@techreport{reschke-objsec-01,
    number =    {draft-reschke-objsec-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-reschke-objsec/01/},
    author =    {Dan Druta and Thomas Fossati and Marcus Ihlar and Guenter Klas and Diego Lopez and Julian Reschke},
    title =     {{A Rationale for Fine-grained Intermediary-aware End-to-End Protocols}},
    pagetotal = 11,
    year =      2014,
    month =     oct,
    day =       27,
    abstract =  {A tremendous growth in different uses of the Internet has let to a growing need to protect data sent over public networks, including data sent via http. Use of end-to-end TLS for the majority of traffic looks at first a most feasible response. However, the web architecture has become more sophisticated and as it has now gone beyond the simple client-server model, the end-to-end used of TLS is increasingly showing its downside. The end-to-end use of TLS excludes the use of beneficial intermediaries such as use of caches or proxies that provide instrumental services. Then need for greater privacy seems to collide with the equally growing desire for better end-to-end performance and user experience. As an example, the use of HTTP/TLS often appears to maximise the benefit for the combination of both. This document describes the above dichotomy and lays out a number of objectives of what can ideally be achieved, namely catering for sufficient security and privacy whilst providing users with the opportunity to make use of intermediaries' services where considered beneficial. This document introduces a number of potential solutions towards use of suitable protocol mechanisms and data formats. End- to-end protocols which are aware of intermediaries should enable users and/or content providers to exercise fine-grained control over what intermediaries should be able to do and what exposure to data or metadata they shall be permitted to get. The document then highlights anticipated benefits to key stakeholders such as users, content providers and intermediaries. As elements such as object security can play a useful role, this document encourages the analysis of related work to discern their applicability, limitations, and coverage of use cases. Such an effort may us espouse innovation to frame an overall architecture and motivate more detailed work on protocols and mechanisms in the future.},
}