W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Call for Adoption: Encrypted Content Encoding

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 9 Dec 2015 07:39:31 +1100
Message-ID: <CABkgnnWGWKpZJpmunPTA8ETA6LT-=Cwg-PZj=ROdQfeDv=Zh4g@mail.gmail.com>
To: Eliot Lear <lear@cisco.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 8 December 2015 at 18:16, Eliot Lear <lear@cisco.com> wrote:
> Stating that "clients might need to use other means of protection..."
> addresses  the latter architectural statement without acknowledging the
> former.  We need to go just a bit further and simply state that "all systems
> that receive the encrypted object are advised to take what precautions they
> can to have some confidence that the object is free of malware."   And then
> I would suggest several examples are in order, so as not to be too opaque.

Yeah, I'm totally on board with that.

Your point regarding "intermediary" is well-taken.  It was just a
convenient handle.
Received on Tuesday, 8 December 2015 20:40:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC