Re: Semantics of HTTPS from Mike Belshe on 2012-08-06 (ietf-http-wg@w3.org from July to September 2012)

From: Mike Belshe <mike@belshe.com>
Date: Mon, 6 Aug 2012 16:07:20 -0700
To: Mark Nottingham <mnot@mnot.net>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CABaLYCvcepmX0=zYp_GBXG9NzKG_PLEq5X_AUgC+gs3rwtevmg@mail.gmail.com>

On Mon, Aug 6, 2012 at 1:32 PM, Mark Nottingham <mnot@mnot.net> wrote:

> <
> https://svn.tools.ietf.org/svn/wg/httpbis/draft-ietf-httpbis/latest/p1-messaging.html#https.uri>
> is slated to define the semantics of HTTPS urls.
>
> We currently talk about HTTPS' impact on caches and identity there, but we
> don't mention one other major effect on HTTP -- the use of CONNECT to
> proxies.
>
> I think we need to define HTTPS as having a semantic of *end-to-end* use
> of SSL/TLS, and therefore CONNECT to proxies.
>

+1.  I don't think we can take away https' end-to-end properties
retroactively.

Mike


>
> Make sense?
>
> --
> Mark Nottingham
> http://www.mnot.net/
>
>
>
>
>
>

Received on Monday, 6 August 2012 23:07:48 UTC