W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

Re: Backwards compatibility

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 03 Apr 2012 14:28:45 +1200
To: <ietf-http-wg@w3.org>
Message-ID: <04cd156011df446f37d948bd422e1a15@treenet.co.nz>
On 03.04.2012 09:32, Roberto Peon wrote:
> On Mon, Apr 2, 2012 at 10:56 AM, Peter Lepeska wrote:
>
>> Big bites do seem to go down easier than lots of little ones. The 
>> problem
>> is that SPDY is eating *two* shit sandwiches, trying to make the web
>> both fast and secure, at the same time. This bite is more than most 
>> can
>> chew and so adoption will be much slower b/c of the SSL requirement, 
>> in my
>> opinion.
>
>
> Really? I'd say it was two delicious ingredients, personally. I also 
> think
> that assuming that deployment is greatly suffering is not validated 
> by
> real-world experience.
>

in the past few months there has been a noticeable increase in queries 
about:
* how to decrypt CONNECT tunnels to port 443
* how to implement MITM of port 443 for filtering

followed shortly after by:
* how to force port-443 traffic through the proxy without breaking 
non-HTTPS traffic on that port
* how to decrypt CONNECT traffic without breaking VoIP tunnels and 
other non-HTTPS CONNECT traffic
* how to force https:// to http:// by the browser, then reverse it at 
the proxy outgoing to https://
* how to force http:// to https:// by the browser, then reverse it at a 
proxy outgoing to http:// again

then more recently these have started coming in:
* why some recent browsers are doing things without being logged by 
proxy monitors (use of SPDY/WebSockets connections?)

Now you tell us there is no suffering...

AYJ
Received on Tuesday, 3 April 2012 02:29:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:59 GMT