W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Semantics of HTTPS

From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 6 Aug 2012 23:43:02 +0200 (CEST)
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
cc: Willy Tarreau <w@1wt.eu>, Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <alpine.DEB.2.00.1208062340480.10581@tvnag.unkk.fr>
On Mon, 6 Aug 2012, Stephen Farrell wrote:

> The tls WG was offered that option again last week and rejected it again. If 
> the httpbis WG want to standardise some kind of mitm without changing TLS 
> then that seems to re-define https to me at least.

I strongly agree. MITM proxies are not defined elements of a TLS 
infrastructure and legitimizing them would redefine HTTPS to me. They are 
hacks or attacks or whatever we should call them.


  / daniel.haxx.se
Received on Monday, 6 August 2012 21:43:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:03 UTC