- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Wed, 9 Oct 2013 14:01:14 +0200
- To: "Salvatore Loreto" <salvatore.loreto@ericsson.com>
- Cc: "HTTP Working Group" <ietf-http-wg@w3.org>
Le Mer 9 octobre 2013 06:03, Salvatore Loreto a écrit : > Hi there, Hi > we have just submitted a draft draft > that advocates the importance and the benefits that proxies can provide > for HTTP/2.0 > and aims to start a discussion on this topic within the HTTPBis wg Thank you for this draft I fear the terminology does not quite cover one of the most common use-case for intermediaries right now, which is security/caching intermediaries. This use case is present in Enterprise gateways and but also more and more on end-user systems (either via built-in browser functionalities of via extensions like ad block plus which are semantically a security proxy that happens to be deployed on the same system). Unlike a transforming proxy a security intermediary/caching does not aim to transform messages in any semantic way. The intent is to relay as much stuff unchanged as possible. However, unlike a tunnel proxy a security/caching intermediary is party to the http connexion because it may block some elements for security reasons, or relay elements that still exist in its cache but have been changed server-side. Also, it does need to convey its actions (typically, why some element has been blocked or how to unblock by authenticating for example) to endpoints. And it does not want at all for this communication to masquerade as something else. I think one of the root reasons proxies does not work correctly now is this erroneous terminology. People want to think about them as transparent tunnels (which they are not), and when they diverge from transparent tunnels they complain about transformations (which is *not* the intent at all, the few transformations that do occur only exist to simulate the communication channel that security/caching gateways need and which has been completely forgotten in http specs) Making this use case explicit in the specs and fixing the intermediary communication problem would go a long way to remove proxies as a hate object. -- Nicolas Mailhot
Received on Wednesday, 9 October 2013 12:01:56 UTC