Re: new version trusted-proxy20 draft from Patrick McManus on 2014-02-19 (ietf-http-wg@w3.org from January to March 2014)

From: Patrick McManus <pmcmanus@mozilla.com>
Date: Wed, 19 Feb 2014 12:25:43 -0500
To: William Chan (陈智昌) <willchan@chromium.org>
Cc: Thomas Fossati <TFossati@velocix.com>, Salvatore Loreto <salvatore.loreto@ericsson.com>, HTTP Working Group <ietf-http-wg@w3.org>, "draft-loreto-httpbis-trusted-proxy20@tools.ietf.org" <draft-loreto-httpbis-trusted-proxy20@tools.ietf.org>, GUS BOURG <gb3635@att.com>
Message-ID: <CAOdDvNpjf1bnVKDr82M72tNDBzYwAS5JGuV2cpZq-_6Nns7UMQ@mail.gmail.com>

On Wed, Feb 19, 2014 at 2:37 AM, William Chan (陈智昌)
<willchan@chromium.org>wrote:

>
> I recommend rephrasing this as a secure proxy proposal, rather than a
> trusted proxy proposal. Securing the user-agent<=>proxy connection
> sounds like a fine endeavor to me (indeed, Chromium already supports
> this behavior), and I'd like to see it standardized.
>

I'm would also like to see TLS to the proxy for both http and https
resources (where https resources contain an e2e TLS session tunneled inside
the connection to the proxy) when the UA has chosen to use the proxy.

Received on Wednesday, 19 February 2014 17:26:10 UTC