- From: John Mattsson <john.mattsson@ericsson.com>
- Date: Wed, 25 Nov 2015 10:01:07 +0000
- To: Willy Tarreau <w@1wt.eu>, Mark Nottingham <mnot@mnot.net>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
On 25/11/15 07:44, "Willy Tarreau" <w@1wt.eu> wrote: >Hi Mark, > >On Wed, Nov 25, 2015 at 03:53:07PM +1100, Mark Nottingham wrote: >> We've discussed this document a few times: >> <https://tools.ietf.org/html/draft-thomson-http-encryption> >> >> WEBPUSH now has a normative requirement upon it in >> <https://tools.ietf.org/html/draft-ietf-webpush-encryption> >> >> So, I believe that we should adopt this document as a WG product, with >>a target of Proposed Standard. >> >> Please comment on-list; we???ll make a decision about adoption at the >>end of next week. > >I agree we should adopt it. I've been working in bank environments where >in-house payload encryption was used everywhere so that headers could >be kept in clear for message routing / load balancing. TLS doesn't >allow this since each node can see everything in clear once decrypted. >Such a proposal makes it much simpler to design such a system and keep >it standards-compliant. > >So +1 for me. > >Willy This is a very useful and very well written document. Definitely adopt. +1 for me as well. John
Received on Wednesday, 25 November 2015 10:02:19 UTC