W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: new version trusted-proxy20 draft

From: 陈智昌 <willchan@chromium.org>
Date: Wed, 26 Feb 2014 08:04:23 -0800
Message-ID: <CAA4WUYhzfSbuEUMDYoJ_atDvsbbYVUn=2_BYbQiDWiD177iTgA@mail.gmail.com>
To: Ryan Hamilton <rch@google.com>
Cc: Roland Zink <roland@zinks.de>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
What Ryan said.

Roland: The "this proxy" that I was referring to above was not the "secure"
proxy proposal, but the part of the proposal that wants to identify TLS
connections carrying http URIs via ALPN for proxies to MITM.

On Tue, Feb 25, 2014 at 7:31 AM, Ryan Hamilton <rch@google.com> wrote:

> I think that Will is supportive of secure proxies as he said upthread:
> Let's be clear, these are two different things. There's "secure proxy"
> which is securing the connection between the proxy and the client. I'm
> supportive of standardizing this.
> Chrome currently supports specifying such proxies via pac files:
> http://www.chromium.org/developers/design-documents/secure-web-proxy
> Cheers,
> Ryan
> On Tue, Feb 25, 2014 at 1:40 AM, Roland Zink <roland@zinks.de> wrote:
>> On 24.02.2014 22:25, William Chan (陈智昌) wrote:
>>> I've asked this before, and I still think it's a reasonable question.
>>> Is there another vendor that wants to interop with this kind of proxy?
>>> I'm asking this because I think that the purpose of standardizing such
>>> a proposal is for interoperability across vendors, and I don't see the
>>> point if the only implementations are Ericsson. But I may be
>>> misunderstanding IETF policy here.
>> There are other implementations of "secure proxies" like Chrome on
>> Android can use a Google proxy. Why should a user trust the Google proxy
>> more than a proxy from <insert your favorite mobile network operator>? An
>> interoperability would be good.
Received on Wednesday, 26 February 2014 16:04:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC