W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Proxies (includes call for adopting new work item, call for input)

From: Diego R. Lopez <diego@tid.es>
Date: Mon, 23 Jun 2014 07:48:46 +0000
To: Eric Rescorla <ekr@rtfm.com>
Cc: Martin Nilsson <nilsson@opera.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-id: <859B363C-7A6E-4FD5-80EA-B89AF349AEF1@tid.es>

On 23 Jun 2014, at 00:26 , Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> wrote:
On Sun, Jun 22, 2014 at 1:48 PM, Diego R. Lopez <diego@tid.es<mailto:diego@tid.es>> wrote:

On 22 Jun 2014, at 21:48 , Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> wrote:

However, I think the main *technical* issue here is what, if any, support browsers
ought to have for allowing network operators to install credentials which allow
them to act as a proxy for connections which would otherwise be end-to-end
secured between the client and the server. This may use the same technical
mechanisms once that's done (and in fact it currently mostly does), but from
a policy perspective it's totally different.

I disagree: I see the split UA policy-wise equivalent to the proxy once you install your browser: you put your trust on the browser developers *and* on the the proxy operator: when you install the browser you take a single leap of faith, from that moment on you (implicitly) putting your trust on the proxy operator: whether it is the same or a different organization that develop the browser is immaterial.

I'm not sure what to tell you. It doesn't seem like a very complicated piece of
security analysis that trusting two people is a bigger deal than trusting one.
And this is before we get to the fact that in many cases the MITM proxies
are in place specifically to ensure that the user uses the browser in accordance
with the network's policies rather than his own, a situation that does not apply
in a typical split browser scenario.

My point is that you need to trust those people at different moments (one for installation, another one when using it) and that makes that you always have to trust two different set of people. Unless I am missing something and you assume that a split browser scenario implies full control of both parts by the user.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/


e-mail: diego@tid.es
Tel:    +34 913 129 041
Mobile: +34 682 051 091
-----------------------------------------


________________________________

Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo.
This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at:
http://www.tid.es/ES/PAGINAS/disclaimer.aspx

Received on Monday, 23 June 2014 07:48:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC