Re: Signing HTTP (Was: New Version Notification for draft-thomson-http-encryption-00.txt)

In message <>
, Martin Thomson writes:
>On 11 May 2015 at 22:06, Willy Tarreau <> wrote:
>> I can predict that you'll get requests for encrypting or at least signing
>> *some* header fields because these people had to do that when facing the
>> same use cases :-)
>Predictions aren't of much value when the event they predict has
>already happened.  I believe that this request arose even before -00
>of the -nottingham- draft was published.
>The signing scheme in [1] is definitely a candidate here. But I think
>that it attempts to resolve what is a fundamental dichotomy in the
>protocol: intermediaries can and do change header fields and we can't
>predict which.

I think we should stick to the simple to understand principle that
if you want something to be end to end, you put it in the body and
you encrypt and sign it appropriately there.

Headers are just the envelope for delivery, and postmen may
and will scratch things out and add things on the envelope
to aid the delivery.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Wednesday, 13 May 2015 06:10:05 UTC