redefining
a new scheme. I'm not judging whether or not doing this is useful, I'm
saying it can already be done if needed.

Regards,
Willy
Received on Monday, 5 March 2012 22:25:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT