W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

Re: breaking TLS (Was: Re: multiplexing -- don't do it)

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 06 Apr 2012 20:48:54 +0000
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
cc: Roberto Peon <grmocg@gmail.com>, Willy Tarreau <w@1wt.eu>, Nicolas Mailhot <nicolas.mailhot@laposte.net>, ietf-http-wg@w3.org
Message-ID: <73119.1333745334@critter.freebsd.dk>
In message <4F7F53B7.20103@cs.tcd.ie>, Stephen Farrell writes:

>On 04/06/2012 09:29 PM, Roberto Peon wrote:
>> doesn't breach the user's
>> trust without the user's knowledge.
>
>Ideas for how to do that welcome;-)

If we amend the proxy protocol as several has proposed, the endpoint
of trust for the user will be the proxy.

What happens after that point is entirely opaque to the user, and
it will have to be left to the user to decide if the proxy is
trustworthy.

The users browser can and SHALL inform him if he has privacy as
far as the proxy, but should also make it clear that the privacy
cannot be assured to extend any further.

I'm sure browser-writers can find a color-code for this.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 6 April 2012 20:49:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:59 GMT