W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Fwd: New Version Notification for draft-nottingham-http2-encryption-02.txt

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Thu, 12 Dec 2013 20:09:06 +0000
To: (wrong string) ™ˆ™˜Œ) <willchan@chromium.org>
cc: Patrick McManus <mcmanus@ducksong.com>, Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <25284.1386878946@critter.freebsd.dk>

>I respect the goals behind opportunistic encryption, but it is
>*unclear* to me if it is actually a net positive. There are definitely
>a lot of things to like about it which I think have already been
>covered. But I'm concerned that the risk of hurting HTTPS adoption is
>real and significant.

When you say "HTTPS adoption" do you mean HTTPS as we know it, with
trojaned CA's or do you mean some future variant where the authentication
is actually worth something when it comes to trust ?

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 12 December 2013 20:09:37 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC