W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

"Secure" proxies for HTTP URIs [was: new version trusted-proxy20 draft]

From: Mark Nottingham <mnot@mnot.net>
Date: Mon, 24 Feb 2014 17:31:37 +1100
Cc: Salvatore Loreto <salvatore.loreto@ericsson.com>, Peter Lepeska <bizzbyster@gmail.com>, Paul Hoffman <paul.hoffman@gmail.com>, Patrick McManus <pmcmanus@mozilla.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1F40AA9F-E104-488A-B4BA-81E74A1A6EF5@mnot.net>
To: "William Chan (陈智昌)" <willchan@chromium.org>

On 20 Feb 2014, at 11:40 am, William Chan (陈智昌) <willchan@chromium.org> wrote:

> Let's be clear, these are two different things. There's "secure proxy" which is securing the connection between the proxy and the client. I'm supportive of standardizing this.

There seems to be a reasonable amount of support for this, and no dissent that I've heard. 

What needs to be specified here? We don't say much about proxies yet. I suppose we might need something like RFC2818 for secure proxies, but that seems somewhat straightforward, and it might be better for that to happen in the TLS WG (indeed, our charter pretty much says so).

Note that I've just opened <https://github.com/http2/http2-spec/issues/413> to talk about proxies a bit more in general.

Cheers,


--
Mark Nottingham   http://www.mnot.net/
Received on Monday, 24 February 2014 06:32:07 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC