HPACKing security/privacy related header fields #429

reschke opened this Issue Mar 5, 2014 · 2 comments

3 participants


(see http://www.ietf.org/proceedings/89/slides/slides-89-httpbis-7.pdf)

Maybe we should exclude "Authorization" from HPACK; that doesn't solve the whole problem, but at least the one inherent in HTTP authentication.

@martinthomson martinthomson added the design label Mar 8, 2014
HTTP/2 member

There didn't seem to be support for special-casing headers in London. Julian, do you want to take this to the list, or shall we close it?

HTTP/2 member

Closed; can be re-opened with new input.

@mnot mnot closed this May 22, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment