- From: Albert Lunde <atlunde@panix.com>
- Date: Tue, 10 Dec 2013 00:14:04 -0600
- To: HTTP Working Group <ietf-http-wg@w3.org>
I would tend to argue that, in the web browser case, the list of configured trusted proxies and/or configured trusted CAs for proxies should go in a separate "bucket" from trusts for CAs used web servers, and should distinguish GET vs CONNECT tunnels. It's not so much that typical end users care about trusting a FOO-server vs a BAR-server (though maybe they should), but it should be possible to manage the proxies in use by some means, and that software may care about these distinctions.
Received on Tuesday, 10 December 2013 06:14:28 UTC