- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Thu, 29 Mar 2012 07:20:10 +0000
- To: Henry Story <henry.story@bblfish.net>
- cc: patrick mcmanus <pmcmanus@mozilla.com>, ietf-http-wg@w3.org
In message <0BD7B951-93F7-4620-A098-987EF53E2CA3@bblfish.net>, Henry Story writ es: >You mean the server may not be allowed to use crypto for encryption. I >seriously doubt a server may not be allowed to use crypto for integrity and >identity. TLS allows crypto to be used for integrity and identity without >confidentiality. >User interfaces do need to be improved to make this visible, but it is >available. You seem to forget that certain services are based on plausible deniability. Adding integrity proving metadata would not work for them. But at the bottom of this argument is a much more fundamental question which you still have not answered: You and which army is going to make people switch from HTTP/1.1 to HTTP/2.0 if they don't think it is an improvement ? Remember that HTTP/2.0 is an offer we can make, not a law we can enforce. See also: OSI protocols, IPv6 etc. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 29 March 2012 07:20:39 UTC