W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

Re: Backwards compatibility

From: Roberto Peon <grmocg@gmail.com>
Date: Tue, 3 Apr 2012 00:13:34 -0700
Message-ID: <CAP+FsNehwRVUas8sKvZXk-wZFQ3YVt6gDEgCemDC_iR_tj48iw@mail.gmail.com>
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: ietf-http-wg@w3.org
On Mon, Apr 2, 2012 at 7:28 PM, Amos Jeffries <squid3@treenet.co.nz> wrote:

> On 03.04.2012 09:32, Roberto Peon wrote:
>> On Mon, Apr 2, 2012 at 10:56 AM, Peter Lepeska wrote:
>>  Big bites do seem to go down easier than lots of little ones. The problem
>>> is that SPDY is eating *two* shit sandwiches, trying to make the web
>>> both fast and secure, at the same time. This bite is more than most can
>>> chew and so adoption will be much slower b/c of the SSL requirement, in
>>> my
>>> opinion.
>> Really? I'd say it was two delicious ingredients, personally. I also think
>> that assuming that deployment is greatly suffering is not validated by
>> real-world experience.
> in the past few months there has been a noticeable increase in queries
> about:
> * how to decrypt CONNECT tunnels to port 443
> * how to implement MITM of port 443 for filtering

The former of these has nothing to do with current SPDY deployments.
The latter could, but is likely for significantly more than just SPDY.

> followed shortly after by:
> * how to force port-443 traffic through the proxy without breaking
> non-HTTPS traffic on that port
> * how to decrypt CONNECT traffic without breaking VoIP tunnels and other
> non-HTTPS CONNECT traffic
> * how to force https:// to http:// by the browser, then reverse it at the
> proxy outgoing to https://
> * how to force http:// to https:// by the browser, then reverse it at a
> proxy outgoing to http:// again
> then more recently these have started coming in:
> * why some recent browsers are doing things without being logged by proxy
> monitors (use of SPDY/WebSockets connections?)
> Now you tell us there is no suffering...

None of these requests is SPDY specific. All of them could be correlated
with various sites switching to actually using HTTPS traffic.

I said that it doesn't appear to be hampering deployment.


Received on Tuesday, 3 April 2012 07:14:08 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:02 UTC