IETF Logo Mail Archive

Re: New Version Notification for draft-nottingham-proxy-explanation-00.txt

Amos Jeffries <squid3@treenet.co.nz> Tue, 01 March 2016 02:57 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCFCA1A8F4E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Feb 2016 18:57:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qeGCx3u5MBp7 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Feb 2016 18:57:41 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADB001A8F4D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 29 Feb 2016 18:57:41 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aaaQt-0007ux-4O for ietf-http-wg-dist@listhub.w3.org; Tue, 01 Mar 2016 02:53:07 +0000
Resent-Date: Tue, 01 Mar 2016 02:53:07 +0000
Resent-Message-Id: <E1aaaQt-0007ux-4O@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <squid3@treenet.co.nz>) id 1aaaQn-0007uG-MR for ietf-http-wg@listhub.w3.org; Tue, 01 Mar 2016 02:53:01 +0000
Received: from [121.99.228.82] (helo=treenet.co.nz) by lisa.w3.org with esmtp (Exim 4.80) (envelope-from <squid3@treenet.co.nz>) id 1aaaQk-0006Ca-HG for ietf-http-wg@w3.org; Tue, 01 Mar 2016 02:53:01 +0000
Received: from [192.168.20.251] (unknown [121.98.45.158]) by treenet.co.nz (Postfix) with ESMTP id A414AE6F1E for <ietf-http-wg@w3.org>; Tue, 1 Mar 2016 15:52:24 +1300 (NZDT)
To: ietf-http-wg@w3.org
References: <20160217003812.7831.6278.idtracker@ietfa.amsl.com> <56F7C2DF-06AA-477C-8515-C152CC3A56A4@mnot.net> <CA+9kkMC1Tce=eohXFSZfrD9cpJHOMOMKtoYqVbvUY3EwbboTqg@mail.gmail.com> <8BD7C79F-6882-43E5-B706-FA3335DBAA73@mnot.net> <CA+9kkMC_y9Ubha4ESCBuzU85UUQs8K4VGme81kJmjx+2v_3cTw@mail.gmail.com> <0817613D-A09F-4FE3-B4D5-B78749D015B2@mnot.net>
From: Amos Jeffries <squid3@treenet.co.nz>
Message-ID: <56D503E8.3020200@treenet.co.nz>
Date: Tue, 01 Mar 2016 15:52:24 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <0817613D-A09F-4FE3-B4D5-B78749D015B2@mnot.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=121.99.228.82; envelope-from=squid3@treenet.co.nz; helo=treenet.co.nz
X-W3C-Hub-Spam-Status: No, score=-4.2
X-W3C-Hub-Spam-Report: AWL=-1.092, BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1aaaQk-0006Ca-HG 2dd6a16e0d715c8b08aae1a6cde59b68
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-proxy-explanation-00.txt
Archived-At: <http://www.w3.org/mid/56D503E8.3020200@treenet.co.nz>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31123
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 1/03/2016 1:38 p.m., Mark Nottingham wrote:
> 
>> On 1 Mar 2016, at 11:00 AM, Ted Hardie wrote:
>> 
>> On Mon, Feb 29, 2016 at 3:49 PM, Mark Nottingham wrote:
>> 
>>> The document says that "Clients MAY selectively support this
>>> media type. For example, an implementation might deem it only
>>> useful (or safe) in CONNECT requests."  Given the other
>>> restrictions, I don't use case outside of CONNECT, and I would
>>> normally say that you shouldn't send an accept header where
>>> you're not willing to receive the type; am I missing some of your
>>> thinking here?
>> 
>> Interception proxies.
>> 
>> So, a client should send this accept request with all queries in
>> case there is a friendly enough man in the middle to tell them that
>> the traffic is being prevented and why?  I can't picture that being
>> the right trade-off, personally, but I'd be interested in whether
>> this sounds plausible to other folk.
> 
> Yeah, I doubt it too. It could be that we end up specifying it just
> for CONNECT.
> 
> I wanted to get an indication of implementer interest before I went
> too far into tweaking it, though...

FWIW; The "Accept: */*" header which is already very popular covers all
mime types including this one.

If we are intending this to be used to expose MITM in a clean way. Then
it does need to be spec'd for use on any method even if doing the IETF
thing of 'ignoring' MITM existence in the texts.

Also the worst display related issues are with browsers. Their current
behaviour is to not show anything at all from a CONNECT response
regardle of whether its an error or not.  So backward compatibility
there is already a non-issue - the JSON payload will be silently dropped
by the most problematic clients.

Amos

v2.23.0 | Report a Bug | By Email