W3C home > Mailing lists > Public > public-bpwg@w3.org > March 2009

Re: ACTION-902 Summarise and prepare proposed resolutions on HTTPS link rewriting.

From: Francois Daoust <fd@w3.org>
Date: Mon, 09 Mar 2009 22:41:33 +0100
Message-ID: <49B58D0D.4060209@w3.org>
To: Jo Rabin <jrabin@mtld.mobi>
CC: Public MWBP <public-bpwg@w3.org>
Hi Jo,

Many thanks for this summary of summaries.

I'm jumping straight to the conclusion because the rest is French 
cuisine, you know, a perfect balance between spices, herbs, meat, wine 
and cheese, so I don't see anything to add.

Jo Rabin wrote:
[...]
> 
> 4. Conclusions and Proposed Resolutions
> 
> a. PROPOSED RESOLUTION: Link rewriting is a form of transformation and 
> at a minimum is subject to the same limitations as other forms of 
> transformation

+1 to the proposed resolution and to the arguments that led to it.


> 
> b. PROPOSED RESOLUTION: In-network proxies MUST NOT rewrite links 
> without explicit prior agreement from the Content Provider

Without context, the exception-to-the-rule looks weird. Or rather it 
makes me think I missed a bit of context. Is the exception only 
triggered by the case when a Content Provider agrees to the 
"interception of" HTTPS and thus also needs to agree on links rewriting, 
or is there something else?

I would agree in the first case, and would like to know what I missed in 
the second case.


> 
> c. PROPOSED RESOLUTION: Interception of HTTPS is not permissible without 
>  explicit prior agreement from the Content Provider and consent from the 
> user on a case by case basis

+1. The proposed resolution is indeed to be read in the scope of the 
Content Transformation guidelines about network-deployed content 
transformation proxies. I don't think we should extend this scope.


I also agree with the non-normative security consideration note on links 
rewriting:
> Either way it would be worthwhile making a note as to the security issues discussed above in a non-normative way.


Francois.
Received on Monday, 9 March 2009 21:42:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:43:00 UTC