Interesting People mailing list archives
Technical addendum to "http: Must Die!"
From: David Farber <dave () farber net>
Date: Tue, 11 Dec 2007 04:12:21 -0500
Begin forwarded message: From: Lauren Weinstein <lauren () vortex com> Date: December 11, 2007 12:55:45 AM EST To: dave () farber net Cc: lauren () vortex com Subject: Technical addendum to "http: Must Die!" Greetings. Some early feedback to "http: Must Die!" ( http://lauren.vortex.com/archive/000338.html ) took me to task for using the term "SSL" rather than "TLS" in conjunction with my call for encryption. OK, ya' got me, TLS is the correct term these days for current systems. I admit it, I'm sometimes guilty of referring to both protocols as SSL in my non-technical, general Internet audience writings. Among the Internet user population at large the term SSL is still more recognized, from a functional standpoint both SSL and TLS are extremely similar, and they both are intertwined historically. However, I'm properly chastised, have changed the occurrences of SSL to TLS above in the main posting, and will avoid this lapse in the future. Secondly, it's been noted that a significant holdup to https: implementations in some key environments has been the traditional requirement for a separate IP address when using SSL/TLS, rendering server virtual hosts unusable. However, RFCs 2817 ( http://www.ietf.org/rfc/rfc2817.txt ) and 3546 ( http://www.ietf.org/rfc/rfc3546.txt ) address this issue via suitable extensions, and various relevant implementations already exist, though there's more work to do. I didn't say that a transition to a fully encrypted Web environment could happen overnight. But all of the basic foundational pieces that we need to do so -- with suitable effort -- are already pretty much in place. --Lauren-- Lauren Weinstein lauren () vortex com or lauren () pfir org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, NNSquad - Network Neutrality Squad - http://www.nnsquad.org Founder, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Technical addendum to "http: Must Die!" David Farber (Dec 11)