W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: SPDY = HTTP/2.0 or not ?

From: Brian Pane <brianp@brianp.net>
Date: Mon, 26 Mar 2012 02:22:11 -0700
Message-ID: <CAAbTgTto2rgiDVzyjJLfit1_kKLR45ZgfY2+PTBQ+V_sP4L3Qg@mail.gmail.com>
To: ietf-http-wg@w3.org
On Mon, Mar 26, 2012 at 1:34 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:

> I don't think the majority of users consider HTTP an unsecure
> protocol for p0rn, newspapers and blogs.

And the majority of users probably don't consider HTTP an unsecure
protocol for email, social networking, search, or banking...mostly
because they don't know what a "secure protocol" is, or even what
a "protocol" is.  And they shouldn't have to know those details.

For HTTP/2.0, we're talking about a protocol that thousands of
people will implement.  And then millions of people will deploy
those implementations to create websites.  And billions of people
will use those websites during the protocol's active lifetime.  If we
convince ourselves that securing the transport is too onerous for
the thousands, or too inefficient for the millions, we'll be missing
a chance to better harden the web on behalf of the billions.

-Brian
Received on Monday, 26 March 2012 09:22:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:57 GMT