Re: 2nd Working Group Last Call: draft-ietf-httpbis-encryption-encoding-03.txt

> But how would you handle the case describes above -- where the metadata 
> (content type, encryption material) is served from a server different 
> from the one having the (encrypted) payload?

Is this just about moving Encryption header to body?

   HTTP/1.1 200 OK
   Content-Type: text/html
   Content-Encoding: gzip, aesgcm
   Transfer-Encoding: chunked

   {magic marker}
   {magic terminator}
   [encrypted payload]

there is 

   Crypto-Key: keyid="a1"; aesgcm="csPJEXBYA5U-Tal9EdJi-w"

which you do not want move to body. That is different thing.

And content-type is just here, it is not moved to
server to where out-of-band points:

TTP/1.1 200 OK
Date: Thu, 14 May 2015 18:52:00 GMT
Content-Encoding: aesgcm, out-of-band
Content-Type: text/plain
Encryption: keyid="a1"; salt="vr0o6Uq3w_KDWeatc27mUg"
Crypto-Key: keyid="a1"; aesgcm="csPJEXBYA5U-Tal9EdJi-w"
Content-Length: 101
Vary: Accept-Encoding

  "sr": [
    { "r" :

/ Kari Hurtta

Received on Wednesday, 19 October 2016 16:01:53 UTC