W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Yet another trusted proxy suggestion

From: Eliot Lear <lear@cisco.com>
Date: Thu, 28 Nov 2013 10:28:22 +0100
Message-ID: <52970CB6.7030604@cisco.com>
To: Yoav Nir <synp71@live.com>, Martin Thomson <martin.thomson@gmail.com>, Adrien de Croy <adrien@qbik.com>
CC: HTTP Group <ietf-http-wg@w3.org>

On 11/26/13 10:40 PM, Yoav Nir wrote:
>
> For this we have the luxury of being able to be unambiguous: "The
> network has an HTTPS monitor called sslproxy.example.com that will
> decrypt all HTTPS traffic. Any passwords, credit card numbers and
> personal information will be visible to this proxy. Click <a
> href="https://sslproxy.example.com/.well-known/proxy-terms-of-use.html>here</a>
> to learn more about this proxy.".  It's tempting to add a "Trust this
> proxy" button there, or Firefox's "I understand the risks" (no, you
> don't). But I guess training users to click this button is bad
> practice. Better to give them instructions about how to configure
> their particular browser to trust this proxy through menus or
> about:config.
>
> But regardless, a visual indication of the existence of the proxy is a
> benefit that we're missing with the MitM we have today. We could have
> warnings before typing in password fields or fields marked as credit
> card number.

When Mark did his proxy draft, what I was kicking around were scaling
approaches to what you've written above.  What's more, there are often
different proxies in path for different purposes.  The mechanism has to
be both iterative and yet it must not "nag the user".  The permission
model must be robust to such circumstances, especially in a mobile world.

Eliot
Received on Thursday, 28 November 2013 09:28:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC