* Vidya Narayanan wrote: >I may be missing something here, but your wording seems to suggest that the >user may not trust the server? If so, that is definitely not the targeted >case under discussion. The assumption here is that the client (and hence >the user) and the server trust each other, but they don't necessarily trust >all middleboxes.
You buy a smartphone. You come to suspect it may have a bug that makes it send encrypted data over the wire it should not be sending. You con- figure a MITM proxy and try to trigger the bug. You detect the phone starts sending data to a server, but the server cuts the connection as it detects the proxy. So you cannot verify what the smartphone actually sends, you are not in control. "Privacy" and end-to-end security require the user to be in control, so that a server "cannot refuse to serve sensitive content over a proxied connection" is a good thing, while you list it as a problem. My suggestion was to include a Goal to ensure that users are in control. -- Björn Höhrmann · mailto:[email protected] · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
