W3C home > Mailing lists > Public > public-tracking@w3.org > November 2011

Re: Headers modified along the way against user (non) choices

From: David Singer <singer@apple.com>
Date: Thu, 10 Nov 2011 12:51:40 +0900
Message-id: <53E18597-DDF7-4A07-ABBB-E67C4834AC42@apple.com>
To: "public-tracking@w3.org Group WG" <public-tracking@w3.org>

On Nov 10, 2011, at 3:25 , Karl Dubost wrote:

>  And a proxy can still modify it on the way back too.


Plenty of proxies and other intermediates 'innocently' delete or otherwise mangle headers.  We need to recognize this and handle it gracefully.

We don't need to handle deliberately malicious proxies that modify both the request and the response, to make it appear to the user that the state is one thing, when the state at the server is another.  Indeed, without signatures, encryption, end-to-end stuff and a lot of heavy mechanism, we can't.


David Singer
Multimedia and Software Standards, Apple Inc.
Received on Thursday, 10 November 2011 03:52:49 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:22 UTC