[Cryptography] HTTP should be deprecated.
Patrick Mylund Nielsen
cryptography at patrickmylund.com
Mon Nov 11 20:03:15 EST 2013
On Mon, Nov 11, 2013 at 7:45 PM, Lodewijk andré de la porte <l at odewijk.nl>wrote:
> I'm sorry, no. There is information that is simply public. To intricately
> confuse them through our petty plays with numbers would be nothing but
> waste of time and all the peoples' resources.
>
I think you missed John's point, which was that, while the information may
be something that is readily accessible to all, the fact that YOU are
accessing it is interesting information. And that's true, but somebody is
going to get that information whether or not the channel is encrypted.
> Think of the caching disadvantages!
>
Which? It's very easy to cache stuff when HTTPS is used, either server-side
or client-side (Cache-Control header.) It's just a transport.
The fact that the CA model is a mess and browsers depend on it is a much
bigger disadvantage.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131111/10fa9cc4/attachment.html>
More information about the cryptography
mailing list