Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Internet Communications It's funny.  Laugh. Privacy Your Rights Online

Time For X-No-Wiretap HTTP Header? 202

Freshly Exhumed writes "A security blogger, acknowledging that the NSA methodically ranks communications on the basis of their 'foreignness' factor to determine candidacy for prolonged retention proposes, is proposing '...an opportunity for us on the civilian front to aid the NSA by voluntarily indicating citizenship on all our networked communications. Here, we define the syntax and semantics of X-No-Wiretap, a HTTP header-based mechanism for indicating and proving citizenship to well-intentioned man-in-the-middle parties. It is inspired by the enormously successful RFC 3514 IPv4 Security Flag and HTTP DNT header.'"
This discussion has been archived. No new comments can be posted.

Time For X-No-Wiretap HTTP Header?

Comments Filter:
  • by Anonymous Coward on Sunday September 08, 2013 @11:28AM (#44790065)

    The only way we are going to solve this NSA mess is to clean house...and the senate...

  • by Freshly Exhumed ( 105597 ) on Sunday September 08, 2013 @01:40PM (#44791019) Homepage

    When I saw that this proposal "deprecates all the SSL/TLS ciphers in favor of Double CAESAR’13" (a.k.a. ROT-13) I knew it was going to be great. BTW, a big shoutout to my friends over in the Caesarian section! Okay, so I needed to run some sandboxed tests first. After using Double ROT-13 everything was going perfectly, according to the spec, but I decided to gamble on TRIPLE ROT-13. Big mistake. Don't do it! All I ended up with was a bunch of gobbledegook that I couldn't work with anymore, so I had to just delete everything and start all over again. Don't use TRIPLE ROT-13!!!!!!!1

    I wish I could have been FP to warn everyone. I'm glad this proposal sticks with Double!

Never buy from a rich salesman. -- Goldenstern