W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Trusted proxy UI strawman

From: Salvatore Loreto <salvatore.loreto@ericsson.com>
Date: Mon, 16 Jun 2014 17:35:12 +0000
To: Martin Thomson <martin.thomson@gmail.com>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Peter Lepeska <bizzbyster@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <C8B78542-5F20-45AA-9B72-7DB42B0EF780@ericsson.com>
I do agree having the right terminology helps  

the Explicit Authenticated Proxy (as proposed in the draft) is supposed to do a really narrow and limited job
that is to proxy http:// URI traffic transported over TLS
and it is something completely different from what is in the subject of this mail
and discussed in this thread;

/Sal

On Jun 16, 2014, at 7:55 PM, Martin Thomson <martin.thomson@gmail.com>
 wrote:

> On 16 June 2014 07:57, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>> 
>> I think "trusted proxy" is a misnomer and misleading and
>> in general "trusted foo" is probably better not part of
>> any technical discussion on this topic since the question
>> of who is trusting whom for what is complex here and
>> ignoring that complexity IMO does a disservice to the
>> various interested parties.
> 
> 
> This is a point that I need to emphasize.  The labels "trusted proxy"
> and "secure proxy" are misnomers in the very best Orwellian tradition.
> Those labels need to be used less casually.  Here, I note that Sal
> gets this right, concentrating on factual aspects - i.e., explicitly
> authenticated - even if this point probably needs to be better
> supported.
> 
> If we have a proxy for which its primary purpose is policy
> enforcement, then we can label that a policy enforcement proxy.
> 
Received on Monday, 16 June 2014 17:35:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC