- From: Richard Wheeldon (rwheeldo) <rwheeldo@cisco.com>
- Date: Sat, 21 Jun 2014 19:25:18 +0000
- To: Julian Reschke <julian.reschke@gmx.de>, Martin Nilsson <nilsson@opera.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
> and also the fact that the protocol spoken between UA and proxy might not even be HTTP (does this merit a new section somewhere?). This is also true for communication between UA and server (e.g. Webex, Skype, Goto-meeting) which are often tunnelled over 443 to look like HTTPS but aren't. The security implications of such protocols aren't pretty. I think we put a brief statement in that mentions these issues, but limits the scope of the rest of the doc to just HTTP. Otherwise the scope creep is likely to get silly, Richard
Received on Saturday, 21 June 2014 19:25:45 UTC