- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Wed, 27 Nov 2013 22:24:06 +0100
- To: "Yoav Nir" <synp71@live.com>
- Cc: "Mark Nottingham" <mnot@mnot.net>, "HTTP Group" <ietf-http-wg@w3.org>
Le Mer 27 novembre 2013 22:05, Yoav Nir a écrit : > I just think that the pipe between CDN and content provider should be > out of scope. This is not some random https connection with no > pre-arranged trust. This is a connection between entities that have a > legal contract between them - real contract, not the "terms and > conditions" kind. So whether they use TLS or HTTP over an IPsec tunnel > is not something that we should be concerned about. However, both the user-agent or any corp proxy would like to differentiate between cdn-traffic-for-foo and cdn-traffic-for-bar. The trust problem does not stop at the cdn level. For one that would allow the proxy operator to special-case cdn-traffic-for-foo without any side-effect on cdn-traffic-for-someone-else (for example we definitely want to authorise our akamaihd videos without having users slurp all the other videos akaimaihd pushes) Cheers, -- Nicolas Mailhot
Received on Wednesday, 27 November 2013 21:24:34 UTC