Re: Re[2]: Some reasons why mandating use ofSSL for HTTP is a really bad idea

On Tue, Jul 17, 2012 at 10:09 PM, Mike Belshe <mike@belshe.com> wrote:

>
> [snip]
>
>> E.g. China, India, several mid-eastern and former soviet countries.
>>
>>   [snip]
> Well, when you've got a specific country to talk about, please raise the
> issue.
>
>
Well.. there's China for one.. A quick google search reveals that current
Chinese IT Law apparently forbids Chinese citizens from utilizing
self-developed encryption products and in fact must seek the governments
permission to purchase and use any product that provides encryption
services. Requiring TLS for SPDY would, apparently, make it effectively
illegal for anyone in China to roll their own HTTP/2.0 implementation
without getting the governments approval. Now I'm far from being an expert
on Chinese IT Law but that seems rather counter productive to me.

- James

Received on Wednesday, 18 July 2012 06:36:48 UTC