[datacatalogs] SSL and DCIP v2
rufus.pollock at okfn.org
Wed Nov 28 13:18:03 UTC 2012
On 24 November 2012 03:22, Will Pugh <will.pugh at socrata.com> wrote:
> On Thu, Nov 22, 2012 at 8:24 AM, Rufus Pollock <rufus.pollock at okfn.org>
>> Good point Will. The issue here I think arose in preparing version 2.0
>> in which some proposed material re signing got dropped but the
>> reference did not get removed - this is definitely something to
>> explore but it was felt to add significant complexity.
>> Be interested to hear what you or others think regarding enhancing the
>> security aspects of the DCIP as it stands.
> My take here would be to stay out of the security game. I would say that
> DCIP is about interoperability and not about security.
Sensible suggestion and I propose we move to make this change. I've
booted and issue here:
>> So your preference here would be to stick with HTTP and remove the
>> possibly confusing discussion around HTTP / HTTPS?
> Yes. I would say that the standard sits above HTTP/HTTPS and that which one
> us used is orthogonal. Providers that want to provide protection are free
> to use HTTPS, but providers are not compelled to.
Agreed and noted in the issue.
More information about the data-catalogs