W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Protocol Design 101 (Re: Mandatory encryption)

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Wed, 18 Jul 2012 08:50:33 -0700
Message-ID: <CAPik8yZgXkhN+KAd_dSJShKp3BZPpTxENALj-OizjDmUX-UZBQ@mail.gmail.com>
To: Carsten Bormann <cabo@tzi.org>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Given your views, would it be a good protocol design to require TLS
for server authentication, and to allow but not require encryption?
That is, do you think HTTP 2.0 with no mandatory server authentication
is a good or bad protocol design?

--Paul Hoffman
Received on Wednesday, 18 July 2012 15:51:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 18 July 2012 15:51:10 GMT