Re: breaking TLS (Was: Re: multiplexing -- don't do it) from Daniel Stenberg on 2012-04-06 (ietf-http-wg@w3.org from April to June 2012)

From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 6 Apr 2012 23:17:07 +0200 (CEST)
To: Willy Tarreau <w@1wt.eu>
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Roberto Peon <grmocg@gmail.com>, Nicolas Mailhot <nicolas.mailhot@laposte.net>, ietf-http-wg@w3.org
Message-ID: <alpine.DEB.2.00.1204062316170.4189@tvnag.unkk.fr>

On Fri, 6 Apr 2012, Willy Tarreau wrote:

> In my opinion we should let the user decide between GET https:// and 
> CONNECT. That solves all issues because admins can let just a short 
> whitelist run on CONNECT, with the rest being analyzed.

+1

CONNECT will "save" the users completely, yet GET https:// will be what lots 
of companies and orgnizations will want.

-- 

  / daniel.haxx.se

Received on Friday, 6 April 2012 21:18:05 UTC