- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Fri, 13 Jul 2012 23:48:58 +0100
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- CC: "HAYASHI, Tatsuya" <lef.mutualauth@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Brian Pane <brianp@brianp.net>
On 07/13/2012 11:05 PM, Poul-Henning Kamp wrote: > A much better strategy is to make these practices possible > and detectable, so that the users know when they are subject > to them. It *might* be a better strategy if there were a way to do it that didn't trivially expose the client to just about any bad actor, or else make the client captive to some (possibly bad) actor. I suspect that a lot of proposals along those lines will come a cropper like that, e.g. because they require a client to trust some unprotected signal from the network or else they require all clients to have some configured entity that they'll just believe about all this stuff. So that's just not easily solved. Perhaps even beyond the state of the art in the general case. But who knows. There are many smart folks involved here. I'll not hold my breath though to be honest. Having said that, the earlier discussion about having some few bits of information (host and a new session id) in an unencrypted but perhaps signed'MAC'd envelope sounds like it might help with a bunch of this. So at a high level that does sound promising. Though I guess not for the "corporate censor" part. I dunno what can be done about that. Anyway, interesting challenges ahead all right! S.
Received on Friday, 13 July 2012 22:49:27 UTC