Re: MITM and proxy messages [was: Call for Adoption: draft-song-dns-wireformat-http]

On 8 August 2016 at 03:25, Walter H. <> wrote:
> configured proxies are not the bug; why not just simpy use plain HTML?

Because the problem we're trying to avoid is spoofing.  The browser
needs to own the UX for the page that appears or we risk showing
something that could be mistaken for the real thing.  A link and some
text is maybe manageable.

To Amos' point, branding is likely a step too far.  Yielding that much
control over pixels is probably not going to happen.  And yes, this
implies that we don't trust the proxy.  If the user wanted and they got proxy.example then that looks like an

Received on Monday, 8 August 2016 03:10:45 UTC