W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: What will incentivize deployment of explicit proxies?

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 04 Dec 2013 16:24:51 +1300
Message-ID: <529EA083.8050201@treenet.co.nz>
To: ietf-http-wg@w3.org
On 4/12/2013 2:57 p.m., Peter Lepeska wrote:
> I like the way you've laid this out from the perspective of incentives to
> adopt.
> "Now, as far case (2), if the proxy operators can already deploy their MITM
> certs on client devices, then they already own those devices. This sounds
> like enterprise computing devices or schools or prisons or what not. Now,
> if they already own the devices on this network, what incentive do they
> have to adopt explicit proxies? It sounds like they would just lose power.
> Is there a carrot here? SSL MITM proxies are already transparent to the
> client and origin server, so I don't see what leverage either entity has
> here."
> I wonder if MITM proxy operators have any legal concerns about viewing
> content owners' traffic without their consent or even an indication that
> the MITM is active.

Some of them do.

I have consulted for several installations where the MITM was decided
against on legal grounds for almost exactly those reasons.

I have also consulted for several where it was decided *for* on legal
grounds (yes it was for schools mostly, but also for some government-run
proxy system) but with restrictions on what filtering software may be
attached to the proxy.

> The proxy operators "own" their users' devices
> presumably but not content owners' data. I think an ideal explicit proxy
> would allow proxies to make their presence known to content owners.

Received on Wednesday, 4 December 2013 03:25:20 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:20 UTC