Re: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt from Adam Rice on 2014-08-21 (ietf-http-wg@w3.org from July to September 2014)

From: Adam Rice <ricea@google.com>
Date: Thu, 21 Aug 2014 17:07:31 +0900
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAHixhFqe8tqu9c+iVFG=n-YiFrgcj+xzstMvzGqNzjyfr=t7jg@mail.gmail.com>

On 21 August 2014 15:37, Amos Jeffries <squid3@treenet.co.nz> wrote:

> * if use of this header is picked up widely then we will be headed
> toward a situation where more proxies can relatively safely have blanket
> rejection on CONNECT traffic omiting it, a lot of current day attacks
> will fail, and BCP 188 Pervasive Monitoring stops being pervasive.
>

I don't believe that anyone who has the capability to intercept and decrypt
traffic will voluntarily give it up.

Since it is trivial for malware to forge this header, I do not believe it
will stop any attacks.

Received on Thursday, 21 August 2014 08:07:58 UTC