WPD Proxy Discovery IETF 91 – Nov 2014 William Chow [email protected] 1 Background: Web Proxy Description I-D • Core Features [link to I-D] – Defines URI “web-proxy-desc” per RFC 5785 – JSON file format (abbreviated): { “name” : “proxy1”, “proxies”: [ { “host”: “proxy1.example.com”, “port”: 8080, } ] } • Key Aspects – Explicitly configured proxy for HTTP, not HTTPS/MITM – Well-known URI, but not fully qualified URL • https://??authority??/.well-known/web-desc-proxy 2 Proxy Scenarios with Simple WPD Associations Probe a pre-configured/whitelisted WPD Authority Operator proxy associated to device P Core Internet Origin Cloud proxy associated to app (e.g. browser) P Hotspot Internet Origin 3 Proxy Scenarios with Dynamic WPD Associations No access without enabling work proxy P Office User experience slower by 4X without optimization P Inflight/Satellite Data bill higher by 3X without enabling proxy P Personal: MiFi, USB 4 User Discovery of Network-specific WPD +-------+ +------+ +----------+ +-----+ +----------+ |Origin | |Client| | WiFi AP | |Proxy| |WPD Server| |Server | +--+---+ +----+-----+ +-----+ +----------+ +---+---+ |Device connects to | | | | |WiFi access point | | | | |------------------->| | | | | | | | | |UA: captive portal | | | | |detect/login | | | | (layer 7) HTTP-only |------------------->| | | | discovery | | | | | enables broad-based app | | | | | |UA: GET http://*/<WPDURI> | Redirect | | implementation |-------------------------------------. | | | | | | | | .--<------------------------------------' | | | |UA: GET https://<WPDAUTH>/<WPDURI> | | | '-|---------------------------------------------->| | | | | | | Secure authentication | | | | | of WPD file Authorization |UA: set up TLS connection | | | of WPD |---------------------------------->| | | | | | | authority via | | | | | | whitelist or |UA: send HTTP/s requests |Proxy: forwards | user opt in |---------------------------------->|------------------------->| | | | | | 5 Thank You • Internet-Draft – http://tools.ietf.org/html/draft-chow-httpbis-proxy-discovery00 • Authors – William Chow • Mobolize • Email: [email protected] – Sanjay Mishra • Verizon Communications • Email: [email protected] – James McEachern (editor) • ATIS • Email: [email protected] 6
© Copyright 2024