"Roy T. Fielding" <fielding@kiwi.ics.uci.edu> wrote: >> Does anyone familiar with the CONNECT method have a serious >>objection to its being considered as a standards track method, not >>necessarily for the impending HTTP/1.1 RFC, but eventually to be >>merged into an HTTP RFC? > >I have no objection to it, provided that the security concerns are >adequately described, but in that case it should not be published as >an Informational RFC (since that is not standards track). Instead, >it should be submitted to the WG for addition to HTTP/1.1 (assuming >Larry agrees that it is appropriate to do so). > >BTW, it is also implemented in the Apache proxy, but I don't know >if that implementation works correctly yet. The -08 draft defines tunneling, discusses it at length, but offers no method name and specs for actually doing it. CONNECT is widely implemented, in itself is not a "munition", and all that's needed is formal IETF specs to help ensure that the various implementations are interoperable (with a standard description of the security concerns) -- basically just editoral board polishing of Ari's draft. Fote ========================================================================= Foteos Macrides Worcester Foundation for Biomedical Research MACRIDES@SCI.WFBR.EDU 222 Maple Avenue, Shrewsbury, MA 01545 =========================================================================Received on Friday, 19 September 1997 20:06:59 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:01 EDT