W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2009

Re: #179: Relax Via MUST

From: Adrien de Croy <adrien@qbik.com>
Date: Fri, 17 Jul 2009 18:40:41 +1200
Message-ID: <4A601CE9.5010805@qbik.com>
To: "Roy T. Fielding" <fielding@gbiv.com>
CC: Mark Nottingham <mnot@mnot.net>, Henrik Nordstrom <henrik@henriknordstrom.net>, HTTP Working Group <ietf-http-wg@w3.org>

I think it might have been me that raised this issue a while back

I agree it needs to be closed with no action.

Taking it out breaks too much stuff.

The original query related to customers who have unreasonable ISPs who 
don't want customers to run proxies to get more use out of their link, 
these customers didn't want there to be anything in their HTTP requests 
that would give away the existence of a proxy.

I think this case is probably best handled with an option (default off) 
to make the proxy "stealthy", which strictly speaking makes it broken 
(no outbound Via).  Inbound Via is another matter and doesn't have any 
privacy issues.

It's probably even less of an issue now with the prevalence of proxies 
for other purposes, even running on the local machine (e.g. some 
filtering / AV software installs a proxy for localhost).

Thanks

Adrien


Roy T. Fielding wrote:
> On Jul 16, 2009, at 5:13 PM, Mark Nottingham wrote:
>
>> I'm fine closing this with no action; IIRC the previous discussion 
>> was leaning towards removing the requirement.
>>
>> Others?
>
> There is no way we can remove the requirement without removing
> half a dozen other features.  Intermediaries that don't send
> Via are broken and will continue to be broken even if the
> requirement doesn't exist.
>
> ....Roy
>
>

-- 
Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Friday, 17 July 2009 06:37:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:07 GMT