W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: Trusted Proxy Alternatives Analysis

From: Frode Kileng <frodek@tele.no>
Date: Fri, 07 Feb 2014 12:54:33 +0100
Message-ID: <52F4C979.7010101@tele.no>
To: ietf-http-wg@w3.org
Hi Emilie

On 07.02.2014 12:23, emile.stephan@orange.com wrote:
 > Hi Frode,
 >
 >  The term MITM in not appropriate for these cases: the service 
augmentation
 >  is performed by the reverse proxy of the mobile operator. This 
reverse proxy
 >  receives and processes the requests for the service provided by the 
mobile
 >  operator.

Is the client configured to use this proxy? If not, I prefer to use MITM 
although the wording may not be the the most important isue...

Regarding the "identity binding", an alternative is of course to do this 
end-2-end. If this for some reason isn't an alternative, I would propose 
that the use case description clearly states why, both in regard to 
end-user experience ("User benefit") and/or service/network provider 
issues ("Admin Benefit").

Regards
Frode Kileng
Received on Friday, 7 February 2014 11:54:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC