[liberationtech] Signed HTTP
Steve Schultze
sjschultze at gmail.com
Tue Mar 11 05:41:29 PDT 2014
Greetings all,
A couple of years ago, I did some limited research on signed (but not
encrypted) HTTP responses. I discovered that although it had been
considered briefly by a few folks in the past, it never went anywhere. This
continues to be surprising to me, given the ever increasing need to mirror
content for a variety of reasons. Has anyone on the list thought about
this? It seems that out community has a particularly strong case for such a
thing.
We sign software packages and emails. Why not http results? Ideally this
would call for an IETF standard implemented in the major http servers,
using certs already installed for https (if that is technically
possible... I haven't thought through the crypto).
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140311/6c413652/attachment.html>
More information about the liberationtech
mailing list