Vidya, On 10/30/13 10:47 PM, Vidya Narayanan wrote:
> > This document covers the case where a client and server wish to > exchange traffic over a channel that is either end-to-end secure or is > point-to-point secured to an authorized middle box. The threats it > addresses are those due to unauthorized middle boxes and provides > guidelines and goals to make those detectable by the endpoints, > including the user. Who gets to do the authorizing? Does the infrastructure owner get a say how her infrastructure is used? But before we go too far, where should this discussion really take place? Here or in httpbis? Eliot _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
