Re: Q: Automatic, secure proxy selection

On Monday, 20 July 2020 07:02:14 UTC Mark Nottingham wrote:
> This question is likely better asked on the DoH or another list, as it's not
> specific to HTTP.

mine is. since dhcp is not secure, and since i won't permit any device on my 
home or corporate network to call its external mothership using crypto, i 
operate a proxy which devices on my home or corporate network must trust and 
must use. no exceptions.

how am i expected to tell alexa, siri, hey, chromecast, and the rest of the 
embedded devices my family and employees want to use, that they have to use a 
proxy if they want to reach the outside world?

this isn't DoH specific, though DoH as an HTTP use case is affected by it.

the user-centric / app-centric network model assumes that all on-path 
attackers are oppositional, like evil ISP's or authoritarian governments. i'm 
neither, i'm just a head of household and a CEO, and i will be held 
responsible for whatever traffic my network emits, and i want to exercise that 
responsibility wisely.

toerless's question resonated with me.


Received on Monday, 20 July 2020 07:44:45 UTC