Meh, I'm not offended. I just want to see this solved for the major use cases. Independently, I think I can get my content addressable cache solved with origin-signed HTTP exchanges. (I just need to keep sending bribes to @jyasskin.
)
Hopefully, but note that the cross-origin protections are both early-stage and opt-in, so I wouldn't hold out much hope that they can help against cache detection in the short (or medium) term.
-
-
So, what you're saying is that we can make signed exchanges content-addressable if we're willing to add a delay based on the size of the resource plus some random jitter?

-
I'm actually looking at the proposals now, the mechanisms don't appear to protect against cache detection of unauthenticated resources (i.e. public). So, it seems like signed exchanges could be cache-addressable in this case without materially changing anything.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
