- From: Brian Pane <brianp@brianp.net>
- Date: Mon, 26 Mar 2012 02:22:11 -0700
- To: ietf-http-wg@w3.org
On Mon, Mar 26, 2012 at 1:34 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > I don't think the majority of users consider HTTP an unsecure > protocol for p0rn, newspapers and blogs. And the majority of users probably don't consider HTTP an unsecure protocol for email, social networking, search, or banking...mostly because they don't know what a "secure protocol" is, or even what a "protocol" is. And they shouldn't have to know those details. For HTTP/2.0, we're talking about a protocol that thousands of people will implement. And then millions of people will deploy those implementations to create websites. And billions of people will use those websites during the protocol's active lifetime. If we convince ourselves that securing the transport is too onerous for the thousands, or too inefficient for the millions, we'll be missing a chance to better harden the web on behalf of the billions. -Brian
Received on Monday, 26 March 2012 09:22:40 UTC