W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: SPDY = HTTP/2.0 or not ?

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Mon, 26 Mar 2012 08:34:22 +0000
To: patrick mcmanus <pmcmanus@mozilla.com>
cc: ietf-http-wg@w3.org
Message-ID: <9699.1332750862@critter.freebsd.dk>
In message <4F701E44.6060108@mozilla.com>, patrick mcmanus writes:
>On 3/26/2012 7:56 AM, Poul-Henning Kamp wrote:

>Existence proofs: google does all of their logged in user search over 
>SSL, Twitter encourages SSL by default, Facebook is widely used that 
>way. It pretty clearly can be done at scale. Its not free, but its worth it.

The fact that a certain size and class of companies roll out SSL is
no where near a proof that everybody would or should do so.

Counter proof: How many p0rn sites deliver legal images via SSL ?

>More importantly - no user wants to use an insecure protocol - ever.

I don't think the majority of users consider HTTP an unsecure
protocol for p0rn, newspapers and blogs.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Monday, 26 March 2012 08:34:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:57 GMT