Re: RFC2617, digest domains from Henrik Nordstrom on 2007-06-12 (ietf-http-wg@w3.org from April to June 2007)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Tue, 12 Jun 2007 05:36:56 +0200
To: lists@ingostruck.de
Cc: "etf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-Id: <1181619416.31284.11.camel@henriknordstrom.net>

mån 2007-06-11 klockan 23:15 +0000 skrev lists@ingostruck.de:

> I would say that this means that for "no value" both
> http://foo.com and https://foo.com are the same protection space,
> because they inevitably refer to the same server (apart from technical
> fancy foods like transparent nat a/o transparent proxying).

Do they? Those two URLs refer to different services (ports) on the same
IP.. It's obviously the same IP, but is it the same server?

Yes, it's quite common that the same content is available via both and
that both services is under the same administrative realm or even same
server software instance, but not guaranteed by any means.

Would you also consider http://www.example.com/ and
http://www.example.com:8080/ as the same server?  I don't..  For me the
server is identified by scheme://host:port  (or just host:port, wich
scheme just telling what protocol is run on that port)

Regards
Henrik

Received on Tuesday, 12 June 2007 03:37:05 UTC