mrbluze writes:
"A modified HTTP protocol is being proposed (the proposal is funded by AT&T) which would allow ISP's to decrypt and re-encrypt traffic as part of day to day functioning in order to save money on bandwidth through caching. The draft document states:
To distinguish between an HTTP2 connection meant to transport "https" URIs resources and an HTTP2 connection meant to transport "http" URIs resource, the draft proposes to 'register a new value in the Application Layer Protocol negotiation (ALPN) Protocol IDs registry specific to signal the usage of HTTP2 to transport "http" URIs resources: h2clr.
The proposal is being criticized by Lauren Weinstein in that it provides a false sense of security to end users who might believe that their communications are actually secure. Can this provide an ISP with an excuse to block or throttle HTTPS traffic?"
(Score: 3, Interesting) by dmc on Monday February 24 2014, @07:32PM
This was clearly an Anonymous Coward either acting directly (or more likely indirectly) as a shill for authoritarians that would have ISPs block all end-to-end HTTPS1 once NSA-friendly HTTP2 is widely adopted. Of course, if enough people understood Network Neutrality, and we reinstated it, it would be illegal for ISPs to do such blocking.
Note that what I said doesn't discount the usefulness of this new protocol _for some or even many people_. But having it proposed as "HTTP2" smells like an authoritarian way to make HTTPSv1 illegal (legal for ISPs to block) once this new thing is widely used.
(Score: 2) by frojack on Monday February 24 2014, @07:52PM
Why don't you discount the usefulness of this new protocol?
Who precisely will find it to be useful?
That you can excuse it so lightly, in light of what you have posted upthread, sounds like you are slowly coming around to the "Won't someone please think of the Children" argument, or that you don't understand how caching should (and does) work.
No, you are mistaken. I've always had this sig.