Secure Proxy Clarifications

Hi,

I would like to post some clarifications regarding the secure proxy draft
(draft-loreto-httpbis-trusted-proxy20-01). I think such discussion should
be done here and not somewhere else.

- As the suggested solution does not proxy all traffic (e.g. https:// or
opt-out) it will be called "secure proxy" instead of trusted proxy as
suggested on the list.

- “Secure proxy" does not affect https:// resources in any way, such
resources are always protected end-to-end as intended. The draft also
embraces the decision to allow encryption of http:// resources, which
mitigate attacks when using e.g. unencrypted hotspots.

- The draft specifies that the user will always become aware of the
presence of a "secure proxy". She/he needs to give consent; otherwise the
secure proxy is not included in the communication at all. And even if the
user has given consent, the user may opt-out for specific connections. An
implementation might even choose to always opt-out of all secure proxies.


The uses and need for proxies has been extensively discussed in the
httpbis wg. Proxies are currently used by enterprises, browser vendors,
operators, and applications. Today that usage is often done without any
user consent, without opt-out, sometimes without the user knowing, and
sometimes done in ways that weakens the user’s security.

The secure proxy draft does not introduce the possibility to use proxies.
With or without the draft, there will exist other ways to insert proxies.
What the draft does is to provide a much more secure way to do so and to
give the user power to decide whether to allow proxies or not.

Thanks,



JOHN MATTSSON
MSc Engineering Physics, MSc Business Administration and Economics
Ericsson IETF Security Coordinator
Senior Researcher, Security

Ericsson AB
Security Research
Färögatan 6
SE-164 80 Stockholm, Sweden
Phone +46 10 71 43 501
SMS/MMS +46 76 11 53 501
john.mattsson@ericsson.com
www.ericsson.com <http://www.ericsson.com/>

Received on Wednesday, 26 February 2014 17:04:47 UTC