W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Trusted proxy UI strawman

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 16 Jun 2014 09:55:42 -0700
Message-ID: <CABkgnnWC33JEQkpSKnya1Rk1NOoaenziZO3XSw_UUN+npk7f8Q@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Peter Lepeska <bizzbyster@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 16 June 2014 07:57, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>
> I think "trusted proxy" is a misnomer and misleading and
> in general "trusted foo" is probably better not part of
> any technical discussion on this topic since the question
> of who is trusting whom for what is complex here and
> ignoring that complexity IMO does a disservice to the
> various interested parties.


This is a point that I need to emphasize.  The labels "trusted proxy"
and "secure proxy" are misnomers in the very best Orwellian tradition.
Those labels need to be used less casually.  Here, I note that Sal
gets this right, concentrating on factual aspects - i.e., explicitly
authenticated - even if this point probably needs to be better
supported.

If we have a proxy for which its primary purpose is policy
enforcement, then we can label that a policy enforcement proxy.
Received on Monday, 16 June 2014 16:56:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC