W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Getting our definitions of encryption straight for the HTTP/2 security discussion

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 20 Nov 2013 19:58:55 -0800
Message-ID: <CABkgnnWpDk2Di5924mrnPLYzmguVmJL3fRjn=5h0_5uYQs3gKw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 20 November 2013 17:12, Paul Hoffman <paul.hoffman@gmail.com> wrote:
> No. Better-than-nothing is an end-state: definitely unauthenticated.
> Best-effort is a process: try for server-encrypted but fall back to
> better-than-nothing if that isn't possible. If there is a good way to
> indicate that the first two definitions are end states, but the latter two
> are processes, that would be great.

That seems like an important distinction.  If you want to try writing
text up to address those points (process v. end state), I'm sure we
can get that up on the wiki.
Received on Thursday, 21 November 2013 03:59:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:20 UTC