Re: Trusted proxy UI strawman from Diego R. Lopez on 2014-06-20 (ietf-http-wg@w3.org from April to June 2014)

From: Diego R. Lopez <diego@tid.es>
Date: Fri, 20 Jun 2014 18:44:59 +0000
To: Roland Zink <roland@zinks.de>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-id: <150FFA41-C05A-41A1-876B-7541E8D7DA76@tid.es>

Hi,

On 20 Jun 2014, at 05:29 , Roland Zink <roland@zinks.de> wrote:

>> I think the word "user" in the above is conflating people (with a
>> browser), content authors and n/w operators, at least. I (as a
>> user visiting web sites) do not "want this," nor do I as a content
>> author, nor do I as a (very very tiny:-) web site admin. And I
>> definitely do not "want this" for my calendar nor IMAP etc.
> I as a father don't want my kids (as users) to see inappropriate content. I as a user often don't want web sites sending me tracking cookies, ads, viruses and many other things. I as a (very very tiny:-) web site admin (http://home.zinks.de/) can't guarantee that nobody will hack my site and misuse it. I as a user don't want my calendar be hosted by anybody in the Internet. Question is how this can be achieved? Maybe an intercepting HTTP proxy in the home router or a service of a mobile network operator can be part of the solution. Better solutions always welcome.

I made very similar statements in a (somehow) heated discussion on the general principles of opportunistic encryption in London. An encrypted channel, authenticated or not, is just that: it can only protect you from unnoticed eavesdroppers without direct access to the source (was it no the case in much of PRISM surveillance?). And it can come at a price worse than the problem you want to solve. There are no one-size-fits-all solution. A controlled/trusted/acknowledged/... intermediary can be part of the solution in many use cases.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/

e-mail: diego@tid.es
Tel:    +34 913 129 041
Mobile: +34 682 051 091
-----------------------------------------

________________________________

Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo.
This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at:
http://www.tid.es/ES/PAGINAS/disclaimer.aspx

Received on Friday, 20 June 2014 18:45:08 UTC