Re: HTTPS, proxying, and all that... from Ilya Grigorik on 2013-01-11 (ietf-http-wg@w3.org from January to March 2013)

From: Ilya Grigorik <ilya@igvita.com>
Date: Fri, 11 Jan 2013 10:57:07 -0800
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAKRe7JHidJN9rnp9fM_7aevR9opZ7P4GnMT+2C3tdoFqLg6ShQ@mail.gmail.com>

> Here's a bit of relevant, real-time news, which should have great
> impact on the long term reality of HTTP/2.0:
>
>
> http://gigaom.com/2013/01/10/nokia-yes-we-decrypt-your-https-data-but-dont-worry-about-it/


How does this impact the "long term reality of HTTP/2.0"? The underlying
issue in the above article is that any browser/accelerator which relies on
server-side rendering will either have to skip any HTTPS page and resource,
or it will have to run as a MITM, which is what Nokia browser and Opera
Mini are doing. This has nothing to do with HTTP itself, it's a limitation
of the chosen browser technology (and not the only limitation.. limited or
no JS is another huge problem, rendering this type of browser useless for
much of the modern web).

ig

Received on Friday, 11 January 2013 18:58:18 UTC