- From: Adrien de Croy <adrien@qbik.com>
- Date: Wed, 03 Aug 2016 21:58:56 +0000
- To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>, "Patrick McManus" <pmcmanus@mozilla.com>
- Cc: "tjw ietf" <tjw.ietf@gmail.com>, "HTTP Working Group" <ietf-http-wg@w3.org>
In our customer base, the biggest driver to deploy MitM is the refusal of browsers to display block pages from denied CONNECT requests. ------ Original Message ------ From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: "Patrick McManus" <pmcmanus@mozilla.com> Cc: "tjw ietf" <tjw.ietf@gmail.com>; "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 4/08/2016 2:25:44 AM Subject: Re: Fwd: Call for Adoption: draft-song-dns-wireformat-http >-------- >In message ><CAOdDvNqX438A48aWf8x=oV1qwKKtXzX5ZhZo7gD_MVKc7K6OFA@mail.gmail.com>, >Patrick McManus writes: > >>of course, IP-over-DNS is a typical desperate tunnel of last result to >>run >>https.. combined with dns over h2 that could give you >>h2-over-tls-over-tcp-over-ip-over-dns-over-h2-over-tls-over-tcp-over-ip. >>I'm sure that would be totally fine from a congestion and flow control >>pov :( > >It would be *so* much more productive to try to tackle these problems >as the political human-rights issues they are, than stacking boxed >higher >and higher trying to cross over the walls people erect. > >The one sure result from tunnelling more and more through HTTPS is that >HTTPS will be MiTM'd and blocked more and more. > >-- >Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 >phk@FreeBSD.ORG | TCP/IP since RFC 956 >FreeBSD committer | BSD since 4.3-tahoe >Never attribute to malice what can adequately be explained by >incompetence. >
Received on Wednesday, 3 August 2016 21:59:29 UTC