- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Thu, 16 Feb 2012 15:36:47 +0100
- To: ietf-http-wg@w3.org
Hi, Now that browsers have started refusing redirection of https sessions, there is no clean way for a proxy to point browsers to an https authentication portal when they need to be authenticated or re-authenticated. The 407 error must be extended to indicate the https proxy authentication portal location to handle the cases where it is not desirable to have proxy auth transmitted in clear, and clients are too dumb to support anything more complex than basic auth over http or https. (the other “solution” is DPI, but that's not really appealing except to proxy aplicance manufacturers) Best regards, -- Nicolas Mailhot
Received on Thursday, 16 February 2012 14:37:26 UTC