W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

Re: Upgrading to TLS Within HTTP

From: Rohit Khare <rohit@bordeaux.ics.uci.edu>
Date: Mon, 16 Mar 1998 20:52:56 GMT
To: Tim Dierks <timd@consensus.com>
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <9803161227.aa05673@paris.ics.uci.edu>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5475
Mea culpa --

Section 13.5.1 clearly indicates that Upgrade is a hop-by-hop header.
And that's a pretty embarassing oversight in my proposal. 

In fact, the behavior *is* hop-by-hop, since intervening proxies have
to convert to tunnels upon receiving a "101 Switching to TLS"
response. Deploying this solution requires updated support in the
entire chain, even if it's as minor as:

	"Proxies which support TLS-tunneling MUST relay any TLS/x.y
	Upgrade request onward in its subsequent request"

In other words, unlike other Upgrade tokens that might be defined, this 
one requires you to pass along the request in all cases. 

I have updated the online version of that paper accordingly
Changes are in red; note also that the new error code 418, Upgrade Required,
is a general-purpose HTTP response.


(This discussion concerns HTTP, so that's the one list replies are directed to)
Received on Tuesday, 17 March 1998 03:07:32 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC