On Dec 1, 2010, at 1:30 AM, William A. Rowe Jr. wrote: > On 11/26/2010 6:55 AM, Greg Wilkins wrote: >> >> And do you get similar feeling to think about using the CONNECT method >> to establish tunnels for arbitrary protocols? > > CONNECT suffers from the same issues you identify is deploying a new port. > Namely, http servers will reject those requests. Leveraging CONNECT > successfully would require additional HTTP-level authentication to identify > users and prevent abuse (as most proxies do). Restructuring the internet, > whether it is adding a new port to unblock, or permitting specific classes > of CONNECT traffic, would be a similar battle. Perhaps more to the point, CONNECT is a method that is only allowed to be sent to a client-side proxy server. Deliberately sending it in other HTTP messages would be a violation of its method semantics and the HTTP/1.1 syntax (because its unusual target syntax is only allowed when sent to a proxy). ....RoyReceived on Wednesday, 1 December 2010 17:45:39 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:33 GMT