- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Mon, 7 Dec 2015 13:21:45 +0100
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Cory Benfield <cory@lukasa.co.uk>, Jacob Appelbaum <jacob@appelbaum.net>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
> Am 07.12.2015 um 13:13 schrieb Poul-Henning Kamp <phk@phk.freebsd.dk>: > > -------- > In message <AD5923A5-875D-4A3B-AFFF-26CE042934FC@lukasa.co.uk>, Cory Benfield writes: > [...] > For instance I could open a HTTPS to a newspaper, and one of the > things I get back is the instruction: "When you pick up our stuff > from the 3rd party CDN, the content must be signed with this key". > > That could put integrity around an awfull lot of content which > simply doesn't need TLS because it is 100% public, with the > huge added benefit that the CDN's do need access to keys. You mean, do *not* need access to keys, right? As the origin would put the signature together with the content at the CDN, or? //Stefan
Received on Monday, 7 December 2015 12:22:12 UTC