W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: What will incentivize deployment of explicit proxies?

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Thu, 12 Dec 2013 17:01:51 +0100
Message-ID: <34ada50c72b7ec498dd9745d59b4c3be.squirrel@arekh.dyndns.org>
To: "Salvatore Loreto" <salvatore.loreto@ericsson.com>
Cc: "Roberto Peon" <grmocg@gmail.com>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>

Le Jeu 12 décembre 2013 16:35, Salvatore Loreto a écrit :

> The one thing that wouldn’t be addressed by this approach is the potential
> for a “semi-trusted” proxy that can see inside encryption and yet promises
> e2e integrity. So, to me it seems like we should be focusing on the use
> cases that lead us there (rather than on that particular solution, yet).

IIRC web site and browser people have reaffirmed many times here they
didn't want intermediaries to tamper with content. Which is actually fine
as most intermediaries do not want to tamper in any way, just look at what
goes through and block what they don't like. That's where e2e integrity
comes into play (and as end-user I'd like to have it too). Besides that's
a major part of reassuring users nothing fishy is going on behind their
back


-- 
Nicolas Mailhot
Received on Thursday, 12 December 2013 16:02:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC