W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Proposal for doing unauthenticated encryption inside of HTTP/2

From: James M Snell <jasnell@gmail.com>
Date: Wed, 4 Dec 2013 09:22:26 -0800
Message-ID: <CABP7RbegdR3TGg_86F1BsNQC2xumr9PDm7JaC06_OmFO6Rntfw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@gmail.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
If you don't care about my particular use cases, that is fine, but
please understand that any criticism is meant to be constructive. I
firmly believe that we cannot adequately address the passive
surveillance issue using this form of unauthenticated encryption. I'm
all for experimentation in this area and throwing around new ideas,
but I'm definitely not convinced that your draft meets the mark as it
currently sits.

On Wed, Dec 4, 2013 at 9:12 AM, Paul Hoffman <paul.hoffman@gmail.com> wrote:
> Just to be clear, this draft is aimed at the use case that the WG seems to
> be interested in (thwarting passive surveillance), not the one you seem to
> be wanting it to point to. If you want to pursue yours, that's fine I guess,
> but please don't disparage mine for meeting what seems to be the one the WG
> wants.
Received on Wednesday, 4 December 2013 17:23:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:20 UTC