Http 2.0 will probably built encryption




Chances are that HTTP 2.0, the successor to HTTP 1.1, support for encryption via get tls standard built. That does not mean that is http certificates are not verified, by which a man may remain in the middle attacks. Https:mogelijk as safe as

http At the moment, still working on the new version of the HTTP protocol, or actually chosen for encryption, is not committed to paper. According to the chairman of the HTTP Working Group of the Internet Engineering Task Force is a big part of the community, however, in favor of the incorporation of encryption. That says he told the Financial Times. The IETF is responsible for a large part of the standards and specifications on the Internet, including the HTTP specification.

How the default encryption present exactly should look like, is not decided at this time. What is clear is that the HTTP Working Group proposes that the client gets the power to enforce a secure connection. At present only the server can. In the new situation would be obliged to provide encryption but it is not required to actually use them. Encryption offered “If two parties want to communicate via an open channel that should be possible”, so said the chairman of the working group, Mark Nottingham, late last month at an IETF meeting in Berlin.

The http https encryption would next have to exist, and encrypted pages should just be called. Using the protocol identifier ‘http’ For the encryption watch the drafters of the new specification to tls, which is also used. Https in Differences with https, there are also: so shall Nottingham on the mailing list of the project not to verify the certificates of encrypted HTTP connections. “That would facilitate the rollout,” writes Nottingham, who raises about that further discussion will be.

If certificates are not verified, however, means that man in the middle attacks are still possible: the traffic will be encrypted, but there can not be controlled to whom the encrypted traffic is sent. However, the content of communication protected from eavesdropping, which would have. Example, users of public Wi-Fi hotspots better protected

The IETF working since late last year to the new version of the HTTP specification. The new specification takes the SPDY specification of Google as a starting point, and should include the page load shorten and sending content over a parallel connection possible. The standard should be ready in 2014. The standard is rolled next to HTTP 1.1; provisionally the current HTTP version not yet phased out. Given the ubiquity of HTTP 1.1 standard probably will remain supported for many years after the rollout of HTTP 2.0 by Web browsers and servers.



In: Technology & Gadgets Asked By: [15536 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »