Re: The ability to automatically upgrade a reference to HTTPS from HTTP from carmen on 2014-08-26 (semantic-web@w3.org from August 2014)

From: carmen <_@whats-your.name>
Date: Tue, 26 Aug 2014 16:12:17 +0000
To: semantic-web@w3.org
Message-ID: <20140826161217.GA1418@t5.clearwire-wmx.net>

> a man-in-middle attack could change the content

there are some efforts to make this harder to do

> Public Key Pinning Extension for HTTP
<http://tools.ietf.org/html/draft-ietf-websec-key-pinning-11>

>  Detection and Mitigation of HTTPS Man in the Middles and Impersonators
<http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/papers/webcrypto2014_submission_19.pdf>

Received on Tuesday, 26 August 2014 16:12:46 UTC