W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: A proposal

From: Peter Saint-Andre <stpeter@stpeter.im>
Date: Tue, 19 Nov 2013 15:11:50 -0700
Message-ID: <528BE226.2060305@stpeter.im>
To: Adrien de Croy <adrien@qbik.com>, Nicolas Mailhot <nicolas.mailhot@laposte.net>, Mike Belshe <mike@belshe.com>
CC: "Roy T. Fielding" <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/19/13 3:04 PM, Adrien de Croy wrote:

> I can't imagine a server author taking the step of requiring all
> their customers to suddenly buy certs.

Using TLS does not mean one needs to buy a PKIX certificate from a CA.
Some CAs issue free certificates, one can use self-signed
certificates, one can provision keys in DNS (DANE/TLSA), one can use
PGP keys, one can use anonymous DH cipher suites, etc. You might think
some of those options are non-starters, but it's incorrect to say that
mandatory TLS means we're forcing people to buy certificates from CAs.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSi+ImAAoJEOoGpJErxa2pD2cQAIOOmeDRRbwi8I0Tf05FUmwi
RE7Tl0w4L1NtOhU4xCbGkCkWcx6h/i/v2vxSzBo6DCloka4yrr2SC0cvJ7HHQoBK
ikv8b8n4wHJbZFWS6pBda57kN8yHYpgnX3TKvTSrqU02UC6rFHJKKEmt2RJD6glW
ijIBhyUt72aXLg9Ujog4+5dbLu/7FNx3CpyAUnNyzRNXVqV6hdekmdZgNU1RFWNc
agZMDeDGud+9IdE4JKiocCtI85g3j/VMgJI2V6iUCfqMe3jf6IV/NGerKYl8qIG4
dC1EyOuPB3FPaaRMcK+dAFc/0urfUQ8rVIEQNCodZTLx1KDfyQVj2gL11Lr6lFdy
XDuZBQr8V+BB2cQj3u5gjCT9qW0L9g4oJwbJWD+vvm4R3/jkCHFKf2wPwmQIJYdi
402S/X7xK0AjMs2/rI4P8oh2mhzEnx//LvwSb+dosrTi3i28WzHW2NN8NQ++vOxj
PKjqN7d7eCl74dPL4g8Hfd/SI8XBs8ceoL8F/O6L6FEbtb4t9e4dUemm7/WDhmqe
KxTORv9zgNS41xx9C7/bxowTJvH2qovvwpxpq967OAvL/jKO0CUlfzqZnOg4fc3N
MaeyOn7M+cFHPJcakamssCwawIRdvzjIJoxDBl1FNcRmv0Nv2vaLYiuuh5/SheFI
x6ZkFnhokPzHNSMCru1l
=s1AS
-----END PGP SIGNATURE-----
Received on Tuesday, 19 November 2013 22:12:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC