Re: Intercepting proxies - yet again
Nicolas mailhot <nicolas.mailhot@laposte.net> Thu, 07 March 2013 11:09 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33E6821F8D63 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 7 Mar 2013 03:09:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.354
X-Spam-Level:
X-Spam-Status: No, score=-3.354 tagged_above=-999 required=5 tests=[AWL=5.178, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, RCVD_NUMERIC_HELO=2.067]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3neDA1m4JAVn for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 7 Mar 2013 03:09:38 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id B129421F8D62 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 7 Mar 2013 03:09:38 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UDYg6-0008Vh-5X for ietf-http-wg-dist@listhub.w3.org; Thu, 07 Mar 2013 11:08:02 +0000
Resent-Date: Thu, 07 Mar 2013 11:08:02 +0000
Resent-Message-Id: <E1UDYg6-0008Vh-5X@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <gix-ietf-http-wg@m.gmane.org>) id 1UDYft-0008U8-EL for ietf-http-wg@listhub.w3.org; Thu, 07 Mar 2013 11:07:49 +0000
Received: from plane.gmane.org ([80.91.229.3]) by lisa.w3.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <gix-ietf-http-wg@m.gmane.org>) id 1UDYfs-0004Sh-6f for ietf-http-wg@w3.org; Thu, 07 Mar 2013 11:07:49 +0000
Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from <gix-ietf-http-wg@m.gmane.org>) id 1UDYfq-0006Le-3M for ietf-http-wg@w3.org; Thu, 07 Mar 2013 12:07:46 +0100
Received: from 192.196.142.21 ([192.196.142.21]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-http-wg@w3.org>; Thu, 07 Mar 2013 12:07:46 +0100
Received: from nicolas.mailhot by 192.196.142.21 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-http-wg@w3.org>; Thu, 07 Mar 2013 12:07:46 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: ietf-http-wg@w3.org
From: Nicolas mailhot <nicolas.mailhot@laposte.net>
Date: Thu, 07 Mar 2013 11:07:11 +0000
Lines: 27
Message-ID: <loom.20130307T115424-976@post.gmane.org>
References: <emc512956a-b4be-4f35-8311-6ece7f9d0260@bombed>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: sea.gmane.org
User-Agent: Loom/3.14 (http://gmane.org/)
X-Loom-IP: 192.196.142.21 (Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0)
Received-SPF: pass client-ip=80.91.229.3; envelope-from=gix-ietf-http-wg@m.gmane.org; helo=plane.gmane.org
X-W3C-Hub-Spam-Status: No, score=-1.3
X-W3C-Hub-Spam-Report: AWL=-4.434, FREEMAIL_FROM=0.001, FSL_HELO_BARE_IP_2=2.896, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_NUMERIC_HELO=0.865, RP_MATCHES_RCVD=-0.628, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UDYfs-0004Sh-6f 63a62bb80b30f5e825a71e246498326d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Intercepting proxies - yet again
Archived-At: <http://www.w3.org/mid/loom.20130307T115424-976@post.gmane.org>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16983
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Adrien, You raise a lot of the same concerns than me yesterday. So I can only confirm the need to clean the Augean stables at the protocol level now and stop relegating it to some future date or other workgroup. The reason people deploy intercepting proxies now is not because there is any wish for massive surveillance, but because they work and alternatives don't. So please make the alternatives work. Till discovery, configuration and negotiation of intermediaries is properly specified in the protocol, the only working solution will be interception. Because interception is the technical solution that complies with the "intermediaries do not exist" situation created by not specifying how to manage intermediaries in the first place. Explicit proxies should not mean 'proxy was configured somewhere outside the protocol'. Client roaming is too complex to work with a static proxy definition and the only communication channel that is sure to exist between the client and the intermediary is http. Intermediary setup really needs to be dynamic and at the http level (and negotiated, so the user can decide if he accepts to use an intermediated network path or not). Thank you -- Nicolas Mailhot
- Intercepting proxies - yet again Adrien W. de Croy
- Re: Intercepting proxies - yet again Nicolas mailhot