On Sun, Dec 24, 2023 at 8:46 PM arkiver <arki...@protonmail.com> wrote:
> Thank you for your replies Eric and Rich, and thank you for looking into > this with me! I will reply to you both in this message (divided in sections > due to length). > That actually isn't that helpful, because it means that I need to trim the message to respond. > In CC is JAA (JustAnotherArchivist), a long time member of Archive Team > and very experienced with the WARC format - JAA checked this email before > sending it out. > > --- > > > - You shouldn't define different URIs for SSL and TLS. SSLv3 and TLS < > 1.3 are essentially the same protocol, and SSLv2 has been deprecated for > many years. > > While SSLv2 has been deprecated for some time, it is technically possible > to use it. I think an archive format like WARC should support it. > > My idea of a web archive format is that we do not want to support only the > currently most used modern protocols, but also the earlier (obsolete) > versions, as they may still be used somewhere and we have to take them into > account during archiving. Else we have to exclude certain data from being > archived and might make it more difficult in the future to allow for this > data be archived, or create confusion when support for archiving this data > is added eventually. > There are two points here. 1. Whether you should have a single URI scheme. 2. Whether you should support SSLv2. My primary point is that if you must have a URI, you should have only a single URI scheme, with some parameter to indicate the protocol version. I don't feel strongly about whether you support SSLv2, but it's not merely obsolete, it's 20+ years obsolete, not supported by any major browser, and so there's not really any significant amount of usage in the wild. > > - It should not have a generic name like "ssl" or "tls". That will > confuse people and there's no sense in which you would use it to initiate a > TLS connection. > > > Like Eric, I don’t see why a URI is needed and look forward to your > explanation. If it is required, then I strongly suggest you use a URN > under your own “warc” prefix. > > Somewhat central to a WARC record is the URI. It shows the location and > connection over which data was received. It is for example also the main > header from WARC records to index and find information with in these WARC > files. For me, "tls://archive.org:443" would describe "data received over > a TLS connection at archive.org:443", but if it is better described as > "URI used to initiate a TLS conversation", then it indeed makes better > sense to use something else, like "urn:warc:tls:archive.org:443". > Well, the URI used to retrieve the data isn't "tls:" but rather "https:". In any case, it's not appropriate to register a generic "tls:" URI for this use case. -Ekr
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
