- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Mon, 16 Jun 2014 09:55:42 -0700
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Cc: Peter Lepeska <bizzbyster@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 16 June 2014 07:57, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > I think "trusted proxy" is a misnomer and misleading and > in general "trusted foo" is probably better not part of > any technical discussion on this topic since the question > of who is trusting whom for what is complex here and > ignoring that complexity IMO does a disservice to the > various interested parties. This is a point that I need to emphasize. The labels "trusted proxy" and "secure proxy" are misnomers in the very best Orwellian tradition. Those labels need to be used less casually. Here, I note that Sal gets this right, concentrating on factual aspects - i.e., explicitly authenticated - even if this point probably needs to be better supported. If we have a proxy for which its primary purpose is policy enforcement, then we can label that a policy enforcement proxy.
Received on Monday, 16 June 2014 16:56:11 UTC