- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Wed, 13 May 2015 06:09:39 +0000
- To: Martin Thomson <martin.thomson@gmail.com>
- cc: Willy Tarreau <w@1wt.eu>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
-------- In message <CABkgnnUOCh=39cL8N0cijm2ZU5fFwuZAMeCng_zxKn-_1FMNwQ@mail.gmail.com> , Martin Thomson writes: >On 11 May 2015 at 22:06, Willy Tarreau <w@1wt.eu> wrote: >> I can predict that you'll get requests for encrypting or at least signing >> *some* header fields because these people had to do that when facing the >> same use cases :-) > >Predictions aren't of much value when the event they predict has >already happened. I believe that this request arose even before -00 >of the -nottingham- draft was published. > >The signing scheme in [1] is definitely a candidate here. But I think >that it attempts to resolve what is a fundamental dichotomy in the >protocol: intermediaries can and do change header fields and we can't >predict which. I think we should stick to the simple to understand principle that if you want something to be end to end, you put it in the body and you encrypt and sign it appropriately there. Headers are just the envelope for delivery, and postmen may and will scratch things out and add things on the envelope to aid the delivery. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Wednesday, 13 May 2015 06:10:05 UTC