William is wrong: He will *definitely* be punished severely if he proposes
putting security choices in the faces of ordinary humans; no “probably
expect” about it...
On Tue, Dec 3, 2013 at 10:53 AM, William Chan (陈智昌)
<willchan@chromium.org>wrote:
> On Tue, Dec 3, 2013 at 5:36 AM, Yoav Nir <synp71@live.com> wrote:
>
>> I like this discovery process. It's all in HTTP. The only downside is
>> that it requires plaintext HTTP to work. I'm assuming that
>> http://awebsite.com should not be the real site that the user is trying
>> to view, but some specific site that the browser vendor keeps available
>> just for testing for proxies with HTTP. You can't use the site that the
>> user used, because that might be HTTPS.
>>
>> You will get pushback on #5, though.
>>
>>
>> On 3/12/13 3:16 PM, Nicolas Mailhot wrote:
>>
>>> Le Mar 3 décembre 2013 12:24, Yoav Nir a écrit :
>>>
>>>
>>> 5. Prompt the user:
>>>
>>> Accept using gateway-name to access http://awebsite.com/ and other web
>>> sites in ingoing-http2-mode ?
>>>
>>> [check reformatted access rules] [see help page] [see certificate]
>>>
>>> [ ] Prompt for other web sites and security modes
>>> ( ) only for this session ( ) all the time
>>> (*) only from here ( ) everywhere
>>> [Yes] [No]
>>>
>>>
>>> My mother would call me if she got that. My daughter would quickly
>> learn that clicking "Yes" after unchecking the "Prompt" box and selecting
>> "everywhere" makes the prompt go away and not come back. IOW it would make
>> the Internet work.
>>
>
> <pushback>
> I can probably expect to be tarred and feathered by my security team if I
> tell them we need to put up a UI asking the end user to make a decision
> about security :)
> </pushback>
>
>
>> Yoav
>>
>> (or my mother could call my daughter and get her advice...)
>>
>>
>>
>>
>