Is there a benefit from the encryption support in the protocol, if the major use cases don't need to worry about what the intermediates see? Thanks, Jeffrey On Thu, Aug 24, 2017 at 3:37 AM, Göran Eriksson AP < goran.ap.eriksson@ericsson.com> wrote: > > >Thanks, it's good to know I didn't miss anything. > > Hi Jeffrey, > > You did a good work reading through what we¹ve published. Earlier versions > of some of the documents (never submitted to IETF and only on GitHub) had > more text about security considerations but were removed- drafts should be > brief I¹ve learnt, :-)! > > I am not sure U¹ve missed it but I would like to mention that the > ³toolbox² allows for different actors to run the ³blind² cache, or rather, > secondary server and in the cases where the same actor runs primary and > secondary server, a kind of ³distributed origin", some of the concerns of > what the ³blind cache¹, secondary server, sees are not applicable. This > variant is a favourite of mine, :-). > > Another thing we found useful for security and privacy perspective (as > well as some others) was the control of the request routing OOB provides > meaning one can select to implement a request router (in primary server or > client (read SW in browser for instance). This was mentioned in [ERICSSON]. > > There is another draft FYI I just want to make sure I know about and I did > not see in your references is > https://tools.ietf.org/html/draft-eriksson-http-resource-map-00 [RMAP]. It > hints at how request routing can be done. > > > Best Regards > Göran > >
Received on Saturday, 26 August 2017 03:31:02 UTC