Re: Content security model from Paul Hoffman on 2012-07-25 (ietf-http-wg@w3.org from July to September 2012)

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Wed, 25 Jul 2012 10:48:08 -0700
To: Phillip Hallam-Baker <hallam@gmail.com>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CAPik8yaYLRuej=cZCLq8Bubveso=N+__TpgPONzq+8rAvvPUJQ@mail.gmail.com>

On Wed, Jul 25, 2012 at 9:59 AM, Phillip Hallam-Baker <hallam@gmail.com> wrote:
> . . . long discussion differentiating HTTP headers and body . . .

> From these I draw the following conclusions:
>
> * HTTP 2.0 should draw a distinction between routing headers and
> content meta-data
> * HTTP encryption and authentication are necessary independent of TLS support

Just to be clear, that last bullet should be "Encryption and
authentication of HTTP bodies are necessary independent of TLS
support", yes?

Received on Wednesday, 25 July 2012 17:48:36 UTC