- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Wed, 11 Dec 2013 13:50:14 +0100
- To: "Mark Nottingham" <mnot@mnot.net>
- Cc: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>, "Adrien de Croy" <adrien@qbik.com>, "Roberto Peon" <grmocg@gmail.com>, "HTTP Working Group" <ietf-http-wg@w3.org>
Le Mar 10 décembre 2013 03:12, Mark Nottingham a écrit : > What I don't want to do is spend months-to-years developing a new kind of > explicit proxy in HTTP in the *hope* that it'll somehow magically supplant > these devices, without some sort of evidence that it has a chance of doing > so. The trust level of the endpoint site is not the same as the trust level of the gateway. It may surprise you but in some case the trust level of the gateway is way higher than a random web site on the other side of the world, so not being able to distinguish in the web client between the signals of the web site and of the gateway is a big security problem. -- Nicolas Mailhot
Received on Wednesday, 11 December 2013 12:50:50 UTC