W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: SPDY = HTTP/2.0 or not ?

From: Mark Watson <watsonm@netflix.com>
Date: Mon, 26 Mar 2012 21:22:04 +0000
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <AF94DCDF-AE52-4344-9506-F553A5EA61E9@netflix.com>
Hi everyone,

On the question of security, as a fairly heavy user of HTTP, at Netflix we're very interested in security for the content we distribute, but we are interested in end-to-end security. The cache server that terminates our HTTP connections in not an "end" in this context. Our encoding/packaging servers are. As a result, our media files are themselves protected in various ways and so it would be unnecessary (and expensive) to transfer them over TLS.

So, this is to say, do not equate security with transport layer security. Security may be essential, but this does not always mean that transport layer security is essential. Netflix at least would fall into the category of companies that would not use HTTP2.0 if TLS was mandated.

Received on Monday, 26 March 2012 21:22:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:01 UTC