Re: Fwd: New Version Notification for draft-nottingham-http2-encryption-02.txt

On Thu, Dec 12, 2013 at 12:09 PM, Poul-Henning Kamp <> wrote:
>>I respect the goals behind opportunistic encryption, but it is
>>*unclear* to me if it is actually a net positive. There are definitely
>>a lot of things to like about it which I think have already been
>>covered. But I'm concerned that the risk of hurting HTTPS adoption is
>>real and significant.
> When you say "HTTPS adoption" do you mean HTTPS as we know it, with
> trojaned CA's or do you mean some future variant where the authentication
> is actually worth something when it comes to trust ?

I mean HTTPS as we know it and believe we should work on fixing
existing PKI issues. I am a fan of work like public key pinning

> --
> Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
> phk@FreeBSD.ORG         | TCP/IP since RFC 956
> FreeBSD committer       | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.

Received on Thursday, 12 December 2013 20:18:30 UTC