- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Thu, 16 Jan 2014 10:54:22 +0100
- To: "Eliot Lear" <lear@cisco.com>
- Cc: "Peter Lepeska" <bizzbyster@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Le Mer 15 janvier 2014 22:24, Eliot Lear a écrit : > Peter, > > Without addressing your question specifically, who do you trust? If the > information comes off DHCP do you trust the local network > administrator? What if your device is mobile? What if it's in > Starbucks? If we're talking about DNS-based WPAD, perhaps a configured > domain that one trusts is more interesting, especially if you can play > proximity games... The fact is, you should not have to trust "here is the proxy" hint or not. A correct security model is "do you trust the proxy or not", regardless of how you discovered it Regards, -- Nicolas Mailhot
Received on Thursday, 16 January 2014 09:54:51 UTC