W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1999

RE: Upgrading to TLS Within HTTP/1.1 draft available

From: Scott Lawrence <lawrence@agranat.com>
Date: Mon, 28 Jun 1999 07:49:11 -0400
To: "Http-Wg@Hplb. Hpl. Hp. Com" <http-wg@hplb.hpl.hp.com>
Message-ID: <005c01bec15c$3d152320$954768c0@oyster.agranat.com>

> From: John Stracke
> Subject: Re: Upgrading to TLS Within HTTP/1.1 draft available
>
> Scott Lawrence wrote:
>
> > Upgrade header to signal a change to HTTP over TLS on the current
> > connection, allowing secured operation without using a separate port.
>
> Is this necessary? Can you use the CONNECT method instead? (I
> know it's not
> actually defined in RFC2616--it's just reserved--but it is
> implemented, and
> it'd be easier to codify existing practice than to come up with a new
> mechanism.)

It really isn't a new mechanism in the sense that this kind of change from
one protocol to another was exactly what the Upgrade header was included in
HTTP to accomplish; it's just that the specifics of how to use it were not
spelled out in the spec.

The CONNECT mechanism is really trying to do something different.  It
creates a tunnel through an existing proxy, but doesn't signal the protocol
to be used end-to-end on that connection.

Part of the goal here is to show how secured and unsecured traffic in any
protocol can share a TCP well known port, so that we can get away from
assigning two ports to each protocol.

--
Scott Lawrence           Director of R & D        <lawrence@agranat.com>
Agranat Systems, Inc.  Embedded Web Technology   http://www.agranat.com/
Received on Monday, 28 June 1999 12:53:35 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:31 EDT