On Aug 26, 2011, at 3:22 PM, Adam Novak wrote:
On Fri, Aug 26, 2011 at 1:12 PM, Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
It ensures that what you're getting is the same as what the IETF has
on file,
No, it really doesn't do that. There can be, and usually are, a lot of steps
involves besides the one https hop.
What other steps are there? HTTPS prevents what the web server sends
from being tampered with on its way to the browser. If the web server
storing the archives is itself trusted, this would seem to be all that
is needed.
There can be web proxies on the front end (if the client is configured to use
them) and the web server itself can be implemented in such a way as to retrieve
content from other servers (via a number of means, e.g. NFS, CIFS, web services
calls, sql calls). Though I don't know whether the latter is the case for
content served from IETF's servers.
Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf