- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Tue, 07 Aug 2012 13:25:11 +1200
- To: <ietf-http-wg@w3.org>
On 07.08.2012 13:12, Stephen Farrell wrote: > On 08/07/2012 01:45 AM, Amos Jeffries wrote: >> >> Today those rights are just words on a piece of paper describing >> some >> fantasy land that does not exist. Recalls marks assumption that he >> *knew* CONNECT provided end-to-end security. Mark you live in .au >> still? >> then your CONNECT is being decrypted. .cn, .sa, .in. .us, rq? same. > > I think evidence of that would be useful. > > Thanks, > S. That was a quick scan of my inbox from what appear to be national teleco types asking how to debug problems in their Squid ssl-bump MITMs over the last ~6 months. ssl-bump being a feature which is rather non-discriminative about what it decrypts. Along the lines of that raven list argument "why is it not wiretapping if only 92% of packets are captured?" AYJ
Received on Tuesday, 7 August 2012 01:25:37 UTC