- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Fri, 15 Nov 2013 10:12:30 +1300
- To: ietf-http-wg@w3.org
On 2013-11-15 09:41, Roberto Peon wrote: > Well, in such cases you may be screwed and should use a device that has > such, else you have an insurmountable trust root problem. You do realise that a huge population in India and Africa are using networks that consist solely of wireless AP, cellphone or tablet, right? Electricity supply in many areas is not reliable enough to even run an old fashioned PC. You just cut off how many people? oh well, Looking forward, the high-tech countries are already rolling out similar sorts of networks. Japan for example is rolling out HTTP-over-LED_lightbulb and vehicle manufacturers are rolling out vehicle-vehicle wireless communication (via proxies!). Now try locating the TLS certificate of the lightbulb nearest you when you get of the train ... so that you can simply connect to it. Whats the population of east asia? oh well, Then there is that media whipping-post about trends in mobile devices replacing other technology. Cut off them and you have lost a majority of the entire population. Both Internet-of-Users and Internet-of-Things with no security. So, how fast were you going to replace/upgrade every single Internet connected device on the planet to support cabled connection with HTTP/2? non-TLS forms of PKI seem to be working far better in those above systems for simultaneous performance and security than HTTPS/TLS can offer at its best. The TLS system has edges. Long overdue time to admit they are there and work towards supporting the next best thing in HTTP/2 (or is it really going to be an old thing that got sidelined because TLS CA model was "easy" ?). Amos
Received on Thursday, 14 November 2013 21:12:55 UTC