Trusting proxies (was Re: I revised the pro/contra document)

On 25 November 2013 13:09, Peter Lepeska <> wrote:
> I think we need to come up with a protocol-supported way to solve the
> problems of trusted proxies without modifying TLS.

Isn't it the case that we want to limit the amount of trust that we
bestow upon our favourite intermediary?

If this truly were a 100% trusted intermediary, then we'd already be
done here.  TLS hop-by-hop is enough for that.  I don't think that is
where all this time is going.

I think that all this discussion is getting all knotted over is what
we want to allow intermediaries to do.  What set of capabilities can
be offered to an intermediary that would induce it to reduce the scope
of its powers?

It has been suggested that the powers of stealth be denied.  That
sounds reasonable, but I always stumble at the UX story there.

The power of content modification - with some fuzziness around whether
that includes "metadata" - has also been suggested as another
potential power to strip.

I think that leaves intermediaries with the ability to see what is
going on and prevent it if they choose.  Is that enough?  I've heard
it said that it is not.

Received on Monday, 25 November 2013 22:14:01 UTC