On sexta-feira, 29 de julho de 2016 11:09:29 PDT ???? wrote: > SECURED flag does not build unsecured resource but allows the resource to be > accessed through COAP due to wild-card.
Stephane had written: > I tend to agree with Thiago, keep this patch separate to avoid an unsecured > path (http) to creep unintentionally into a secure release. Could this be > achieved through the SECURED flag (i.e. the code is only part of an > unsecure release)? That would be a solution, that the HTTP-only proxy is enabled only if SECURED=0 is passed, which means that no device that can pass certification can have the proxy. But I don't like that solution. I'm sure that the people proposing the feature are doing it because they want to use it in a device that does pass certification, so this solution won't help them. And from my point of view, it still has the drawbacks of a hand-written HTTP stack getting into our source code, as opposed to one based on a well-known third-party library. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center
