W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Explicit Proxies for HTTP/2.0: comments

From: Salvatore Loreto <salvatore.loreto@ericsson.com>
Date: Tue, 24 Jul 2012 10:43:30 +0200
Message-ID: <500E6032.1020809@ericsson.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Hi Robert and all,

let me start to say that IMO the requirements listed in section 4 should 
be meet by
2.0 no matter how the discussion on Mandatory TLS ends.

My biggest concern with the draft is that it seems not to be thought for 
mobile terminals;
for a cellular roaming (abroad) among different telecom operators
the fact (as stated in section 4) that a UA/Browser knows in advance the 
existence of  proxy is a little to restrictive,

          Only proxies which are known to and configured by the user
          should be allowed to intercept communications between the user
          and the content-provider.

however I agree that the UA/Browser MUST become aware of the fact there 
is a proxy in between.

Moreover I am not sure that is a good idea to "provide the decryption 
key material" to the trusted proxy of each
network my mobile will use while I travel around the world.

cheers
Sal

-- 
Salvatore Loreto, PhD
www.sloreto.com
Received on Tuesday, 24 July 2012 08:44:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 24 July 2012 08:44:08 GMT