- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Tue, 07 Aug 2012 06:23:11 +0000
- To: "Adrien W. de Croy" <adrien@qbik.com>
- cc: "Karl Dubost" <karld@opera.com>, "Willy Tarreau" <w@1wt.eu>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
In message <em801c6840-5fa1-4ed4-b1b8-03ca3d471971@bombed>, "Adrien W. de Croy" writes: >I'm not convinced that what is proposed alters the balance of power at >all. I think trying to use protocol design to alter the balance of power by restriction is a fundamentally flawed attitude. If a given protocol does not support what the law requies, then the protocol will be circumvented, broken or banned. Adrien is right that there is a market requirement for inspection, and all we get if we refuse to meet that requirement, is less users of the protocol or that the protocol be broken open using MITM and bogus certificates. I do realize the trouble with "redefining HTTPS", and would like to point out that we have a way around that: Per protocol message encryption will allow us to define the semantics required in the market, *AND* it will allow us to mix protected and unprotected traffic in the same TCP connection, which saves a TCP connection in the very typical HTTP->HTTPS login scenario. If we add per-message-encryption in HTTP/2.0 it will not be TLS (obvious), and therefore we will not be redefining HTTPS' semantics. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Tuesday, 7 August 2012 06:23:56 UTC