Getting our definitions of encryption straight for the HTTP/2 security discussion from Paul Hoffman on 2013-11-20 (ietf-http-wg@w3.org from October to December 2013)

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Wed, 20 Nov 2013 13:24:52 -0800
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <CAPik8ybLBrL3QWdvQpZYrUc59WehtJtZqHKUrQ_T7DwUttkhZQ@mail.gmail.com>

Greetings again. Over the past weeks, people are sometimes talking past
each other when they say they want to "always encrypt" HTTP/2 traffic. In
specific, many people have used the term "opportunistic encryption" in very
different ways without knowing it.

To help people at least understand what each other might be saying in the
future, I created a page with some definitions that hopefully everyone can
use. Comments are welcome.

http://trac.tools.ietf.org/wg/httpbis/trac/wiki/encryption-definitons

--Paul Hoffman

Received on Wednesday, 20 November 2013 21:25:20 UTC