- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Thu, 14 Nov 2013 10:09:50 +0100
- To: "Roberto Peon" <grmocg@gmail.com>
- Cc: "Bruce Perens" <bruce@perens.com>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
Le Jeu 14 novembre 2013 09:16, Roberto Peon a écrit : > One of the reasons why http/1.1 is what people use on port 80 is because > that is all which reliably traverses it. And it reliably traverses it because there is a wide array of solutions on the market that permit its filtering. If you remove this security property, port 80 reliable availability will become something of the past and it will join the long list of protocols too annoying to control to be permitted on network boundaries. Most people do not trust random server hosts on the Internet. Mandatory TLS assume they will. Given how diverse the human population is, there is no chance in hell for that to happen. (yes this wg can remove possibility of fine-grained filtering. You'll see people dropping whole continents at the ip level instead, like already happens for mail). There have still not been any explanation why traffic must be 100% encrypted. People do not wear black balaclavas by default in real life just in case a CCTV camera or a Google car passes by. -- Nicolas Mailhot
Received on Thursday, 14 November 2013 09:10:20 UTC