W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

Re: ISSUE PROXY-AUTHORIZATION: Proposal wording

From: Roy T. Fielding <fielding@kiwi.ics.uci.edu>
Date: Wed, 09 Jul 1997 16:53:00 -0700
To: Koen Holtman <koen@win.tue.nl>
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <9707091702.aa16392@paris.ics.uci.edu>
>>The only thing that HTTP cares about is that all HTTP
>>messages in and out of the proxy are compliant with the protocol.
>
>No.  HTTP/1.1 goes to greath lengths to define the relation between
>the messages in and out of a proxy, and it does this so that people can
>come together and say `we now trust each other to use a plain HTTP/1.1
>proxy without any extensions'.

I don't know where you got that idea.  HTTP/1.1 defines how to format
and parse valid messages, what the semantics are for each protocol
element of those messages, and the range of possible responses to
those semantics.  The HTTP spec is not supposed to dictate application
requirements (i.e., what the application intends to do), though I know
of several places where it does so in spite of my objections; it is
supposed to only provide an unambiguous protocol for describing the
semantics of what the sender is trying to say.

There is no requirement that a proxy be transparent, just as there
is no requirement for a gateway to be transparent.  The only real
requirements are that it not change the semantics of the request
(by modifying the method or URL) and that it use the Via header field
when forwarding via HTTP (so that the hop is visible).

It is possible to define the requirements for a completely transparent
proxy, but those requirements are not about HTTP; they are about the
application and belong in an implementation spec.

.....Roy
Received on Wednesday, 9 July 1997 17:10:29 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:46 EDT