Re: The future of forward proxy servers in an http/2 over TLS world from Patrick McManus on 2017-02-15 (ietf-http-wg@w3.org from January to March 2017)

From: Patrick McManus <mcmanus@ducksong.com>
Date: Wed, 15 Feb 2017 15:08:16 -0500
To: Adrien de Croy <adrien@qbik.com>
Cc: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP working group mailing list <ietf-http-wg@w3.org>
Message-ID: <CAOdDvNpR5i4xu9viAXD2ioG5W096xAHz4EHzByQL8ZN4FO-sTg@mail.gmail.com>

there is no firefox support for that right now. It would require a
convincing UI and probably interest from another client to proceed with.
The concern is obviously some kind of phish mitm any time you are asked to
display https and you display anything not authenticated by that origin.


On Wed, Feb 15, 2017 at 3:02 PM, Adrien de Croy <adrien@qbik.com> wrote:

>
> Thanks for that
>
> looks like I already knew about it lol.
>
> Do we have any idea about whether this has browser support, I assume FF so
> far only?
>
> Adrien
>
>
> ------ Original Message ------
> From: "Kari Hurtta" <hurtta-ietf@elmme-mailer.org>
> To: "Adrien de Croy" <adrien@qbik.com>
> Cc: "HTTP working group mailing list" <ietf-http-wg@w3.org>; "Kari
> Hurtta" <hurtta-ietf@elmme-mailer.org>
> Sent: 16/02/2017 8:31:25 AM
> Subject: Re: The future of forward proxy servers in an http/2 over TLS
> world
>
>  This means we have a need to be able to respond to CONNECT with a
>>>  denial, and some kind of message that can be displayed to the user.
>>>
>>
>> Maybe
>>
>> https://tools.ietf.org/id/draft-nottingham-proxy-explanation-00.txt
>>
>>
>> https://lists.w3.org/Archives/Public/ietf-http-wg/2016JulSep/0390.html
>>
>> https://bugzilla.mozilla.org/show_bug.cgi?id=637619#c31
>>
>> https://lists.w3.org/Archives/Public/ietf-http-wg/2016JulSep/0419.html
>>
>> / Kari Hurtta
>>
>>
>
>

Received on Wednesday, 15 February 2017 20:09:21 UTC