- From: Kari Hurtta <hurtta-ietf@elmme-mailer.org>
- Date: Wed, 1 Mar 2017 08:10:30 +0200 (EET)
- To: Alex Rousskov <rousskov@measurement-factory.com>, Poul-Henning Kamp <phk@phk.freebsd.dk>
- CC: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP working group mailing list <ietf-http-wg@w3.org>
https://lists.w3.org/Archives/Public/ietf-http-wg/2017JanMar/0377.html From: Alex Rousskov <rousskov@measurement-factory.com> > I continue to resist the temptation to tell browser folks how to do UI. Good. > I am sure that they can build great UIs, and that they do not need this > WG "help" with that. Sometime WG does that. https://tools.ietf.org/html/draft-ietf-httpbis-http2-encryption-10#section-4.1 | 4.1. Security Indicators | | User Agents MUST NOT provide any special security indicia when an | "http" resource is acquired using TLS. In particular, indicators | | that might suggest the same level of security as "https" MUST NOT be | used (e.g., a "lock device"). I was not suggesting any requirement on here: https://lists.w3.org/Archives/Public/ietf-http-wg/2017JanMar/0376.html | In that case location bar probbaly need to be two lines: | | First line tells proxy and certificate status of proxy URL | Second line tells reported certifcate of server and visited URL "probbaly" should be "probably". https://lists.w3.org/Archives/Public/ietf-http-wg/2017JanMar/0378.html From: Poul-Henning Kamp <phk@phk.freebsd.dk> > On the client side the only politically reasonable and neutral > solution is to announce the precense of a proxy by inserting a > prominent identification of it above the address bar, so that the > user sees: > > BIGCORP Inc. Proxy (Contact IT/Bill x1234) inspects this connection > > https://mybank.com/ > > Or as it may be: > > ELBONIA Government National & Child safety Proxy inspects this connection > > http://bikeshed.org Yes, that is similar than what I was meaning. But I'm not suggesting any requirements. That was just similar than my suggestion for UI on on CONNECT errors. https://lists.w3.org/Archives/Public/ietf-http-wg/2017JanMar/0297.html -------------- Message from proxy <proxy URL> [View proxy message] -------------- And [View proxy message] is button which - possible opens new window or tab - Shows <proxy URL> on location bar of that window or tab - Displays message from proxy - Possible lock symbol reflects TLS of proxy connection ================================================= This is not suggesting that WG tells how to do UI. This is more as "This is one possibility which perhaps resolves your requirements." https://lists.w3.org/Archives/Public/ietf-http-wg/2017JanMar/0377.html From: Alex Rousskov <rousskov@measurement-factory.com> > It is always obvious for the browser. I assume you mean that it is not > obvious for the user, and I agree with that (with cases not limited to > just PAC-driven proxy selection!). Yes, I mean that it is not obvious for the user. / Kari Hurtta
Received on Wednesday, 1 March 2017 06:11:32 UTC