Re: Moving forward on improving HTTP's security

(trimming the cc)

Le 13 nov. 2013 à 15:41, Mike Belshe <mike@belshe.com> a écrit :
>     c) otherwise actively leveraging plaintext HTTP today for business or pleasure

I'm one of this (indeed rare) person who is having a Web site, do not have analytics, do not have comments, or anything, do not set any cookies of any sort, etc. Plain HTTP works for me in the sense that it is easy to set up, and hack. Installing a server and requiring certificates is still not easy (in my scale of easy).

We should definitely push for better security. Make HTTP2 dependent on security everywhere might make it harder if the rest of the stack doesn't follow: Aka make it as dead simple to enable security than to start an http server. :)


-- 
Karl Dubost
http://www.la-grange.net/karl/

Received on Wednesday, 13 November 2013 23:09:29 UTC