- From: Eliot Lear <lear@cisco.com>
- Date: Wed, 15 Jan 2014 22:24:23 +0100
- To: Peter Lepeska <bizzbyster@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Peter, Without addressing your question specifically, who do you trust? If the information comes off DHCP do you trust the local network administrator? What if your device is mobile? What if it's in Starbucks? If we're talking about DNS-based WPAD, perhaps a configured domain that one trusts is more interesting, especially if you can play proximity games... Eliot On 1/15/14 8:09 PM, Peter Lepeska wrote: > Salvatore's recent draft on trusted proxies > (http://www.ietf.org/internet-drafts/draft-loreto-httpbis-trusted-proxy20-00.txt) > presents one approach for browsers to learn about the presence of > proxies, even when the browser is first using HTTPS to talk to the > Internet. > > But WPAD already exists for this purpose and all of the browsers > support it in one form or another -- chrome recently added support for > WPAD over DHCP as I understand it. I know there are implementation > problems with WPAD and proxy autoconfig but fundamentally what is > wrong with the approach of leveraging DHCP and DNS to discover proxies > and then relying on a simple javascript-based script to determine when > the proxy should be used? > > Is there something fatally flawed about the WPAD/PAC model for dynamic > proxy detection? If this topic is covered in another thread, please > send me a link to it. > > Thanks, > > Peter > > >
Received on Wednesday, 15 January 2014 21:24:51 UTC