W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: Trusted Proxy Alternatives Analysis

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Mon, 10 Feb 2014 11:30:27 +0100
Message-ID: <8d4b36fdfc2e01282b5172ed920662f4.squirrel@arekh.dyndns.org>
To: "William Chan (陈智昌)" <willchan@chromium.org>
Cc: "Peter Lepeska" <bizzbyster@gmail.com>, "Frode Kileng" <frodek@tele.no>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>

Le Ven 7 février 2014 22:42, William Chan (陈智昌) a écrit :

> * We might be able to come up with ways to provide additional
> protection for content (thus mitigating your private key concern). For
> example, Subresource Integrity is one such proposal:
> http://w3c.github.io/webappsec/specs/subresourceintegrity/.

As is typical of such proposals, it does not consider that intermediaries
would also like to avoid cache poisoning.


Nicolas Mailhot
Received on Monday, 10 February 2014 10:31:02 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC