W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 2 Dec 2015 03:30:18 +1300
To: ietf-http-wg@w3.org
Message-ID: <565DAEFA.3030901@treenet.co.nz>
On 1/12/2015 8:51 p.m., Walter H. wrote:
> On 01.12.2015 00:15, Roland Zink wrote:
>> TLS is also end-to-end
> when you think of one end encrypting and one end decrypting that yes;
> but there is nowhere said, that one end is any server sending the data
> and the
> other end is the client receiving the data ...
>> I don't understand the problem. The message is send from server A
>> through server B to recipient C. B can't read the message. As long as
>> C can determine the message is from A (and not B) this is the same as
>> with TLS, isn't it?
> and exact this is the problem; C can't determine from where the message
> comes ...
> or do you really think there exist such stupid webadmins that publish
> encrypted data, which they can't decrypt for themselves?

Yes such admin exist. And no they are not stupid. See the use-case I
presented a short while ago to your other email as one example of such

It is also not uncommon to have admin on our proxy help mailing lists
post attachments with packet captures and such details. Some of which
contain encrypted traffic. Neither the admin posting the message nor
myself nor any other reader of the list necessarily has the keys to
decrypt it, but the reason its posted is to replicate accurately some
problem with the proxy handling certain byte sequences that come up.

For example off-by-1 error parsing the T-E:chunked framing of the
wrapper message that crypted object was sent in. When the error only
occurs rarely and randomly on certain objects.

Received on Tuesday, 1 December 2015 14:30:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC