W3C home > Mailing lists > Public > www-tag@w3.org > December 2011

Re: Discussion points on HTTP "evolutions" [ACTION-618]

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Mon, 05 Dec 2011 17:31:13 +0100
To: Yves Lafon <ylafon@w3.org>
Cc: www-tag@w3.org
Message-ID: <ourpd7tedh8thj389uubrhilnbah6dtjbo@hive.bjoern.hoehrmann.de>
* Yves Lafon wrote:
>It has the obvious advantage of making what's transmitted, including the 
>HTTP headers impossible to snoop, however it also has the disadvantage to 
>forbid a user to check what kind of traffic happens between his User Agent 
>and a Web server, of course, there is a balance to find between risks you 
>take in being sniffed by external parties and risk you take by not knowing 
>the potentially security and/or privacy invasive data that can be uploaded 
>to a "secure" site.

Users can ask their user agent to tell them what the traffic is, and
where user agents lack such a feature you can typically set up a proxy
like http://mitmproxy.org/ and intercept traffic at that level.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Monday, 5 December 2011 16:31:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:41 GMT