Re: http+aes

In message <20120305200850.GI30594@1wt.eu>, Willy Tarreau writes:
>On Mon, Mar 05, 2012 at 06:09:35PM +0000, Poul-Henning Kamp wrote:

>Example :
>    Content-Encoding: aes-ctr-128; keyid=0x34751806
>    Cache-control: no-transform
>
>This has the benefit of working out-of-the-box without affecting existing
>intermediary components.

That doesn't really improve the crypto scheme or key-handling in
any meaningful way.

It does make it slightly less hackish as HTTP considered.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Monday, 5 March 2012 21:42:26 UTC