LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

HTTPS interception in Nokia's mobile browser

HTTPS interception in Nokia's mobile browser

Posted Jan 29, 2013 13:43 UTC (Tue) by nim-nim (subscriber, #34454)
In reply to: HTTPS interception in Nokia's mobile browser by khim
Parent article: HTTPS interception in Nokia's mobile browser

It does not work exactly the same way.

With mail you can say 'you are on a restricted network, use smtp server foo as relay, everything else will be blocked' (and then the user can choose to use the relay or not, and the relay can choose to relay or not depending on its settings)

With http you have to MITM to get the same result.

(Log in to post comments)

HTTPS interception in Nokia's mobile browser

Posted Jan 29, 2013 13:49 UTC (Tue) by khim (subscriber, #9252) [Link]

With http you have to MITM to get the same result.

If you don't want to open encrypted message then simple routing rule will be enough and there are proxy autodiscovery mechanisms, if you do want to open encrypted message then you must somehow convince me to replace key in my PGP or S/MIME client - the same as with HTTPS.

So I can not see the difference. Well, except for one: you need to specify relay for the mail, while proxy can be autodiscovered. I don't think it such a big difference.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds