Re: What will incentivize deployment of explicit proxies?

On 4/12/2013 2:57 p.m., Peter Lepeska wrote:
> I like the way you've laid this out from the perspective of incentives to
> adopt.
> "Now, as far case (2), if the proxy operators can already deploy their MITM
> certs on client devices, then they already own those devices. This sounds
> like enterprise computing devices or schools or prisons or what not. Now,
> if they already own the devices on this network, what incentive do they
> have to adopt explicit proxies? It sounds like they would just lose power.
> Is there a carrot here? SSL MITM proxies are already transparent to the
> client and origin server, so I don't see what leverage either entity has
> here."
> I wonder if MITM proxy operators have any legal concerns about viewing
> content owners' traffic without their consent or even an indication that
> the MITM is active.

Some of them do.

I have consulted for several installations where the MITM was decided
against on legal grounds for almost exactly those reasons.

I have also consulted for several where it was decided *for* on legal
grounds (yes it was for schools mostly, but also for some government-run
proxy system) but with restrictions on what filtering software may be
attached to the proxy.

> The proxy operators "own" their users' devices
> presumably but not content owners' data. I think an ideal explicit proxy
> would allow proxies to make their presence known to content owners.


Received on Wednesday, 4 December 2013 03:25:20 UTC