Re: PRISM and HTTP/2.0
"Poul-Henning Kamp" <phk@phk.freebsd.dk> Sun, 14 July 2013 23:02 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5632A21F9C32 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 14 Jul 2013 16:02:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 39ym-085g5lK for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 14 Jul 2013 16:02:22 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 1ADD721F9A92 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 14 Jul 2013 16:02:22 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UyVI0-0002dz-DB for ietf-http-wg-dist@listhub.w3.org; Sun, 14 Jul 2013 23:01:12 +0000
Resent-Date: Sun, 14 Jul 2013 23:01:12 +0000
Resent-Message-Id: <E1UyVI0-0002dz-DB@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1UyVHs-0002ct-HK for ietf-http-wg@listhub.w3.org; Sun, 14 Jul 2013 23:01:04 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1UyVHr-0005cN-AG for ietf-http-wg@w3.org; Sun, 14 Jul 2013 23:01:04 +0000
Received: from critter.freebsd.dk (unknown [192.168.48.2]) by phk.freebsd.dk (Postfix) with ESMTP id 681023EB8C; Sun, 14 Jul 2013 23:00:41 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.7/8.14.7) with ESMTP id r6EN0dAM019201; Sun, 14 Jul 2013 23:00:40 GMT (envelope-from phk@phk.freebsd.dk)
To: Mark Nottingham <mnot@mnot.net>
cc: Roberto Peon <grmocg@gmail.com>, J Ross Nicoll <jrn@jrn.me.uk>, HTTP Working Group <ietf-http-wg@w3.org>
In-reply-to: <2F43265D-E004-4038-AD79-8BC2D968C585@mnot.net>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
References: <5672.1373710085@critter.freebsd.dk> <51E1D7AF.20708@jrn.me.uk> <CAP+FsNekY4WWdsYdUX3_vUWm1pqepWOH7PdiS9ZxpFwkHnqXWA@mail.gmail.com> <2F43265D-E004-4038-AD79-8BC2D968C585@mnot.net>
Content-Type: text/plain; charset="ISO-8859-1"
Date: Sun, 14 Jul 2013 23:00:38 +0000
Message-ID: <19200.1373842838@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-3.6
X-W3C-Hub-Spam-Report: AWL=-3.246, RP_MATCHES_RCVD=-0.39
X-W3C-Scan-Sig: maggie.w3.org 1UyVHr-0005cN-AG b5d3698c374b110bf0306859d53618de
X-Original-To: ietf-http-wg@w3.org
Subject: Re: PRISM and HTTP/2.0
Archived-At: <http://www.w3.org/mid/19200.1373842838@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18771
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
In message <2F43265D-E004-4038-AD79-8BC2D968C585@mnot.net>, Mark Nottingham wri tes: >I have no problem using HTTP/2 as a way to drive these discussions and >consolidate the efforts by requiring particular things to be done when >you use the protocol. However, we can't fix the whole world here; we >need to stay focused. Indeed we can not, but I think the shift in security perceptions PRISM have caused needs to inform us nontheless. For instance, it is now naive to assume that the only encryption which will ever be used around HTTP/2.0 is going to be SSL/TLS. We have thankfully settled that HTTP/2.0 can be moved on any transparent byte-pipe. But maybe it would be a good idea to also expressly tag the frames which needs cryptographic protection (object bodies) and which does not (house keeping, routing envelopes, headers), in order to enable future encryption schemes which are not stream, but message based ? It would be sad to spend this much effort to build the last tea-clipper. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
- PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Stephen Farrell
- Re: PRISM and HTTP/2.0 Mike Belshe
- Re: PRISM and HTTP/2.0 J Ross Nicoll
- Re: PRISM and HTTP/2.0 Roberto Peon
- Re: PRISM and HTTP/2.0 Nicolas Mailhot
- Re: PRISM and HTTP/2.0 Mark Nottingham
- Re: PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Amos Jeffries
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür