Re: Preliminary minutes from the Design Team Meeting: WPAD and Proxy.pac

+1 for including in the informational document on proxy
a description of the problems (i.e. security problems as well as effectiveness etc) in the current discovery mechanisms.

In my personal view when people say it is an hard problem,
they mean hard from a trusted and security angle.
Indeed the common feeling seems to be that in path interception is actually the best form of discovery,
however even for it people have concerns about the fact that the proxy it has been discovered and configured in path
really will stay only when you are attached to that network.

I also recall a large support and interest in working on better defining pac file and a little one (if any) about wpad!


br
Salvatore



On Mar 13, 2014, at 9:04 AM, Eliot Lear <lear@cisco.com<mailto:lear@cisco.com>>
 wrote:

People keep saying this is a hard problem and I would like to understand the nature of "hard".  If hard is "How do you trust a given proxy for a given purpose?", then let's solve for that.  If "hard" is how do you know that the discovery protocol is providing you information you can trust, then let's solve for that.  But let's at least understand what we're solving for.

Eliot




On 3/10/14, 6:34 PM, emile.stephan@orange.com<mailto:emile.stephan@orange.com> wrote:

Hi Mark,



The draft of the minutes says:


Discovery is hard. We encourage interception proxies through inaction. Not much interest in standardising WPAD (security concerns, deployment concerns), but strong interest in proxy.pac from implementers, due to considerable pain. Would be interested in clarifying the current format and normalising behaviour as much as possible, and potentially in extending / replacing the format. E.g., IPv6, secure proxy.



I had the feeling there was the same interest in refurbishing both of them.



Regards

Emile



-----Message d'origine-----
De : Mark Nottingham [mailto:mnot@mnot.net]
Envoyé : samedi 8 mars 2014 17:48
À : HTTP Working Group
Objet : Preliminary minutes from the Design Team Meeting



…are at:

  https://github.com/http2/wg_materials/blob/master/interim-14-03/minutes.md





--

Mark Nottingham   http://www.mnot.net/









_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

Received on Thursday, 13 March 2014 09:03:09 UTC