- From: Mark Nottingham <mnot@mnot.net>
- Date: Tue, 1 Oct 2013 10:54:58 +1000
- To: "ietf-http-wg@w3.org WG" <ietf-http-wg@w3.org>
- Message-Id: <FE82DF6C-0918-4AFF-8ED3-C410D9997E97@mnot.net>
Everyone, This is a draft put together based upon my observations of our discussions about encryption and HTTP/2.0, both before and after Berlin, along with a fair dose of help from reviewers (thanks again!). It proposes a way to optimistically encrypt communication for http:// URIs that is resistant to passive attacks, but is not (yet) resistant to active attacks. Full details are in the draft. The aim was to respect the (sometimes conflicting) requirements of various stakeholders here; I may or may not have hit that goal, and look forward to the discussion. Really, the idea is to get the conversation going, not to guide us to a particular endpoint. I understand that other folks might be working on complementary or competing drafts as well. We're not going to discuss this general area in any detail at our Seattle interim meeting; instead, we will have a substantial block of time set aside in Vancouver. Regards, P.S. I've attached a possibly friendlier HTML version.
Begin forwarded message: > From: internet-drafts@ietf.org > Subject: New Version Notification for draft-nottingham-http2-encryption-00.txt > Date: 1 October 2013 10:45:04 AM AEST > To: Mark Nottingham <mnot@mnot.net> > > > A new version of I-D, draft-nottingham-http2-encryption-00.txt > has been successfully submitted by Mark Nottingham and posted to the > IETF repository. > > Filename: draft-nottingham-http2-encryption > Revision: 00 > Title: Encryption for HTTP URIs Using Alternate Services > Creation date: 2013-10-01 > Group: Individual Submission > Number of pages: 15 > URL: http://www.ietf.org/internet-drafts/draft-nottingham-http2-encryption-00.txt > Status: http://datatracker.ietf.org/doc/draft-nottingham-http2-encryption > Htmlized: http://tools.ietf.org/html/draft-nottingham-http2-encryption-00 > > > Abstract: > This document proposes a way to optimistically encrypt HTTP/2.0 using > TLS for HTTP URIs. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > -- Mark Nottingham http://www.mnot.net/
Attachments
- text/html attachment: draft-nottingham-http2-encryption-00.html
Received on Tuesday, 1 October 2013 00:55:31 UTC