Re: SEC-CACHING editorial issue...

Jeff Mogul suggested adding:
> The judicious use of cryptography, when appropriate, may suffice
> to protect against a broad range of security and privacy attacks.
> Such cryptography is beyond the scope of the HTTP/1.1 specification.

with the caveat
>  if people don't think this is going too far out on a political limb.

I don't think this is a 'political' ; it is just not very helpful. In a handbook
of good
practices for site security, 'use of cryptography' is just one of a large number
of
things that need to be done judiciously. In fact, I could imagine for a proxy
cache
that the main thing to do is to limit remote access.

Received on Thursday, 12 February 1998 23:03:48 UTC