Re: new version trusted-proxy20 draft

Hi Salvatore,

As you know, I'm all for new proposals that support both Secure Proxy and
Trusted Proxy. So thanks for writing and posting this. I'm struggling to
understanding how http URIs over TLS work as described in your draft. My
main question is:

If the content server supports authenticated TLS, then why isn't the
content just hosted via "https"-schemed URIs? What is the reason that the
content server would make this content available via http schemes?

Thanks,

Peter






On Tue, Feb 25, 2014 at 10:31 AM, Ryan Hamilton <rch@google.com> wrote:

> I think that Will is supportive of secure proxies as he said upthread:
>
> Let's be clear, these are two different things. There's "secure proxy"
> which is securing the connection between the proxy and the client. I'm
> supportive of standardizing this.
>
>
> Chrome currently supports specifying such proxies via pac files:
>
> http://www.chromium.org/developers/design-documents/secure-web-proxy
>
>
> Cheers,
>
> Ryan
>
>
> On Tue, Feb 25, 2014 at 1:40 AM, Roland Zink <roland@zinks.de> wrote:
>
>> On 24.02.2014 22:25, William Chan (陈智昌) wrote:
>>
>>> I've asked this before, and I still think it's a reasonable question.
>>> Is there another vendor that wants to interop with this kind of proxy?
>>> I'm asking this because I think that the purpose of standardizing such
>>> a proposal is for interoperability across vendors, and I don't see the
>>> point if the only implementations are Ericsson. But I may be
>>> misunderstanding IETF policy here.
>>>
>> There are other implementations of "secure proxies" like Chrome on
>> Android can use a Google proxy. Why should a user trust the Google proxy
>> more than a proxy from <insert your favorite mobile network operator>? An
>> interoperability would be good.
>>
>>
>>
>