- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Mon, 26 Aug 2013 10:44:13 +0200
- To: "Salvatore Loreto" <salvatore.loreto@ericsson.com>
- Cc: ietf-http-wg@w3.org
Le Dim 25 août 2013 09:10, Salvatore Loreto a écrit : > Having said that I agree with Eliot that solving everything just saying > lets use TLS > is a theater, instead we should work on a way to authenticate endpoints, > proxies, > how to provide data integrity etc. +1 It's horrifying to see how most HTTP/1 clients will mess around with partial implementations to establish com, because who cares if secrets are leaked right and left, if the TLS stack is not complaining overmuch it must be secure. Bonus points if they manage to degrade setups that would require their developers to handle more valid error conditions. -- Nicolas Mailhot
Received on Monday, 26 August 2013 08:44:45 UTC