W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: John Mattsson <john.mattsson@ericsson.com>
Date: Wed, 25 Nov 2015 10:01:07 +0000
To: Willy Tarreau <w@1wt.eu>, Mark Nottingham <mnot@mnot.net>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <D27B44AF.415E5%john.mattsson@ericsson.com>


On 25/11/15 07:44, "Willy Tarreau" <w@1wt.eu> wrote:

>Hi Mark,
>
>On Wed, Nov 25, 2015 at 03:53:07PM +1100, Mark Nottingham wrote:
>> We've discussed this document a few times:
>>  <https://tools.ietf.org/html/draft-thomson-http-encryption>
>> 
>> WEBPUSH now has a normative requirement upon it in
>>   <https://tools.ietf.org/html/draft-ietf-webpush-encryption>
>> 
>> So, I believe that we should adopt this document as a WG product, with
>>a target of Proposed Standard.
>> 
>> Please comment on-list; we???ll make a decision about adoption at the
>>end of next week.
>
>I agree we should adopt it. I've been working in bank environments where
>in-house payload encryption was used everywhere so that headers could
>be kept in clear for message routing / load balancing. TLS doesn't
>allow this since each node can see everything in clear once decrypted.
>Such a proposal makes it much simpler to design such a system and keep
>it standards-compliant.
>
>So +1 for me.
>
>Willy

This is a very useful and very well written document. Definitely adopt.

+1 for me as well.

John

Received on Wednesday, 25 November 2015 10:02:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC