|
|
|
|
|
|
by oconnore
633 days ago
|
|
|
I thought this would be a different proposal. But on the topic of verified HTTP: something that I think you could do that would be pretty neat would be to allow first party assets to be offline-signed and then delivered over unencrypted HTTP (port 80). This would mean that you could ship secure applications over HTTP (port 80) with guaranteed integrity even assuming that the server is or will become compromised. |
|
|