W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Trusted proxy UI strawman

From: <bizzbyster@gmail.com>
Date: Mon, 16 Jun 2014 14:42:01 -0400
Cc: Martin Thomson <martin.thomson@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <464E708F-ED57-40E5-93FC-918FDD1DBDEB@gmail.com>
To: Salvatore Loreto <salvatore.loreto@ericsson.com>
Right. I think of "trusted proxy" as a thing that decrypts HTTPS URIs. We can come up with other names if that doesn't work.

Peter

On Jun 16, 2014, at 1:35 PM, Salvatore Loreto <salvatore.loreto@ericsson.com> wrote:

> I do agree having the right terminology helps  
> 
> the Explicit Authenticated Proxy (as proposed in the draft) is supposed to do a really narrow and limited job
> that is to proxy http:// URI traffic transported over TLS
> and it is something completely different from what is in the subject of this mail
> and discussed in this thread;
> 
> /Sal
> 
> On Jun 16, 2014, at 7:55 PM, Martin Thomson <martin.thomson@gmail.com>
> wrote:
> 
>> On 16 June 2014 07:57, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>> 
>>> I think "trusted proxy" is a misnomer and misleading and
>>> in general "trusted foo" is probably better not part of
>>> any technical discussion on this topic since the question
>>> of who is trusting whom for what is complex here and
>>> ignoring that complexity IMO does a disservice to the
>>> various interested parties.
>> 
>> 
>> This is a point that I need to emphasize.  The labels "trusted proxy"
>> and "secure proxy" are misnomers in the very best Orwellian tradition.
>> Those labels need to be used less casually.  Here, I note that Sal
>> gets this right, concentrating on factual aspects - i.e., explicitly
>> authenticated - even if this point probably needs to be better
>> supported.
>> 
>> If we have a proxy for which its primary purpose is policy
>> enforcement, then we can label that a policy enforcement proxy.
>> 
> 
Received on Monday, 16 June 2014 18:42:26 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC