W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: "Secure" proxies for HTTP URIs [was: new version trusted-proxy20 draft]

From: Peter Lepeska <bizzbyster@gmail.com>
Date: Wed, 26 Feb 2014 10:25:34 -0500
Message-ID: <CANmPAYHUjBUtCrPNLQxj7fMMSh1maHdbORBs1NTF6MNcLKrUsg@mail.gmail.com>
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
One question for browser vendors who have said they will not support HTTP2
over plaintext (Firefox, chrome): will you support HTTP2 when http-schemed
URIs are being proxied via a Secure Proxy?

This allows firefox and chrome users to get the performance benefit of
HTTP2 at least across the segment between the ua and the proxy for
http-schemed URLs.



On Wed, Feb 26, 2014 at 5:37 AM, Amos Jeffries <squid3@treenet.co.nz> wrote:

> On 25/02/2014 8:49 p.m., Nicolas Mailhot wrote:
> >
> > Le Mar 25 février 2014 03:58, James Cloos a écrit :
> >> if anyone has a legal requirement to avoid end-to-end encryption, they
> >> MUST accomplish that by avoiding TLS between client and proxy.  Such
> >> requirements MUST not affect the rest of us.)
> >
> > This forbids an http/1 use case and as such is outside the workgroup
> charter
> >
> There is also no sound reason so far presented behind forbidding that
> same use-case in HTTP/2. Just a few implementers choosing not to do it
> for reasons which have all be countered by other implementers who do.
> Also, in my (medium-low) familiarity with such laws TLS or any other
> mechanism used to transport packets to the collection point (proxy) is
> not relevant to the criterion placed upon the ISP. Only the ability to
> accurately and *fully* collect and report is prescribed.
>  End-to-end TLS violates that legal requiremet, TLS-to-proxy does not.
> Amos
Received on Wednesday, 26 February 2014 15:26:01 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC