W3C home > Mailing lists > Public > semantic-web@w3.org > August 2014

Re: The ability to automatically upgrade a reference to HTTPS from HTTP

From: carmen <_@whats-your.name>
Date: Tue, 26 Aug 2014 16:12:17 +0000
To: semantic-web@w3.org
Message-ID: <20140826161217.GA1418@t5.clearwire-wmx.net>
> a man-in-middle attack could change the content

there are some efforts to make this harder to do

> Public Key Pinning Extension for HTTP
<http://tools.ietf.org/html/draft-ietf-websec-key-pinning-11>

>  Detection and Mitigation of HTTPS Man in the Middles and Impersonators
<http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/papers/webcrypto2014_submission_19.pdf>
Received on Tuesday, 26 August 2014 16:12:46 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 08:45:38 UTC