W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Getting our definitions of encryption straight for the HTTP/2 security discussion

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Wed, 20 Nov 2013 17:04:22 -0800
Message-ID: <CAPik8yaY0kA6LDaQDaDBdZHNFW2P8TBW5un5Tj6fTgsQfaqp7w@mail.gmail.com>
To: Adrien de Croy <adrien@qbik.com>
Cc: "Manger, James H" <James.H.Manger@team.telstra.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
You are right that the examples of STARTTLS do not match the definition;
I'll remove them. What is important for the definition is that
"opportunistic" match what it means in other protocols in the IETF, and I
believe that almost always is "try even if you weren't asked to".


On Wed, Nov 20, 2013 at 4:40 PM, Adrien de Croy <adrien@qbik.com> wrote:

>
> Hi Paul
>
> not sure I like much the text for the opportunistic.
>
> STARTTLS in SMTP/IMAP works by the server firstly advertising availability
> of encryption.  This would only trigger a client to actually ask for it
> only if the client were so configured.  In many mail clients for instance,
> this won't actually cause any encryption to happen at all with default
> config.  So there's no contract about making any best effort to achieve
> crypto.  It can be no effort and no crypto and commonly is.
>
> So maybe this doesn't describe what is meant by opportunistic encryption
> and we need another term, or do we change the meaning?
>
> Adrien
>
>
>
>
>
>
> ------ Original Message ------
> From: "Paul Hoffman" <paul.hoffman@gmail.com>
> To: "Manger, James H" <James.H.Manger@team.telstra.com>
> Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
> Sent: 21/11/2013 1:20:04 p.m.
> Subject: Re: Getting our definitions of encryption straight for the HTTP/2
> security discussion
>
>  I agree that my earlier term  "authenticated encryption" would have
> collisions with other technologies, and I updated the definitions to match
> James' wording.
>
>
Received on Thursday, 21 November 2013 01:04:50 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC