- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Mon, 18 Nov 2013 10:28:35 +0100
- To: "Bruce Perens" <bruce@perens.com>
- Cc: "Mike Belshe" <mike@belshe.com>, "httpbis mailing list" <ietf-http-wg@w3.org>
Le Lun 18 novembre 2013 01:36, Bruce Perens a écrit : > Certainly a class of application that could permanently manipulate > the state of the device running it would need to be signed. It would need to be more than signed, it would need to use a different protocol. The sole reason http is widely authorised today, unlike pretty much any other protocol, is that people think it can not be used to manipulate the state of their devices. Any change there would break the security model built around http Regards, -- Nicolas Mailhot
Received on Monday, 18 November 2013 09:29:04 UTC