W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: protocol support for intercepting proxies

From: Adrian Chadd <adrian@creative.net.au>
Date: Tue, 19 Jun 2007 15:35:48 +0800
To: Adrien de Croy <adrien@qbik.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20070619073548.GI25290@skywalker.creative.net.au>

On Tue, Jun 19, 2007, Adrien de Croy wrote:
> 
> Actually that proves my point.
> 
> this is an example of security problems inherent in low-level protocols 
> being solved using high level protocols, e.g. SSL certificates, key 
> exchange protocols etc.  All of which require the IP config to be 
> working, which therefore already required DHCP to be working without 
> auth.  So, it pretty much makes DHCP auth pointless.

.. and you can push out centralised HTTP proxy server settings via
the same mechanisms. Admittedly its only one platform and I'm not sure
when the AD/Group Policy support popped up, but its certainly doable.

Me, I'd prefer to see the proxy discovery draft properly worked into
an RFC as there are -plenty- of instances of WPAD being used in the
real world these days. It'd also be nice to have it extensible to proxy
other protocols, such as P2P client proxy discovery (when P2P caches
become all the rage, that is..)




Adrian
Received on Tuesday, 19 June 2007 07:34:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT