[datacatalogs] SSL and DCIP v2

Rufus Pollock rufus.pollock at okfn.org
Wed Nov 28 13:18:03 UTC 2012

On 24 November 2012 03:22, Will Pugh <will.pugh at socrata.com> wrote:
> On Thu, Nov 22, 2012 at 8:24 AM, Rufus Pollock <rufus.pollock at okfn.org>
> wrote:
>> Good point Will. The issue here I think arose in preparing version 2.0
>> in which some proposed material  re signing got dropped but the
>> reference did not get removed - this is definitely something to
>> explore but it was felt to add significant complexity.
>> Be interested to hear what you or others think regarding enhancing the
>> security aspects of the DCIP as it stands.
> My take here would be to stay out of the security game.  I would say that
> DCIP is about interoperability and not about security.

Sensible suggestion and I propose we move to make this change. I've
booted and issue here:


>> So your preference here would be to stick with HTTP and remove the
>> possibly confusing discussion around HTTP / HTTPS?
> Yes.  I would say that the standard sits above HTTP/HTTPS and that which one
> us used is orthogonal.  Providers that want to provide protection are free
> to use HTTPS, but providers are not compelled to.

Agreed and noted in the issue.


More information about the data-catalogs mailing list