- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Sun, 17 Nov 2013 16:07:54 +0000
- To: Zhong Yu <zhong.j.yu@gmail.com>
- CC: Robert Collins <robertc@squid-cache.org>, Tim Bray <tbray@textuality.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 11/17/2013 04:03 PM, Zhong Yu wrote: > You are right. I used an inappropriate word, you spotted it and my > whole argument collapses. > > So, what are we going to tell people about the security of HTTP/2.0? First, I'd tell them not to take everything they've seen on this list in the last few days as being authoritative. The ramifications of the current plan are still being figured out as far as I can see. And then *after* that is figured out, you could tell them about the security of HTTP/2.0. In other words, its probably a bit early to be writing the user guide:-) S. > > > > On Sun, Nov 17, 2013 at 9:57 AM, Stephen Farrell > <stephen.farrell@cs.tcd.ie> wrote: >> >> >> On 11/17/2013 03:54 PM, Zhong Yu wrote: >>> Is HTTP/2.0 going to promise people that their conversations are now >>> unbreakable? >> >> Terms like unbreakable are irrelevant here. Anyone who makes any >> such claim, or uses any such claim to argue anything, is talking >> nonsense from a security point of view. >> >> Neither the opponents of, nor proponents for, more use of TLS >> gain anything with such bogus arguments. >> >> S. > > >
Received on Sunday, 17 November 2013 16:08:17 UTC