Re: Privacy and HTTP intermediaries

On 05/02/2011 10:18 PM, Willy Tarreau wrote:
> What we should discourage is a transparent and automatic fallback from
> SSL to clear text, because the user might think his privacy is respected
> while it's not.

Within one single layer, that may be obvious as you have stated. Within 
multiple layers, in-between some layers may see clear-text and outside 
those two the same text is appears encrypted. Don't mistake this as 
false sense of security. We could state many use-cases, yet the obvious 
is binary on hardware. Something decodes the image and feeds that to the 
hardware for execution, for example.

The fix for this has been in niche areas, yet it may be there was some 
good reason left open in the public commerce. After decades. we just 
didn't make it obvious even if one thing leads to another. With 
possibilities of quantum computers (on demand), maybe we are not worried 
given current trends of organic development.

--- ---
Web Development, Software Engineering, Virtual Reality, Consultant

Received on Tuesday, 3 May 2011 21:07:01 UTC