- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 1 May 2014 15:39:53 -0700
- To: K.Morgan@iaea.org
- Cc: Roberto Peon <grmocg@gmail.com>, Matthew Kerwin <matthew@kerwin.net.au>, HTTP Working Group <ietf-http-wg@w3.org>
On 1 May 2014 15:01, <K.Morgan@iaea.org> wrote: > TLS is end-to-end Your argument assumes the existence of only one pair of ends. If you look at the sorts of large deployments the likes of what Roberto might have worked on in the past, there are multiple hops, but all of those hops are encrypted. The same is true of all the "trusted proxy" scenarios (though I'll note that this requires a very expansive definition of "trusted"). These concerns are very real for those scenarios. When looking at this holistically, there are cases where data hits multiple TLS-protected hops.
Received on Thursday, 1 May 2014 22:40:21 UTC