Re: http+aes

In message <>, Willy Tarreau writes:
>On Mon, Mar 05, 2012 at 06:09:35PM +0000, Poul-Henning Kamp wrote:

>Example :
>    Content-Encoding: aes-ctr-128; keyid=0x34751806
>    Cache-control: no-transform
>This has the benefit of working out-of-the-box without affecting existing
>intermediary components.

That doesn't really improve the crypto scheme or key-handling in
any meaningful way.

It does make it slightly less hackish as HTTP considered.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Wednesday, 7 March 2012 14:22:31 UTC