W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: How HTTP 2.0 mandatory security will actually reduce my personal security

From: Roberto Peon <grmocg@gmail.com>
Date: Fri, 15 Nov 2013 09:38:53 -0800
Message-ID: <CAP+FsNfGLoqw2GdgEz3KnOdjoEr-HuV+2o9qbRUNhCyuapeRaA@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Michael Sweet <msweet@apple.com>, HTTP Working Group <ietf-http-wg@w3.org>, Bruce Perens <bruce@perens.com>
*sigh*

So, Stephen, do you support using encryption or not, and can we move that
discussion to a separate thread?

-=R


On Fri, Nov 15, 2013 at 9:24 AM, Stephen Farrell
<stephen.farrell@cs.tcd.ie>wrote:

>
> Hi,
>
> On 11/15/2013 05:18 PM, Roberto Peon wrote:
> > and even
> > submitted and contributed to a couple of drafts on the topic.
>
> I don't know if you mean a TLS MITM proposal or something
> else.
>
> In the former case, please accompany any such proposal with
> an analysis of the set of 176 RFCs [1] that reference 5246
> and the 91 that refer to 4246 [2] and the 167 that refer to
> 2246 [3] to demonstrate that MITM'ing all of those is a good
> and safe plan. And of course that ignores the non-IETF things
> that might use TLS, which I'm sure is some medium sized
> chunk of the 1573 [4] references that google scholar throws
> up.
>
> Thanks, (or rather, "No, thanks"),
> S.
>
> [1] http://www.arkko.com/tools/allstats/citations-rfc5246.html
> [2] http://www.arkko.com/tools/allstats/citations-rfc4346.html
> [3] http://www.arkko.com/tools/allstats/citations-rfc2246.html
> [4]
>
> http://scholar.google.com/scholar?q=http%3A%2F%2Fwww.hjp.at%2Fdoc%2Frfc%2Frfc5246.html&btnG=&hl=en&as_sdt=0%2C5
>
Received on Friday, 15 November 2013 17:39:20 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC