- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Fri, 5 Aug 2016 14:39:17 +0200
- To: Cory Benfield <cory@lukasa.co.uk>
- Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, HTTP Working Group <ietf-http-wg@w3.org>
> Am 05.08.2016 um 14:17 schrieb Cory Benfield <cory@lukasa.co.uk>: > > >> On 5 Aug 2016, at 10:12, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: >> >> Maybe it is one of those places where crypto could be useful: >> >> Make the request contain the ID of a pre-shared-key. If its on >> the list you get the full monty, if not, you only get a safe summary. > > So that kind of model certainly could work. At a certain point, though, one wonders if we’re severely over-engineering in order to solve a problem that’s not important enough to justify the effort. The intend here is to help debugging when client X does not work with Server Y. I fail to see how pre-shared keys could facilitate this, given that the client could be a browser and the bug reporter not a developer. I'd rather limit the amount of information it exposes than its usefulness. -Stefan
Received on Friday, 5 August 2016 12:39:51 UTC