- From: 陈智昌 <willchan@chromium.org>
- Date: Tue, 18 Feb 2014 20:54:00 -0800
- To: Paul Hoffman <paul.hoffman@gmail.com>
- Cc: Patrick McManus <pmcmanus@mozilla.com>, Salvatore Loreto <salvatore.loreto@ericsson.com>, HTTP Working Group <ietf-http-wg@w3.org>, "draft-loreto-httpbis-trusted-proxy20@tools.ietf.org" <draft-loreto-httpbis-trusted-proxy20@tools.ietf.org>, GUS BOURG <gb3635@att.com>
On Tue, Feb 18, 2014 at 8:18 PM, Paul Hoffman <paul.hoffman@gmail.com> wrote: > On Tue, Feb 18, 2014 at 6:02 PM, William Chan (陈智昌) <willchan@chromium.org> > wrote: >> >> >> And furthermore, I should add that I don't really think it's in the >> users' interests to have an intermediary be able to snoop listen in on >> all their https traffic. I don't really see the value for end users in >> standardizing any mechanism for doing this. Is there any? > > > This still comes back to the theory that a trusted, explicit firewall, such > as a corporate firewall, should be able to snoop on all traffic leaving the > protected network. There are plenty of good reasons to do this, and plenty > of people who disagree that there are any possible reasons. Good point. This is a controversial topic that we're unlikely to see consensus on in the near future. Let me ask another question. Is there a user agent that plans on supporting this proposal? At the Zurich interim, IIRC, Patrick (Firefox), Rob (IE/WinInet), and I (Chromium) all said we do not support this. If that's in error, please speak up. Otherwise, if no user agent plans on supporting this, I don't see the value of standardizing this.
Received on Wednesday, 19 February 2014 04:54:35 UTC