[afnog] privacy vs caching
Amreesh Phokeer
amreesh.phokeer at gmail.com
Mon Dec 22 09:33:26 UTC 2014
Hi Randy,
On Sun, Dec 21, 2014 at 6:54 PM, Randy Bush <randy at psg.com> wrote:
> caching is very difficult with end-to-end encryption as the cache does
> not have the private keys of the server. the ietf is in a bit of a
> muddle on this. should one allow middle-boxes to break the encryption
> and fake it?
>
This would be a bad idea.
>
> so which is more important to you and your customers (think consumers,
> banks, news sites, ...), end-to-end encryption to ensure privacy, or
> caching to reduce bandwidth consumption and improve latency?
>
User experience set aside, one question that I think is worth asking is why
should we cache information which needs to be encrypted in a first place,
knowing there is a potential security issue there?
By default, my Firefox browser sets SSL disk caching config to true.
browser.cache.disk_cache_ssl;true
>
> randy
>
> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog
>
--
Amreesh Phokeer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20141222/6f1b38db/attachment.html>
More information about the afnog
mailing list