rog...@queernet.org wrote:
> Michael Graham wrote:
> > As MITM proxies in school/business seem to be pretty common in the
> > US and the UK.
> 
> I bet your proxy firewall does it too.

I bet not!  I think you are confusing https with http.  We are talking
about https here not http.  And even then I don't know of any consumer
grade firewalls that configure an http proxy by default.  Those tend
to only be in industrial grade systems for larger sites for bigger
companies and campuses.  I bet you are thinking of those http proxies.

In regards to this when I am setting up a web form I always set up the
form using https now.  I have too many times had to deal with broken
company proxies that mangled http POST data.  I could name names but I
would be violating confidentiality agreements.  I saw one that was so
broken with mangled POST data that I couldn't believe it was working
for anyone for anything.  Wow it was bad.  Not to mention the normal
mundane problems routinely seen of stale cached pages and so forth
that everyone runs into sometime.

Having been hurt before I now only use https for any web form entry
even trivial stuff not needing security or privacy.  I now use https
specifically to avoid broken http proxies in between user and server.
So far I haven't yet run into anyone with a fake CA MITM proxy in
between yet.  But I am sure it will happen eventually.

Bob

Attachment: signature.asc
Description: Digital signature

Reply via email to