W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2016

Re: 2nd Working Group Last Call: draft-ietf-httpbis-encryption-encoding-03.txt

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Wed, 19 Oct 2016 14:13:28 +0000
To: Julian Reschke <julian.reschke@gmx.de>
cc: Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP working group mailing list <ietf-http-wg@w3.org>, Patrick McManus <pmcmanus@mozilla.com>
Message-ID: <30011.1476886408@critter.freebsd.dk>
--------
In message <7c879010-2145-fabc-9f97-d05de90e5147@gmx.de>, Julian Reschke writes
:

>>    HTTP/1.1 200 OK
>>    Content-Type: text/html
>>    Content-Encoding: gzip, aesgcm
>>    Transfer-Encoding: chunked
>>
>>    {magic marker}
>>    keyid="me@example.com";
>>    salt="m2hJ_NttRtFyUiMRPwfpHA"
>>    {magic terminator}
>>    [encrypted payload]
>
>Because you might want to ship the parameters somewhere else. See 
>example in 
><https://greenbytes.de/tech/webdav/draft-reschke-http-oob-encoding-08.html#rfc.section.3.5.3>.

Yeah, I thought about that, but the more I study it, the more I don't
see why HTTP needs to get involved in either activity.

All this stuff can be done with existing HTTP mechanisms, by defining
a new C-E which carries its own metadata in the body, like all other
C-E's, and the enourmous advantage of that is that it is backwards
compatible.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Wednesday, 19 October 2016 14:14:01 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 19 October 2016 14:14:04 UTC