- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 30 Sep 2014 13:34:59 -0700
- To: "FOSSATI, Thomas (Thomas)" <thomas.fossati@alcatel-lucent.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 30 September 2014 13:25, FOSSATI, Thomas (Thomas) <thomas.fossati@alcatel-lucent.com> wrote: > true for https resources. But I can't find any explicit reference to https in 9.2 (and subsections), therefore I was inferring that those requirements also apply to opp-sec use of TLS? Would you like to make an argument for integrity-only for opportunistic security? I can't imagine any argument that I'd find compelling, but am always willing to be surprised.
Received on Tuesday, 30 September 2014 20:35:26 UTC