W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: [hybi] workability (or otherwise) of HTTP upgrade

From: Jack Moffitt <jack@collecta.com>
Date: Thu, 09 Dec 2010 04:11:29 +0000
Message-ID: <AANLkTi=k0Czvm_pW=N3zPAGZdKyqZGduGJUp8dk3PByX@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Bjoern Hoehrmann <derhoermi@gmx.net>, hybi HTTP <hybi@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
One path is to combine the separate port idea along with the
encryption based approach. On the WebSocket port, you could avoid all
the intermediary issues, but perhaps be limited by firewalls.
However, you would not need any obfuscation and could easily use
sendfile().  On the TLS port you use NPN to get a WebSocket that is
not going to cause security problems with intermediaries.

For the short term, we get WebSocket on the port with the highest
success rate, and in the long term, we have firewalls accepting the
new port as killer applications make people care.

If we're going to lose the sendfile(), why not go the rest of the way?
Or is there something I'm missing in the port 80 but just XORed case?

jack.
Received on Thursday, 9 December 2010 07:20:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:33 GMT