Re: Trusted Proxy Alternatives Analysis from Mark Nottingham on 2014-02-11 (ietf-http-wg@w3.org from January to March 2014)

From: Mark Nottingham <mnot@mnot.net>
Date: Tue, 11 Feb 2014 13:39:52 +1100
To: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Cc: "William Chan (陈智昌)" <willchan@chromium.org>, Peter Lepeska <bizzbyster@gmail.com>, Frode Kileng <frodek@tele.no>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-Id: <46F0DFDB-F8F2-421B-A0F9-D6816B9674F5@mnot.net>

Nicolas, 

Can you expand upon that? A throwaway dismissal like that doesn't really help.

Cheers,


On 10 Feb 2014, at 9:30 pm, Nicolas Mailhot <nicolas.mailhot@laposte.net> wrote:

> 
> Le Ven 7 février 2014 22:42, William Chan (陈智昌) a écrit :
> 
>> * We might be able to come up with ways to provide additional
>> protection for content (thus mitigating your private key concern). For
>> example, Subresource Integrity is one such proposal:
>> http://w3c.github.io/webappsec/specs/subresourceintegrity/.
> 
> As is typical of such proposals, it does not consider that intermediaries
> would also like to avoid cache poisoning.



--
Mark Nottingham   http://www.mnot.net/

Received on Tuesday, 11 February 2014 02:40:24 UTC