Re: something I don't get about the current plan...

Le Lun 18 novembre 2013 01:36, Bruce Perens a écrit :

>      Certainly a class of application that could permanently manipulate
>  the state of the device running it would need to be signed.

It would need to be more than signed, it would need to use a different
protocol. The sole reason http is widely authorised today, unlike pretty
much any other protocol, is that people think it can not be used to
manipulate the state of their devices.

Any change there would break the security model built around http


Nicolas Mailhot

Received on Monday, 18 November 2013 09:29:04 UTC