- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Tue, 03 Apr 2012 12:19:00 +1200
- To: <ietf-http-wg@w3.org>
On 03.04.2012 11:54, Stephen Farrell wrote: > On 04/03/2012 12:47 AM, William Chan (ιζΊζ) wrote: > >>> You really mean "prevent" there? POSTing a rot13 version of the >>> corporate secret won't work? And I thought more anti-porn policies >>> were domain name and not content based. >>> >> >> I don't mean _completely_ prevent. But help stop the 9X% case? Yeah, >> I >> think that's what they're shooting for. I'm not well versed in the >> intricacies of IT policies using these SSL MITM proxies > > Me neither. That's why I asked. But I'd like to know not > just about the policy they want to (or pay to) enforce, > but rather also about the effectiveness of their attempts > at enforcement. > > S > IME admin are usually not that eager to do MITM on TLS. It is required by policy makers who just want to publish tick-box policies about the things they can prevent, HTTPS just being one of many policy evasions to be worked around. Collateral damage and accuracy is not so important as having the ability to be vocal about it and tick off that security checkbox without being caught lying. AYJ
Received on Tuesday, 3 April 2012 00:19:30 UTC