I raised this exact scenario to @sleevi_ and @metromoxie during the SRI spec. Lately I've been trying to convince @jyasskin to work on a content addressable cache spec. There's just no reason why the Web should be limited to rich countries with fast data and expensive CDNs.https://twitter.com/meyerweb/status/1026848459515723777 …
I wonder whether it would help if the browser could decide to disable encryption and use authentication only (with a NULL encryption cipher) for unauthenticated requests? then two cooperating servers forming a cache could splice out the data while crossing a slow link
-
-
alternatively, have a protocol extension that lets the client send the encryption key to the cache to enable data splicing
-
of course then you'd need some way for either the user or the server to tell the browser when it's okay to leak request paths to the network
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.