W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Werner Baumann <werner.baumann@onlinehome.de>
Date: Sat, 5 Dec 2015 10:09:38 +0100
To: ietf-http-wg@w3.org
Message-ID: <20151205100938.4bf3cdd0@ginster>
Am Sat, 5 Dec 2015 09:45:48 +1100
schrieb Martin Thomson <martin.thomson@gmail.com>:

> But you are not the only party that has to consent. This is a two
> party conversation, and it is very clear that the other party has not
> consented.

An important point that shows how asymmetric the Internet has become.
Does "the other party" (service  providers) ask for consent? They
delegate their services and content delivery to CDNs without even
asking the user for consent. They share information with whoever they
want, even in cases where it is illegal (at least when the user is an
European citizen).
But the user is not allowed to decide who is allowed to act on his
behalf?
There has been some subgroup in this WG that worked on a protocol for
trusted proxies. The demand that service providers can control whether
the user is allowed to use a proxy or not blew up the complexity of
such an protocol and there will surely be no result (if that subgroup
still exists).
No, I do not need consent from anyone to choose a proxy that I trust.
It is my decision to make.

Werner
Received on Saturday, 5 December 2015 09:10:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC