W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 1998

Re: SEC-CACHING editorial issue...

From: Larry Masinter <masinter@parc.xerox.com>
Date: Thu, 12 Feb 1998 23:00:48 PST
Message-Id: <007701bd384d$1d2f0560$e3d3000d@bronze-208.parc.xerox.com>
To: http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5361

Jeff Mogul suggested adding:
> The judicious use of cryptography, when appropriate, may suffice
> to protect against a broad range of security and privacy attacks.
> Such cryptography is beyond the scope of the HTTP/1.1 specification.

with the caveat
>  if people don't think this is going too far out on a political limb.

I don't think this is a 'political' ; it is just not very helpful. In a handbook
of good
practices for site security, 'use of cryptography' is just one of a large number
of
things that need to be done judiciously. In fact, I could imagine for a proxy
cache
that the main thing to do is to limit remote access.
Received on Thursday, 12 February 1998 23:03:48 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:04 UTC