On Wed, 2007-03-21 at 18:04 +0100, Stefan Bischof wrote: > > I am sure we will eventually see compromised or otherwise unfriendly > > ICAP servers that do nasty things. Such servers would love to do > nasty > > things "on behalf" of a client, using client identity if possible. > Thus, > > I have a problem with blindly copying sensitive client information > into > > requests generated (originated from) the ICAP server.
Sorry, but I don't see your point. An user who doesn't encrypt traffic end-to-end implicitly trusts all nodes that interconnect her to the origin server not to mess things up relatively to the sensitivity of the exchanged information. This means her PC, the firewall, the proxy, network switches, origin servers and content providers and so on. Any node along the chain could theoretically hijack traffic and steal her identity or perform actions on her behalf. In this regard I see the ICAP server not to be any different from a proxy server, of which it is simply an extension. I just fail to see any added security in not sending all the information that the proxy server has to the ICAP server. -- Kinkie <[EMAIL PROTECTED]>