In some cases, we not want full spec. SSL but a only want a trusted
source of data.
for example, you may want you bank statement in SSL.
but for the announcements, news letter, RSS, emails
you may only want to ensure the content is approved and come from who
it claims.
We need some how a standard way to sign HTML (and javascript, css,
images, and pdf and etc...) that signed content
- not required to be encrypted
- can be cached
- can be used for legal purpose
If is now done by PGP or something 3rd party (packed JAR, DLL,
CAB...etc). I think it should be a standard in HTTP / HTML.
http://stackoverflow.com/questions/174348/will-web-browsers-cache-content-over-https
using 'Cache-Control: public'
But.... not good for non IE navigators, as ever, because his default
behaviour ?? "Do not save encrypted pages to disk".
Regards.