Re: MACing HTTP requests/responses (Re: Content-Integrity header)

• From: Nico Williams <nico@cryptonector.com>
• Date: Wed, 11 Jul 2012 18:42:42 -0500
• To: Phillip Hallam-Baker <hallam@gmail.com>
• Cc: ietf-http-wg@w3.org
• Message-ID: <CAK3OfOi+M62db47BgmzW=6a+X0wuusp3=rqqeR8RKOMd7-G78g@mail.gmail.com>

If you envision not using TLS but still want HTTP to provide youwith
integrity protection... why stop there?  Why not go whole hog and also
ask for confidentiality protection?

Received on Wednesday, 11 July 2012 23:43:05 UTC