Re: SEC-CACHING editorial issue...

Larry Masinter (masinter@parc.xerox.com)
Thu, 12 Feb 1998 23:00:48 PST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robert Olsson: "Re: This may be a stupid question ..."
Previous message: Roy T. Fielding: "MULTIPART issue"
Maybe in reply to: Jim Gettys: "SEC-CACHING editorial issue..."

Jeff Mogul suggested adding:
> The judicious use of cryptography, when appropriate, may suffice
> to protect against a broad range of security and privacy attacks.
> Such cryptography is beyond the scope of the HTTP/1.1 specification.

with the caveat
>  if people don't think this is going too far out on a political limb.

I don't think this is a 'political' ; it is just not very helpful. In a handbook
of good
practices for site security, 'use of cryptography' is just one of a large number
of
things that need to be done judiciously. In fact, I could imagine for a proxy
cache
that the main thing to do is to limit remote access.

Next message: Robert Olsson: "Re: This may be a stupid question ..."
Previous message: Roy T. Fielding: "MULTIPART issue"
Maybe in reply to: Jim Gettys: "SEC-CACHING editorial issue..."