- From: Henry Story <henry.story@bblfish.net>
- Date: Sun, 19 Feb 2012 12:04:48 +0100
- To: WebID XG <public-xg-webid@w3.org>, public-webid <public-webid@w3.org>
Something being discussed on the HTTP mailing list, which we should keep track of. Henry Begin forwarded message: > From: Henry Story <henry.story@bblfish.net> > Subject: Re: Secure (https) proxy authentification > Date: 18 February 2012 18:29:53 CET > To: Nicolas Mailhot <nicolas.mailhot@laposte.net> > Cc: ietf-http-wg@w3.org > > > On 16 Feb 2012, at 15:36, Nicolas Mailhot wrote: > >> Hi, >> >> Now that browsers have started refusing redirection of https sessions, there >> is no clean way for a proxy to point browsers to an https authentication >> portal when they need to be authenticated or re-authenticated. > > Hi Nicolas. I am working on WebID - an https protocol ( http://webid.info/spec ) - > so this sounds like it could be important to us. Do you have a pointer to > explain the situation here in more detail? I am not sure what kind of redirects > get refused, for what reason, etc.... > > >> >> The 407 error must be extended to indicate the https proxy authentication >> portal location to handle the cases where it is not desirable to have proxy >> auth transmitted in clear, and clients are too dumb to support anything more >> complex than basic auth over http or https. >> >> (the other “solution” is DPI, but that's not really appealing except to proxy >> aplicance manufacturers) >> >> Best regards, >> >> -- >> Nicolas Mailhot >> >> > > Social Web Architect > http://bblfish.net/ > Social Web Architect http://bblfish.net/
Received on Sunday, 19 February 2012 11:05:21 UTC