W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Response to HTTP2 expresions of interest

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 13 Jul 2012 17:59:12 +0000
To: Tim Bray <tbray@textuality.com>
cc: Phillip Hallam-Baker <hallam@gmail.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <45362.1342202352@critter.freebsd.dk>
In message <CAHBU6itLXj1W2uGEFvMEemi5hBrYjmaeYq-8b0oJvzKdvCh34Q@mail.gmail.com>
, Tim Bray writes:

>How much information needs to be in the unprotected envelope?  Because one
>of the benefits of transport-level security is that a snooper, for example
>a government tracking dissidents, knows little/nothing about my traffic
>aside from the routing.  Not a rhetorical question.  -Tim

And this is exactly about the routing.

The three fields that today should be part of the envelope is
"Host:", URI (Sans query part) and Session-Nonce.  (Since we don't
actually have a session-nonce, today people route on cookies.)

And like all other message transfer systems from snail-mail and
forward, the envelope need not give anything away, because what you
put on it only have to get the message to the right place, it doesn't
have to _be_ the message.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 13 July 2012 17:59:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 13 July 2012 17:59:41 GMT