- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Wed, 4 Dec 2013 09:55:25 +0100
- To: "Yoav Nir" <synp71@live.com>
- Cc: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>, "William Chan (陈智昌)" <willchan@chromium.org>, "Roberto Peon" <grmocg@gmail.com>, "HTTP Working Group" <ietf-http-wg@w3.org>
Le Mar 3 décembre 2013 22:28, Yoav Nir a écrit : > On 3/12/13 10:00 PM, Nicolas Mailhot wrote: >> Le Mar 3 décembre 2013 19:53, William Chan (陈智昌) a écrit : >> >>>> On 3/12/13 3:16 PM, Nicolas Mailhot wrote: >>>> >>>>> Le Mar 3 décembre 2013 12:24, Yoav Nir a écrit : >>>>> >>>>> >>>>> 5. Prompt the user: >>>>> >>>>> Accept using gateway-name to access http://awebsite.com/ and other >>>>> web >>>>> sites in ingoing-http2-mode ? >>>>> >>>>> [check reformatted access rules] [see help page] [see certificate] >>>>> >>>>> [ ] Prompt for other web sites and security modes >>>>> ( ) only for this session ( ) all the time >>>>> (*) only from here ( ) everywhere >>>>> [Yes] [No] >>> <pushback> >>> I can probably expect to be tarred and feathered by my security team if >>> I >>> tell them we need to put up a UI asking the end user to make a decision >>> about security :) >>> </pushback> >> Then simplify the prompt to >> >> Access to http://awebsite.com/ requires using gateway-name on this >> network. >> gateway-name may read some of your traffic. Do you want to proceed ? >> <link to advanced info> >> <yes> <no> > > Simplification doesn't help. The user is in the middle of doing > something, and they're not going to take their mind off the task at hand > to answer your questions. I can tell you they will and already do it (here for 150k+ people) >> The only decision the user needs to make is if he's in a location where >> gateway-name is expecter and if he accepts exposing his traffic. > > Not everyone has expectations regarding the presence or absence of > proxies. Only a few would be able to make a good guess as to why the > proxy is even there (scan for malware? Cache? scan for subversives?) They're not required to guess anything that's why I want the browser to display the whole access list if the user want to consult it. For the rest it's not better or worse than the miriad small print interactions users perform every day (including small print on video games for kids, including web site term of uses, etc). You can wish for a world without small print or lawsuits but this world won't happen so let's make the existing one as convenient as possible for existing users. >> That will >> usually be a no-brainer (ok if at hotel, corp, school, nok at home >> unless >> the proxy is user-deployed). > > Guess it's not a no-brainer, because I would not be OK with a decrypting > proxy at a hotel, coffee shop, or airport. It's a no brainer to choose yes or no. Your answer proves it's a no brainer for you to choose no in some circumstances. I guess if you want to access your airplane ticket to reschedule because you're late at the airport it will be a no brainer to choose yes to the airport proxy instead of spending hours in a physical queue (and I'm pretty sure than in the USA any airport gateway would be monitored in depth by all kinds of black agencies). >> And you only need to remind him the gateway >> is in use next time it's encountered via a transient message, in case it >> occurs in an unexpected place, the user wants to rescind the permission >> or >> he's in private browsing mode. (display gateway name and encryption >> status) > > "Your traffic to mail.google.com is being decrypted by > sslproxy.example.com". Good, bad, or indifferent? Indifferent is not a choice. The choice is to proceed or not. Regards, -- Nicolas Mailhot
Received on Wednesday, 4 December 2013 08:55:54 UTC