- From: 陈智昌 <willchan@chromium.org>
- Date: Mon, 2 Dec 2013 23:37:33 -0800
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAA4WUYiR5t0oBaBa47tanqP7PvXR_msD7mfVMvX_q3qzTm3qAg@mail.gmail.com>
Pardon me if this is obvious, but it's not immediately obvious to me what
will cause people to use explicit proxies instead of MITM proxies? Who is
going to deploy them? The 2 cases I can think of are:
(1) People who are using HTTP interception ("transparent") proxies
(2) People who are already using SSL MITM proxies
In case (1), it appears to me that proxy operators may want explicit
proxies, because theoretically those interception proxies provide vital
functionality that they don't want to lose if more things go over HTTPS.
Because if not, their alternative is to use a SSL MITM proxy, which
requires them to own the client devices so they can administratively
install additional root certificates. This bears a high cost, both in
perceived privacy impact and in requiring administrative maintenance. By
this description, I suspect this group probably consists of network
operators, like mobile network operators or ISPs or what not. I suspect
it's very costly for them to have to administrate customer devices.
But I don't see what an explicit proxy will help with here. Is the
requirement that there be a way to automagically configure the explicit
proxy *and* default to giving up one or more of the confidentiality,
integrity, and authentication guarantees normally provided by TLS? I can't
see a browser defaulting into letting automatically letting an explicit
proxy MITM them. Will it just be opt-in (which, given how much browser
vendors "love" presenting UI to end users, is also controversial...)? If
so, is that good enough for whoever is deploying these proxies? I have to
imagine that's very unsatisfactory for them. What's the vision here?
Now, as far case (2), if the proxy operators can already deploy their MITM
certs on client devices, then they already own those devices. This sounds
like enterprise computing devices or schools or prisons or what not. Now,
if they already own the devices on this network, what incentive do they
have to adopt explicit proxies? It sounds like they would just lose power.
Is there a carrot here? SSL MITM proxies are already transparent to the
client and origin server, so I don't see what leverage either entity has
here.
Would love to hear peoples' thoughts here.
Received on Tuesday, 3 December 2013 07:38:00 UTC