- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Fri, 12 Jun 2015 13:56:13 -0700
- To: Roland Zink <roland@zinks.de>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 12 June 2015 at 13:51, Roland Zink <roland@zinks.de> wrote: > My concern is about a setup routing plain text http through a different > proxy than TLS traffic. In this case this approach may fail. Don't know how > often such an approach is used in practice. I see. You might be right about that. And it seems like a plausible deployment arrangement. That's a concern with opportunistic encryption more than anything else. Such a deployment might (might!) be able to suppress any advertisements for secure alternatives. On the positive side, the worst case here I can imagine isn't that bad. The http:// proxy gets a connect request and has to drop it, so that the alternative connection fails.
Received on Friday, 12 June 2015 20:56:41 UTC