W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 2001

RE: Http Tunneling

From: Joris Dobbelsteen <joris.dobbelsteen@mail.com>
Date: Thu, 30 Aug 2001 11:23:40 +0200
To: "'Rompo Punyanitya'" <rpunyani@bigpond.net.au>
Cc: "WWW WG \(E-mail\)" <http-wg@cuckoo.hpl.hp.com>
Message-ID: <000901c13135$755fb9c0$0d0ba8c0@joris2k.local>
>-----Original Message-----
>From: Rompo Punyanitya [mailto:rpunyani@bigpond.net.au]
>Sent: Wednesday, 29 August 2001 11:46
>To: Joris Dobbelsteen
>Subject: Re: Http Tunneling
>
>  Doesn't it mean that HTTP tunneling is also act and serve the same
>functionalities as HTTP proxy then? I thought that the
>different between
>tunnel and proxy was , the tunnel will only forward the
>orginal request from
>client to the actual end server, but the proxy is allow to
>modify and change
>the client request to more suitable request then send it to
>the actual end
>server.

Somewhat, however you don't understand tunneling concept to well.

There is a difference between proxying and tunneling:

While acting as a proxy, you send a request to the proxy server, the same as
you whould send to the orgin server. The proxy server can modify/change the
request (even deny it or get it from cache).

A tunnel will establish a connection from you to the other end-point (orgin
server). This tunnel can be established through one one (or more) proxy
server(s), who should not inferfere with the information send through the
tunnel. To you it looks just like a normal TCP connection from you to the
other end-point (actual end server).

Some more background: tunneling was needed to establish a secure channel
between two end-points. The property of a secure channel is that nobody,
except the end-points, can send data over it and optionally cannot read it.
Both is the case with HTTPS.

- Joris

>
>Cheers.
>Rompo Punyanitya
>
>----- Original Message -----
>From: Joris Dobbelsteen <joris.dobbelsteen@mail.com>
>To: 'Yogesh Bang' <Y.Bang@zensar.com>
>Cc: WWW WG (E-mail) <http-wg@cuckoo.hpl.hp.com>
>Sent: Tuesday, August 28, 2001 8:50 AM
>Subject: RE: Http Tunneling
>
>
>> HTTP Tunneling is designed for Secure HTTP (HTTPS). A HTTP
>tunneling is a
>> method of going through a proxy server, without the proxy
>server itself
>> handling any data transmitted.
>> A tunnel can be established with the connect method:
>>
>> CONNECT <host>:<port> HTTP/1.1 <CRLF>
>> <CRLF>
>>
>> If the HTTP return code is 200 (OK), a connection is
>established. Now any
>> data transmitted is directly forwarded (by the proxy server) to the
>> end-point.
>>
>> Take note that most proxy server will only allow tunnels to port 443
>> (HTTPS), due to security restrictions. So they're not usable
>for anything
>> else than HTTPS. Some proxy servers (like the ISA server) can be
>configured
>> to interfrere with the data on the tunnel.
>> Contact the Proxy manual of admin.
>>
>> - Joris
>>
>> >-----Original Message-----
>> >From: Yogesh Bang [mailto:Y.Bang@zensar.com]
>> >Sent: Sunday, 26 August 2001 3:38
>> >To: 'http-wg@cuckoo.hpl.hp.com'
>> >Subject: Http Tunneling
>> >
>> >
>> >Hi There,
>> >
>> >While going through technical jargons, I came across this term
>> >'Http-Tunneling'. It is said that using this,it is possible to
>> >send data of any protocol through proxy over HTTP.Can any one
>> >tell me how
>> >this
>> >can be achieved? any sample code will provide good idea or
>> >send me the urls
>> >where
>> >I can get the basics of http-tunneling.
>> >
>> >Is it possible to tunnel complex protocols which are used
>by 'Microsoft
>> >Netmeeting',
>> >or AIM etc?
>> >
>> >Thanks in advance!!!
>> >
>> >yog
>> >
>> >
>>
>
>
Received on Thursday, 30 August 2001 10:21:34 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:44 EDT