- From: Adrien de Croy <adrien@qbik.com>
- Date: Tue, 24 Jun 2014 05:00:17 +0000
- To: "Amos Jeffries" <squid3@treenet.co.nz>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
wiretapping is yet another issue. The difference between a government agency wiretap, and a commercial organisation's MITM proxy, is that one is covert, and the other can usually be overt. I thought the basis of the decisions / conclusions about wiretapping in 2804 were related to the issues around covert wiretapping and government agency directives, rather than overt interception for other purposes. If we had a proper mechanism to allow overt with opt-in consent for interception, would 2804 even apply? ------ Original Message ------ From: "Amos Jeffries" <squid3@treenet.co.nz> To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org> Sent: 24/06/2014 4:09:52 p.m. Subject: Re: HTTP/2 vs. proxies ? >On 24/06/2014 10:43 a.m., Peter L wrote: >> I agree. But I think increased MITM will be an unintended >>consequence. > >AIUI, the editors have decided to go ahead in compliance with RFC2804 >by >ignoring the considerations for wiretapping. > >Sadly the choice of ignoring seems to implicitly mean that the spec >does >not do anything to discourage the underlying factors driving >wiretapping >interception of HTTP(S). > >Amos > >
Received on Tuesday, 24 June 2014 05:00:52 UTC