- From: Salvatore Loreto <salvatore.loreto@ericsson.com>
- Date: Tue, 3 Dec 2013 10:34:35 +0000
- To: William Chan (陈智昌) <willchan@chromium.org>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
On Dec 3, 2013, at 9:37 AM, William Chan (陈智昌) <willchan@chromium.org> wrote:
> Pardon me if this is obvious, but it's not immediately obvious to me what will cause people to use explicit proxies instead of MITM proxies?
you have also an answer to the question below in your own mail.
I would prefer to use explicit proxies, because at least I become conscious that there is some box in between me and the content provider.
Of course I would prefer also to be offered a mechanism to opt in (the proxy) or to opt out … (if I am in by default)
in this way we let the people to choose or if you prefer the market to decide
if the explicit proxys really offer extra services/advantages then maybe people will start to use it more and more, if not…
I would disagree with you, that would not be unsatisfactory, but that is my personal view as individual :-)
Moreover at the same time, in a perfect world, it would be really nice also to become aware of the existence of an SSL MITM
especially in the case the user has decided to opt out from the usage of explicit proxy, but also in the case the have opt in.
Both the user or the content provider may decide to act in a different way when they become aware that there is something in between
Coming to the use cases there are severals and of course they are different for different providers.
for mobile network operators the main high level use case is to operate the network so to offer a great user experience to
their customers (btw this is something that is also considered acceptable by draft-farrell-perpass-attack-00),
then there is the one Willy is describing in its mail…
caching is another one,
and I am not talking of caching in CDN based on reverse proxy, I am talking about caching in forward proxy:
caching content as closer as possible to the user… (i.e. as closest as possible to an antenna in the case of mobile network for example)
filtering/anti malware (as Willy is also describing) is also an important use case that is becoming more and more important also in the mobile world.
about the enterprise use case you have already received comments...
br
Salvatore
> Who is going to deploy them? The 2 cases I can think of are:
>
> (1) People who are using HTTP interception ("transparent") proxies
> (2) People who are already using SSL MITM proxies
>
> In case (1), it appears to me that proxy operators may want explicit proxies, because theoretically those interception proxies provide vital functionality that they don't want to lose if more things go over HTTPS. Because if not, their alternative is to use a SSL MITM proxy, which requires them to own the client devices so they can administratively install additional root certificates. This bears a high cost, both in perceived privacy impact and in requiring administrative maintenance. By this description, I suspect this group probably consists of network operators, like mobile network operators or ISPs or what not. I suspect it's very costly for them to have to administrate customer devices.
>
> But I don't see what an explicit proxy will help with here. Is the requirement that there be a way to automagically configure the explicit proxy *and* default to giving up one or more of the confidentiality, integrity, and authentication guarantees normally provided by TLS? I can't see a browser defaulting into letting automatically letting an explicit proxy MITM them. Will it just be opt-in (which, given how much browser vendors "love" presenting UI to end users, is also controversial...)? If so, is that good enough for whoever is deploying these proxies? I have to imagine that's very unsatisfactory for them. What's the vision here?
>
> Now, as far case (2), if the proxy operators can already deploy their MITM certs on client devices, then they already own those devices. This sounds like enterprise computing devices or schools or prisons or what not. Now, if they already own the devices on this network, what incentive do they have to adopt explicit proxies? It sounds like they would just lose power. Is there a carrot here? SSL MITM proxies are already transparent to the client and origin server, so I don't see what leverage either entity has here.
>
> Would love to hear peoples' thoughts here.
Received on Tuesday, 3 December 2013 10:35:01 UTC