Re: http+aes

On 2012-03-06 00:29, Ian Hickson wrote:
> On Mon, 5 Mar 2012, Willy Tarreau wrote:
>> I wouldn't go to such extremities, but at least I think that we're just
>> facing a layering violation. Only the contents have to be encrypted so
>> that the caches cannot use them, while the transport remains unchanged.
>> So a new scheme is not appropriate for this, a Content-Encoding would be
>> much better. User agents would be configured to know that content-
>> encoding XYZ requires a deciphering key whose ID is presented in the
>> header itself and should have been retrieved via another channel.
>> Example :
>>      Content-Encoding: aes-ctr-128; keyid=0x34751806
>>      Cache-control: no-transform
> This would require changes at the intermediaries. It would also require a
 > ...


Received on Tuesday, 6 March 2012 08:02:32 UTC