- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Wed, 13 May 2015 04:52:10 +1200
- To: HTTP Working Group <ietf-http-wg@w3.org>
On 13/05/2015 4:40 a.m., Martin Thomson wrote: > On 12 May 2015 at 09:35, Amos Jeffries wrote: >> * The explicit key= material (section 4.1 form) response can use >> Vary:Accept-Encoding. Since the IKM is part of the response variant >> headers it does not matter which client you send the pair to - all >> clients will be able to decode using that key or not be able to with any >> key (IKM provided was the *senders* part). > > If you use different keys for different users, then you have to add > Vary: Encryption. > Encryption is defined as a response header. Vary lists request headers. You cannot be both cacheable and use per-client keys (or payload for that matter). Amos
Received on Tuesday, 12 May 2015 16:52:42 UTC