W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Trusting proxies (was Re: I revised the pro/contra document)

From: Peter Lepeska <bizzbyster@gmail.com>
Date: Mon, 25 Nov 2013 18:02:14 -0500
Message-ID: <CANmPAYEH3aQnJZHm24FLujBPoJGmChi0Eh4LBzOpiEk+V5Xjrw@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Adrien de Croy <adrien@qbik.com>, Tim Bray <tbray@textuality.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
"What set of capabilities can
be offered to an intermediary that would induce it to reduce the scope
of its powers?"

Martin,

I completely agree that this is the direction to go in and have a proposal
that I'm running by a smaller group off list. I'll post it as soon as I've
incorporated the group's feedback.

Thanks,

Peter


On Mon, Nov 25, 2013 at 5:13 PM, Martin Thomson <martin.thomson@gmail.com>wrote:

> On 25 November 2013 13:09, Peter Lepeska <bizzbyster@gmail.com> wrote:
> > I think we need to come up with a protocol-supported way to solve the
> > problems of trusted proxies without modifying TLS.
>
> Isn't it the case that we want to limit the amount of trust that we
> bestow upon our favourite intermediary?
>
> If this truly were a 100% trusted intermediary, then we'd already be
> done here.  TLS hop-by-hop is enough for that.  I don't think that is
> where all this time is going.
>
> I think that all this discussion is getting all knotted over is what
> we want to allow intermediaries to do.  What set of capabilities can
> be offered to an intermediary that would induce it to reduce the scope
> of its powers?
>
> It has been suggested that the powers of stealth be denied.  That
> sounds reasonable, but I always stumble at the UX story there.
>
> The power of content modification - with some fuzziness around whether
> that includes "metadata" - has also been suggested as another
> potential power to strip.
>
> I think that leaves intermediaries with the ability to see what is
> going on and prevent it if they choose.  Is that enough?  I've heard
> it said that it is not.
>
Received on Monday, 25 November 2013 23:02:41 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC