Comment Re:A Question (Score 1) 177
Valid point.
Originally, SSL/TLS and HTTPS were developped and deployed to provide pprotection for this small amount of snesitive data.
Now, for various reasons, we have HTTPS protect pages that contain a lot of "rich" content that actually doesn't need this protection. This has the side affect of creating a lot of extra, uncachable content. I can understand why ISPs would want a way handle that.
So, is there a way to securely protect the sensitive stuff while leaving the rest unencrypted? Perhaps the non-sensitive stuff could be validated* with secure hashes, so could then be cached without need to decrypt anything?
*As I understand, one of the current problems with mixing HTTPS and non-HTTPS content on the same page is that the non-secure content can affect how the secure content is handled.