W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Willy Tarreau <w@1wt.eu>
Date: Thu, 14 Nov 2013 00:27:43 +0100
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: ietf-http-wg@w3.org
Message-ID: <20131113232743.GC10912@1wt.eu>
On Thu, Nov 14, 2013 at 11:51:35AM +1300, Amos Jeffries wrote:
> On 2013-11-14 09:01, William Chan wrote:
> >Well, it should be no surprise that the Chromium project is still 
> >planning
> >on supporting HTTP/2 only over a secure channel (aka TLS unless 
> >something
> >better comes along...). So, that's (C).
> 
> Your choice. But thanks to your team for providing a new diriving force 
> behind HTTPS-to-HTTP MITM gateways. It is causing a surprising amount of 
> extra sales and consulting work over here. Forgive me for not repeating 
> myself about the whys of that.

Speaking about sales, our customers now target larger models of load
balancers on average thanks to this new trend of putting TLS just to
look good. That's great, some sites have just one connection per client,
so we see only fresh new connections, the worst case! So they have to
buy a device capable of 60K HTTP CPS to use only 5K HTTPS CPS, for sure
the technical improvements pleases the sales people :-)

Willy
Received on Wednesday, 13 November 2013 23:29:36 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC