- From: Carsten Krüger <C.Krueger@gmx.org>
- Date: Mon, 5 Aug 2013 19:56:17 +0200
- To: ietf-http-wg@w3.org
- CC: ietf-http-wg@w3.org
Hello Amos, > The WG charter had a key requirement to make HTTP/2 operate over the > same infrastructure used for HTTP/1. That's ok But what prevents an upgrade of the connection to an encrypted one? It must not necessarily be TLS. > The existing HTTP/1 infrastructure already provides perfect forward > secrecy in the same ways. The problem is just that almost nobody is > using it, and those who are often choose partial secrecy over perfect. That's the problem, and that's why I vote for PFS without authentication as an default in http 2. greetings Carsten
Received on Monday, 5 August 2013 17:56:45 UTC