Re: new version trusted-proxy20 draft from Paul Hoffman on 2014-02-19 (ietf-http-wg@w3.org from January to March 2014)

From: Paul Hoffman <paul.hoffman@gmail.com>
Date: Tue, 18 Feb 2014 20:18:39 -0800
To: William Chan (陈智昌) <willchan@chromium.org>
Cc: Patrick McManus <pmcmanus@mozilla.com>, Salvatore Loreto <salvatore.loreto@ericsson.com>, HTTP Working Group <ietf-http-wg@w3.org>, "draft-loreto-httpbis-trusted-proxy20@tools.ietf.org" <draft-loreto-httpbis-trusted-proxy20@tools.ietf.org>, GUS BOURG <gb3635@att.com>
Message-ID: <CAPik8yZpWyHSa49jpYG3mMMPwYeWvgd6PB6NW65Kj3qTkU8CGQ@mail.gmail.com>

On Tue, Feb 18, 2014 at 6:02 PM, William Chan (陈智昌)
<willchan@chromium.org>wrote:

>
> And furthermore, I should add that I don't really think it's in the
> users' interests to have an intermediary be able to snoop listen in on
> all their https traffic. I don't really see the value for end users in
> standardizing any mechanism for doing this. Is there any?
>

This still comes back to the theory that a trusted, explicit firewall, such
as a corporate firewall, should be able to snoop on all traffic leaving the
protected network. There are plenty of good reasons to do this, and plenty
of people who disagree that there are any possible reasons.

Received on Wednesday, 19 February 2014 04:19:06 UTC