- From: Foteos Macrides <MACRIDES@sci.wfbr.edu>
- Date: Fri, 19 Sep 1997 23:02:13 -0500 (EST)
- To: fielding@kiwi.ics.uci.edu
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, luotonen@netscape.com
"Roy T. Fielding" <fielding@kiwi.ics.uci.edu> wrote: >> Does anyone familiar with the CONNECT method have a serious >>objection to its being considered as a standards track method, not >>necessarily for the impending HTTP/1.1 RFC, but eventually to be >>merged into an HTTP RFC? > >I have no objection to it, provided that the security concerns are >adequately described, but in that case it should not be published as >an Informational RFC (since that is not standards track). Instead, >it should be submitted to the WG for addition to HTTP/1.1 (assuming >Larry agrees that it is appropriate to do so). > >BTW, it is also implemented in the Apache proxy, but I don't know >if that implementation works correctly yet. The -08 draft defines tunneling, discusses it at length, but offers no method name and specs for actually doing it. CONNECT is widely implemented, in itself is not a "munition", and all that's needed is formal IETF specs to help ensure that the various implementations are interoperable (with a standard description of the security concerns) -- basically just editoral board polishing of Ari's draft. Fote ========================================================================= Foteos Macrides Worcester Foundation for Biomedical Research MACRIDES@SCI.WFBR.EDU 222 Maple Avenue, Shrewsbury, MA 01545 =========================================================================
Received on Friday, 19 September 1997 20:06:59 UTC