>From a HTTP standpoint, they are the origin (i.e., endpoint). They just happen >to use HTTP "behind" them.
> On 15 Jul 2017, at 10:39 pm, Roland Zink <rol...@zinks.de> wrote: > > I think reverse proxies are middleboxes regardless if they have official > origin TLS certificates. From the TLS viewpoint they may be the endpoint > although from the HTTP viewpoint they are not. > > > Roland > > > > Am 15.07.2017 um 22:23 schrieb Salz, Rich: >>> A cache may be hired by a user, origin or even a network operator to act as >>> a >>> "front" to the origin. Is it not a middlebox because of this? It is a >>> question of >>> definition if a CDN is in the middle or the endpoint :) >> Yes. And I am saying that the definition doesn't include a CDN as a >> middlepoint. >> >> Do user-provided reverse proxies have official TLS certificates with a SAN >> field claiming to be the origin? > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- Mark Nottingham https://www.mnot.net/ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
