W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: Willy Tarreau <w@1wt.eu>
Date: Wed, 25 Nov 2015 07:44:33 +0100
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20151125064433.GA1500@1wt.eu>
Hi Mark,

On Wed, Nov 25, 2015 at 03:53:07PM +1100, Mark Nottingham wrote:
> We've discussed this document a few times:
>  <https://tools.ietf.org/html/draft-thomson-http-encryption>
> WEBPUSH now has a normative requirement upon it in
>   <https://tools.ietf.org/html/draft-ietf-webpush-encryption>
> So, I believe that we should adopt this document as a WG product, with a target of Proposed Standard. 
> Please comment on-list; we???ll make a decision about adoption at the end of next week.

I agree we should adopt it. I've been working in bank environments where
in-house payload encryption was used everywhere so that headers could
be kept in clear for message routing / load balancing. TLS doesn't
allow this since each node can see everything in clear once decrypted.
Such a proposal makes it much simpler to design such a system and keep
it standards-compliant.

So +1 for me.

Received on Wednesday, 25 November 2015 06:45:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC