- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 11 Jan 2013 20:20:00 +0000
- To: Yoav Nir <ynir@checkpoint.com>
- cc: HTTP Working Group <ietf-http-wg@w3.org>
-------- In message <4613980CFC78314ABFD7F85CC302772111980795@IL-EX10.ad.checkpoint.com> , Yoav Nir writes: >The issue described in the link is described as a MitM attack. Which is the only option available with HTTPS. It is surprisingly more common than you'd think in $bigcorp settings. >Anyway, I don't see how HTTP/2 could do any better than that without >becoming some kind of cross-layer monstrosity. It could offer per-hop encryption as an alternative to end-to-end encryption, while keeping the user reliably informed about the level of security. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 11 January 2013 20:20:22 UTC