- From: 陈智昌 <willchan@chromium.org>
- Date: Wed, 26 Feb 2014 08:12:57 -0800
- To: Peter Lepeska <bizzbyster@gmail.com>
- Cc: Jeff Pinner <jpinner@twitter.com>, Ryan Hamilton <rch@google.com>, Roland Zink <roland@zinks.de>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
- Message-ID: <CAA4WUYj4EL=k0w-T-4FQCG2aD2BgHyoq3TRaX9ZjqcubFTFVvw@mail.gmail.com>
That's false, but pretty close to true, so I'll ignore it. In any case, it depends if opportunistic encryption takes off. I think Patrick was experimenting on this in collaboration with mnot@. I expect we'll hear an update in London, and perhaps have some more discussion on the topic. On Wed, Feb 26, 2014 at 5:10 AM, Peter Lepeska <bizzbyster@gmail.com> wrote: > Okay. But currently no "http"-schemed traffic runs over TLS. Do we think > this will account for a significant portion of web traffic in the future? > > > On Tue, Feb 25, 2014 at 9:35 PM, Jeff Pinner <jpinner@twitter.com> wrote: > >> Currently, "http" and "https" conflate the browser security model with >> the transport security model. The "https" browser security model might not >> be acceptable for certain resources even if the transport security model is >> preferable. >> >> >> On Tue, Feb 25, 2014 at 5:09 PM, Peter Lepeska <bizzbyster@gmail.com>wrote: >> >>> Hi Salvatore, >>> >>> As you know, I'm all for new proposals that support both Secure Proxy >>> and Trusted Proxy. So thanks for writing and posting this. I'm struggling >>> to understanding how http URIs over TLS work as described in your draft. My >>> main question is: >>> >>> If the content server supports authenticated TLS, then why isn't the >>> content just hosted via "https"-schemed URIs? What is the reason that the >>> content server would make this content available via http schemes? >>> >>> Thanks, >>> >>> Peter >>> >>> >>> >>> >>> >>> >>> On Tue, Feb 25, 2014 at 10:31 AM, Ryan Hamilton <rch@google.com> wrote: >>> >>>> I think that Will is supportive of secure proxies as he said upthread: >>>> >>>> Let's be clear, these are two different things. There's "secure proxy" >>>> which is securing the connection between the proxy and the client. I'm >>>> supportive of standardizing this. >>>> >>>> >>>> Chrome currently supports specifying such proxies via pac files: >>>> >>>> http://www.chromium.org/developers/design-documents/secure-web-proxy >>>> >>>> >>>> Cheers, >>>> >>>> Ryan >>>> >>>> >>>> On Tue, Feb 25, 2014 at 1:40 AM, Roland Zink <roland@zinks.de> wrote: >>>> >>>>> On 24.02.2014 22:25, William Chan (陈智昌) wrote: >>>>> >>>>>> I've asked this before, and I still think it's a reasonable question. >>>>>> Is there another vendor that wants to interop with this kind of proxy? >>>>>> I'm asking this because I think that the purpose of standardizing such >>>>>> a proposal is for interoperability across vendors, and I don't see the >>>>>> point if the only implementations are Ericsson. But I may be >>>>>> misunderstanding IETF policy here. >>>>>> >>>>> There are other implementations of "secure proxies" like Chrome on >>>>> Android can use a Google proxy. Why should a user trust the Google proxy >>>>> more than a proxy from <insert your favorite mobile network operator>? An >>>>> interoperability would be good. >>>>> >>>>> >>>>> >>>> >>> >> >
Received on Wednesday, 26 February 2014 16:13:25 UTC