[datacatalogs] SSL and DCIP v2

• Previous message: [datacatalogs] SSL and DCIP v2
• Next message: [datacatalogs] DCIP - Bulk catalog access option: access to all datasets in a single single file
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24 November 2012 03:22, Will Pugh <will.pugh at socrata.com> wrote:
>
> On Thu, Nov 22, 2012 at 8:24 AM, Rufus Pollock <rufus.pollock at okfn.org>
> wrote:
[...]
>> Good point Will. The issue here I think arose in preparing version 2.0
>> in which some proposed material  re signing got dropped but the
>> reference did not get removed - this is definitely something to
>> explore but it was felt to add significant complexity.
>>
>> Be interested to hear what you or others think regarding enhancing the
>> security aspects of the DCIP as it stands.
>
>
> My take here would be to stay out of the security game.  I would say that
> DCIP is about interoperability and not about security.

Sensible suggestion and I propose we move to make this change. I've
booted and issue here:

https://github.com/dataprotocols/data-catalog-spec/issues/8

[...]
>> So your preference here would be to stick with HTTP and remove the
>> possibly confusing discussion around HTTP / HTTPS?
>
>
> Yes.  I would say that the standard sits above HTTP/HTTPS and that which one
> us used is orthogonal.  Providers that want to provide protection are free
> to use HTTPS, but providers are not compelled to.

Agreed and noted in the issue.

Rufus

• Previous message: [datacatalogs] SSL and DCIP v2
• Next message: [datacatalogs] DCIP - Bulk catalog access option: access to all datasets in a single single file
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]