- From: Adrien W. de Croy <adrien@qbik.com>
- Date: Thu, 18 Jul 2013 13:17:30 +0000
- To: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>, "Nico Williams" <nico@cryptonector.com>
- Cc: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
with the move (major sites) to https, interception is becoming more of a train-wreck. We really need a way to reliably force a browser to use a proxy. e.g. inside a network force explicit use of the company proxy. You can't intercept port 443, and send back HTTP (rejections, auth challenges or pages) to clients. ------ Original Message ------ From: "Nicolas Mailhot" <nicolas.mailhot@laposte.net> To: "Nico Williams" <nico@cryptonector.com> Cc: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>; "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 18/07/2013 11:54:29 p.m. Subject: Re: Authentication over HTTP > >Le Mer 17 juillet 2013 19:59, Nico Williams a écrit : >> On Wed, Jul 17, 2013 at 6:13 AM, Nicolas Mailhot >> <nicolas.mailhot@laposte.net> wrote: >>>>> What am I missing? >>> >>> That we have standards to permit interoperability, and go away and >>>do it >>> elsewhere is the perfect interop killer? >> >> You can standardize how to do it elsewhere. Just because X is a >> standard doesn't mean that some feature that X doesn't have belongs >>in >> X. > >And that have worked wonderfully didn't it? Need I point out once again >why everyone is moving to transparent interception now? > >-- >Nicolas Mailhot > >
Received on Thursday, 18 July 2013 13:18:01 UTC