W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: protocol support for intercepting proxies

From: Jamie Lokier <jamie@shareable.org>
Date: Tue, 19 Jun 2007 20:30:45 +0100
To: Adrien de Croy <adrien@qbik.com>
Cc: Henrik Nordstrom <henrik@henriknordstrom.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20070619193045.GA32212@mail.shareable.org>

Adrien de Croy wrote:
> PS, there are several types of intercepting proxy as well.
> 
> To date, discussions have been centred on those that sit on another 
> machine (usually a gateway), and divert TCP SYN packets etc.
> 
> However, on Windows, there are other types, using either TDI filtering 
> or Winsock2 Layered Service Provider approaches to "break into" the HTTP 
> data stream.  The purpose of these is also commonly the same as 
> filtering at a gateway - i.e. antivirus, or content control
> 
> most big-name AV companies install technology like this in their 
> internet security suites, as well as many net nanny type apps.
> 
> These apps have other ways to make themselves known to the user of the 
> machine, since they reside on it, but there may be considerations that 
> could apply to them as well.

I've seen a few Linux boxes doing local interception too, to provide a
HTTP cache which is shared among multiple users of the machine,
without the individual users having to configure their choice of
browser.

In these cases it was purely to improve the perceived speed of web
access and reduce bandwidth costs.  The users couldn't be expected to
configure anything themselves, and the admin couldn't be expected to
configure each user's environment as they used different browsers, as
well various non-browser HTTP applications unknown to the admin.

Locally served automatic proxy detection might have worked instead of
interception, but that would probably have been quite a lot more
difficult to implement, and still would not have worked with some HTTP
using programs.

-- Jamie
Received on Tuesday, 19 June 2007 19:30:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT