- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Mon, 05 Dec 2011 17:31:13 +0100
- To: Yves Lafon <ylafon@w3.org>
- Cc: www-tag@w3.org
* Yves Lafon wrote: >It has the obvious advantage of making what's transmitted, including the >HTTP headers impossible to snoop, however it also has the disadvantage to >forbid a user to check what kind of traffic happens between his User Agent >and a Web server, of course, there is a balance to find between risks you >take in being sniffed by external parties and risk you take by not knowing >the potentially security and/or privacy invasive data that can be uploaded >to a "secure" site. Users can ask their user agent to tell them what the traffic is, and where user agents lack such a feature you can typically set up a proxy like http://mitmproxy.org/ and intercept traffic at that level. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Monday, 5 December 2011 16:31:38 UTC