Re: The future of forward proxy servers in an http/2 over TLS world

On 02/16/2017 10:21 AM, Kari Hurtta wrote:
> My sugeestion for UI is 
> --------------
> 	Message from proxy <proxy URL>
> 	[View proxy message]
> --------------
> And [View proxy message]  is button which
> - possible opens new window or tab
> - Shows <proxy URL> on location bar of that window or tab
> - Displays message from proxy 
> - Possible lock symbol reflects TLS of proxy connection
> That way this is equivalent to navigation
> to another site. And because "navigation"
> does not happen automatically, change
> of location bar is not hidden from user.

As an added bonus, your approach would eliminate the need to dumb down
the proxy error vocabulary.

I would polish this further by explicitly saying "Error" instead of
using more vague "Message" and use the already common "view error
details" UI (with an explanation) for that "button".

Needless to say, implementing the guts behind this simple UI is going to
be difficult in most browsers because they probably lack proxy security
context visualization code for showing that detailed message and because
the browser infrastructure (history, etc.) may not be ready to handle
location bar URLs that are not really suitable for submitting or
re-submitting requests.

This UI does not solve the "CONNECT request lacks details" problem, but
it would encourage solutions to that problem by turning on the light at
the end of the tunnel currently ending in MitM nightmares.

Thank you,


Received on Thursday, 16 February 2017 18:16:27 UTC