|
|
Security Interactions |
- Since URI's are embedded in content (that might be signed), it is very bad to have different names for the same content, just to distinguish security of content
- e.g. SSL vs. direct access
- The current Web is broken
- Interacts with firewall security
- firewalls need content type, both inside and outside of the envelope
- Sane firewall admin's don't allow SSL through their firewalls
- SHTTP had it closer to right (it had other problems, however)