W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Proxies (includes call for adopting new work item, call for input)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 23 Jun 2014 10:13:30 -0700
Message-ID: <CABkgnnV0LDD_aupv1Wc8zrBHc9A-kuTkQzRi0DVGYjWgatN=_A@mail.gmail.com>
To: "Diego R. Lopez" <diego@tid.es>
Cc: Eric Rescorla <ekr@rtfm.com>, Martin Nilsson <nilsson@opera.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 23 June 2014 00:48, Diego R. Lopez <diego@tid.es> wrote:
> My point is that you need to trust those people at different moments (one
> for installation, another one when using it) and that makes that you always
> have to trust two different set of people. Unless I am missing something and
> you assume that a split browser scenario implies full control of both parts
> by the user.

That's not right.  You don't need to trust your network provider at
all.  That's a core tenet of Internet security: "you give your packets
to the attacker to deliver."

You might trust them to deliver some packets.  But to say that is the
same as trusting them with the details of a banking session would be a
gross oversimplification of the concept of trust.

p.s., When I said split UA, there are two things: one is the line that
ekr has been following, which is that you are trusting a single
vendor, which is the most important from a security analysis
perspective.  The other is pure functionality: your browser is not
complete without the network side component.  In some of these cases,
the code that sits on the device is potentially unable to function
without the server piece.
Received on Monday, 23 June 2014 17:13:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC