Summary
Although most Web developers will not need to take more than an academic examination of Secure HTTP, the techniques used can be very helpful in establishing your own security practices. If you want to learn more about Secure HTTP, the only good resource is RFC 2660. The lack of alternative documentation is the likely result of the lack of popularity. The domination of SSL has all but eliminated any alternative security mechanisms in practical use.
The following chapter examines various architectures you can employ as you design and build your applications as well as when you design and build the environment to host those applications.
Get HTTP Developer’s Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
