W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Fri, 15 Nov 2013 02:15:20 +1300
Message-ID: <5284CCE8.5000500@treenet.co.nz>
To: ietf-http-wg@w3.org
On 14/11/2013 2:42 p.m., William Chan (ι™ˆζ™Ίζ˜Œ) wrote:
<snip
> 
> 
> I disagree with the use of MITM to achieve these ends. I think we don't
> need to break end to end security to achieve these goals. As an example,
> here's a Chrome feature to provide parental controls rather than implement
> them in a MITM proxy: http://www.bbc.co.uk/news/technology-24635752.
> 

I am glad you brought that up. This littl egem of a quote is straight
from the SafeSearch documentation as of right now:

  "This technique will not work on searches done using SSL Search."


It is also noteworthy to remember that not too many weeks ago the same
page had a step-by-step process on how to enable SafeSearch for HTTPS
traffic. Starting with words along the lines of "install a MITM proxy"
and including "rewrite the URL".

I am glad that is gone at least. But there is still no good alternative
to MITM yet.

Amos
Received on Thursday, 14 November 2013 13:15:51 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC