Re: Discussion points on HTTP "evolutions" [ACTION-618]

* Yves Lafon wrote:
>It has the obvious advantage of making what's transmitted, including the 
>HTTP headers impossible to snoop, however it also has the disadvantage to 
>forbid a user to check what kind of traffic happens between his User Agent 
>and a Web server, of course, there is a balance to find between risks you 
>take in being sniffed by external parties and risk you take by not knowing 
>the potentially security and/or privacy invasive data that can be uploaded 
>to a "secure" site.

Users can ask their user agent to tell them what the traffic is, and
where user agents lack such a feature you can typically set up a proxy
like http://mitmproxy.org/ and intercept traffic at that level.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 

Received on Monday, 5 December 2011 16:31:38 UTC