- From: Adrien W. de Croy <adrien@qbik.com>
- Date: Mon, 06 Aug 2012 23:18:20 +0000
- To: "Karl Dubost" <karld@opera.com>, "Willy Tarreau" <w@1wt.eu>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
------ Original Message ------ From: "Karl Dubost" <karld@opera.com> >Le 6 août 2012 à 17:41, Willy Tarreau a écrit : > >> >>I'm not advocating MITM, quite the opposite : I'm advocating valid use of proxies via opt-in to put an end to MITM. >> > > >* I can understand the why for proposing a validation of this usage. > >* I can also see why many businesses will start to propose this as the default feature for users without a real choice for them. > > >There are plenty of EULA already that users sign-up without reading because the « power » is on the side of the service. I'm not sure it is a good idea to push further in that direction without proposing a real secure end to end mechanism in the platform. > I'm not convinced that what is proposed alters the balance of power at all. At the moment, the proxy/firewall operator continues to have all the power. They can block whatever they like. What we are proposing actually allows the firewall operator to permit additional usage of the client, because it can be validated / scanned / whatever. Otherwise it is blocked. The user still has the choice whether they will be prepared to do personal banking at work on work hardware and work internet resources or not. All UA vendors need to do is make sure it's clear to the user what's going on. Adrien > > > >-- >Karl Dubost - http://dev.opera.com/ >Developer Relations, Opera Software > > > >
Received on Monday, 6 August 2012 23:18:44 UTC