W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1999

Https proxies - was Re: http proxy & tunnel differences ??

From: <douglas.e.reed@att.net>
Date: Tue, 26 Oct 1999 19:10:14 +0100 (BST)
To: "Roy T. Fielding" <fielding@kiwi.ICS.UCI.EDU>
Cc: Scott Lawrence <lawrence@agranat.com>, Vinit Kumar <kumar_vinit@hotmail.com>, http-wg@hplb.hpl.hp.com
Message-Id: <19991026180703.YYD12296@webmail.worldnet.att.net>
This looks like an opportunity to expand my understanding
on https proxies as well. When a client issues a CONNECT
request to a proxy, the proxy creates a connection to
the remote site, and the proxy returns an HTTP 200 
response to the client. From that point, the client
and remote site exchange data through the proxy. My 
question is what is that data? Does the client have to
issue a full SSL handshake over the connection, or can
the client just send data. In other words, what happens
after the CONNECT from a client's perspective. 

Regards,
Doug
--
-----------------------------------------------------
Doug Reed	
mailto:douglas.e.reed@worldnet.att.net
-----------------------------------------------------	
> >> A proxy works by taking a request from a client and
> >> connecting to the origin
> >> server indicated in the request.  Here the client is configured to go
> >> through the proxy.
> >
> >Actually, the client may or may not know about the proxy.
> 
> The client always knows about the proxy -- that is what distinguishes
> a proxy from a gateway.  A "reverse proxy" is a gateway.
> 
> >> How does a http tunnel work. Is the initial connection similar ?
> >> Does a client (browser) need to configured differently when
> >> it goes through
> >> a tunnel or is it same as the configuration required when it
> >> goes through
> >> the proxy ? Are there to separate tcp connections for each
> >> request even in a
> >> tunnel ?
> 
> Some tunnels are activated by a proxy request, some are simply
> port forwarding TCP firewalls (either on the client side or the
> server side, or both), and others are gateways to other servers.
> The important thing from HTTP's perspective is that once an
> intermediary becomes a tunnel, it is no longer conscious of the
> HTTP communication -- only of bytes being relayed from one connection
> to another.
> 
> ....Roy
> 
Received on Friday, 29 October 1999 14:43:55 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:34 EDT