Re: Response to HTTP2 expresions of interest

In message <CAMm+LwgQRnXsjvFkg42Tm3qZmY=M34-n1WM1W9V9oF-=udnBQQ@mail.gmail.com>
, Phillip Hallam-Baker writes:

>OK HTTP is not going to be acceptably secure for the types of
>application TLS is typically used today.

(Sorry, email misfire there).

I think you're wrong about that.

TLS already today leaks a lot of information to an eavesdropper, and
adding a convenient routing-envelope will not increase that leakage
if it is done correctly, but it will make it a lot easier for HTTP
server side to implement and handle protected traffic at high
traffic densities.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Friday, 13 July 2012 18:02:29 UTC