- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 06 Mar 2012 09:01:56 +0100
- To: Ian Hickson <ian@hixie.ch>
- CC: Willy Tarreau <w@1wt.eu>, URI <uri@w3.org>, HTTP Working Group <ietf-http-wg@w3.org>
On 2012-03-06 00:29, Ian Hickson wrote: > On Mon, 5 Mar 2012, Willy Tarreau wrote: >> >> I wouldn't go to such extremities, but at least I think that we're just >> facing a layering violation. Only the contents have to be encrypted so >> that the caches cannot use them, while the transport remains unchanged. >> So a new scheme is not appropriate for this, a Content-Encoding would be >> much better. User agents would be configured to know that content- >> encoding XYZ requires a deciphering key whose ID is presented in the >> header itself and should have been retrieved via another channel. >> >> Example : >> Content-Encoding: aes-ctr-128; keyid=0x34751806 >> Cache-control: no-transform > > This would require changes at the intermediaries. It would also require a > ... Sorry?
Received on Tuesday, 6 March 2012 08:02:32 UTC