Re: New Version Notification for draft-nottingham-http-proxy-problem-01.txt

On 11 July 2014 11:40, Phil Hunt <> wrote:
> Any reason why load-balancers aren’t in this discussion?  With more end-to-end security coming in place, load balancers are starting to have similar or even more complex challenges.

The focus so far has been on the role of proxies on the client side.
The important issue being the role that an external third party (in
the figurative sense) has in what is - at it's core - a two-party
conversation.  Of course, that is a gross oversimplification of the
matter and doesn't do justice to the vast range of options possible in
this space.

Load-balancers (or gateways) are usually part of the first two
parties; they are able to assert an authenticated identity as a
server.  That means that the issues are quite different.

There are the TLS issues arising from this (key management,
interaction with the handshake, etc...), which have been the subject
of extensive discussion in TLS.  Those discussions are more
appropriate in that forum.

Then there are the intermediation concerns at the HTTP layer.  We have
had a lot of discussion about the details of the protocol design for
gateways.  It might even be said that the conversation - certainly
recently - has been dominated by these concerns.

Is there a specific aspect of the conversation that you would like to
see us cover more thoroughly?

Received on Friday, 11 July 2014 18:54:43 UTC