- From: <bizzbyster@gmail.com>
- Date: Mon, 16 Jun 2014 14:42:01 -0400
- To: Salvatore Loreto <salvatore.loreto@ericsson.com>
- Cc: Martin Thomson <martin.thomson@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, HTTP Working Group <ietf-http-wg@w3.org>
Right. I think of "trusted proxy" as a thing that decrypts HTTPS URIs. We can come up with other names if that doesn't work. Peter On Jun 16, 2014, at 1:35 PM, Salvatore Loreto <salvatore.loreto@ericsson.com> wrote: > I do agree having the right terminology helps > > the Explicit Authenticated Proxy (as proposed in the draft) is supposed to do a really narrow and limited job > that is to proxy http:// URI traffic transported over TLS > and it is something completely different from what is in the subject of this mail > and discussed in this thread; > > /Sal > > On Jun 16, 2014, at 7:55 PM, Martin Thomson <martin.thomson@gmail.com> > wrote: > >> On 16 June 2014 07:57, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: >>> >>> I think "trusted proxy" is a misnomer and misleading and >>> in general "trusted foo" is probably better not part of >>> any technical discussion on this topic since the question >>> of who is trusting whom for what is complex here and >>> ignoring that complexity IMO does a disservice to the >>> various interested parties. >> >> >> This is a point that I need to emphasize. The labels "trusted proxy" >> and "secure proxy" are misnomers in the very best Orwellian tradition. >> Those labels need to be used less casually. Here, I note that Sal >> gets this right, concentrating on factual aspects - i.e., explicitly >> authenticated - even if this point probably needs to be better >> supported. >> >> If we have a proxy for which its primary purpose is policy >> enforcement, then we can label that a policy enforcement proxy. >> >
Received on Monday, 16 June 2014 18:42:26 UTC