Re: The future of forward proxy servers in an http/2 over TLS world

In message <>, Kari Hurtta writes:

>Yes, this looks like common sense. And still no one browser does that.

I think common sense can be summarized as follows:

1. If any proxy is involved, both the client and server should know
   that, so that they can judge for themselves to what extent they
   want to trust the proxy.

2. A legitimate proxy has no reason to try hide its own existence
   or to deliberately reduce the security, privacy or integrity of
   the communication, beyond what is required for doing its job.

3. It should be as hard as possible to insert and hide an ilegitimate
   proxy (=MITM attack) which undetected can impact security, privacy
   or integrity of the communication.

On the client side the only politically reasonable and neutral
solution is to announce the precense of a proxy by inserting a
prominent identification of it above the address bar, so that the
user sees:

	BIGCORP Inc. Proxy (Contact IT/Bill x1234) inspects this connection

Or as it may be:

	ELBONIA Government National & Child safety Proxy inspects this connection

The "proxybar" should be suitably decorated to indicate if the
connection to the proxy has any kind of privacy and if there is any
reason to think that the proxy really is who it claims to be.

The current "political" stance by the user agents means that literally
millions of people are behind proxies, legitimate and ilegitimate,
without knowing it or being able to see it, without significant

As for the political fight for a fundamental human right to privacy:

More people would probably pay attention, if they could clearly see
who tried to mess with their communication.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Tuesday, 28 February 2017 21:27:19 UTC