Re: explicitly authenticated proxy: new draft

Hiya,

On 17/06/14 01:55, Diego R. Lopez wrote:
> As far as I can tell Stephen's objections were about a proxy acting
> as intermediary in a connection using HTTPS

Not quite. I do object to modifying TLS to add a 3rd party
with no real analysis of the significant impact of doing
that. (Where a real analysis is a *lot* of work as stated
earlier etc. etc.)

I'll be interested to see if a useful HTTP layer solution
that does not modify TLS is practical, or not.

And since I am in favour of defining how to use HTTP URIs
over TLS, and of more use of that, yes, there is maybe an
interesting cross-over space between that and some possible
HTTP proxy proposals. I'm not sure to be honest if a useful
thing can be standardised in this space.

That said, I think after my concerns are handled, you may
run straight into Will's browser UI and caching issues, which
might be even trickier, so I am not by any means asserting
that there is a good approach that's possible to standardise
here.

Cheers,
S.

Received on Tuesday, 17 June 2014 01:24:29 UTC