W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: Walter H. <Walter.H@mathemainzel.info>
Date: Mon, 30 Nov 2015 21:13:52 +0100
Message-ID: <565CAE00.3020400@mathemainzel.info>
To: John Mattsson <john.mattsson@ericsson.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
On 30.11.2015 11:42, John Mattsson wrote:
> I think this should be used in addition to HTTPS. TLS is not the 
> solution to everything. In the WebPush scenario, using only HTTPS 
> would lead to the Push Service having access to, and being able to 
> modify the content. Content-enryption + HTTPS looks like a good 
> general solution that can be used independently of content-type. 
and how would this prevent the security impact I mentioned?

Received on Monday, 30 November 2015 20:14:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC