W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Proposal: Explicit HTTP2S proxy with any node refusal

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Wed, 27 Nov 2013 21:53:08 +0100
Message-ID: <2fb6e45f607cf7ab0b90103443865c4a.squirrel@arekh.dyndns.org>
To: "Adrien de Croy" <adrien@qbik.com>
Cc: "Peter Lepeska" <bizzbyster@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>

Le Mer 27 novembre 2013 00:40, Adrien de Croy a écrit :
>
> fundamentally this proposes a compromise between level of trust of the
> proxy vs performance.
>
> Since we don't trust the proxy not to alter content, we have to endure
> extra round trips to set up the second layer of TLS

Consider that a browser is likely to establish a tls channel to the
proxies active on his network as soon as the user starts browsing, so yes
there will be a penalty for the first objects but the next ones won't see
the difference (and properly designed web sites will benefit from the
caching at the proxy layer.

I said proxies because we, for example, run a high-availability setup and
each browser gets two proxies on two different physical sites at startup
(much more reliable to have browsers failover or load-balance as they wish
depending on network conditions)

Regards

-- 
Nicolas Mailhot
Received on Wednesday, 27 November 2013 20:53:38 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC