- From: Harald Klimach <harald@klimachs.de>
- Date: Thu, 4 Jul 2019 13:24:50 +0200
- To: public-zot@w3.org
- Message-Id: <93BE6A4A-2CBA-499E-9EE6-697C1935BE4E@klimachs.de>
> This can be re-worded and the word 'primarily' removed. > > Communications with Zot/6 take place using JSON over https. Great. We put in the respective RFCs, right? Communication with Zot/6 takes place using JSON (https://tools.ietf.org/html/rfc8259) exchanged via HTTP (https://tools.ietf.org/html/rfc7230) [over TLS (https://tools.ietf.org/html/rfc2818)]. > There's been a bit of debate over the https requirement as it could cause conflict with using zot over Tor. It might be a good time to resolve that once and for all. This would mostly have an impact on the section about data encryption. Perhaps this would require a negotiated crypto algorithm if running over unsecured http. OK, please excuse my ignorance, but do we even need to care how the HTTP is transmitted in the Zot Protocol? In my naive mind the Zot protocol lives within HTTP requests, and it should not really matter whether the HTTP stream itself lives inside a TLS transmission or not from the Zot protocols point of view.
Received on Thursday, 4 July 2019 11:25:15 UTC