- From: Nico Williams <nico@cryptonector.com>
- Date: Mon, 14 Jan 2013 10:28:39 -0600
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
The only way to degrade gracefully that I can see is to have one more layer of end-to-end security (key exchange, authentication, per-message security) that provides at least integrity protection that survives any MITM at lower layers. That way you can a) detect MITMs, b) let them at most see the plaintext. And if you want you could further encrypt data and let the MITMs at lower layers eat cake. But this would merely set off a race to MITM the new protocol. Also we'd be accused of trying to replace TLS, re-inventing the wheel, ... Nico --
Received on Monday, 14 January 2013 16:29:06 UTC