Re: Call for Adoption: Encrypted Content Encoding

From: Walter H. <Walter.H@mathemainzel.info>
Date: Thu, 03 Dec 2015 05:06:49 +0100
To: Roland Zink <roland@zinks.de>
CC: ietf-http-wg@w3.org
Message-ID: <565FBFD9.3080502@mathemainzel.info>

On 02.12.2015 15:59, Roland Zink wrote:
> This is not true. Today it is no problem to deliver encrypted content 
> and some JS to decrypt it. Even worse steganography may be used to 
> hide the fact that encryption was used at all.
and with this draft you need no JS at all -> absolute unacceptable 
increase of attack vector.

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thursday, 3 December 2015 04:07:16 UTC