W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

Re: Backwards compatibility

From: Roberto Peon <grmocg@gmail.com>
Date: Tue, 3 Apr 2012 00:13:34 -0700
Message-ID: <CAP+FsNehwRVUas8sKvZXk-wZFQ3YVt6gDEgCemDC_iR_tj48iw@mail.gmail.com>
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: ietf-http-wg@w3.org
On Mon, Apr 2, 2012 at 7:28 PM, Amos Jeffries <squid3@treenet.co.nz> wrote:

> On 03.04.2012 09:32, Roberto Peon wrote:
>
>> On Mon, Apr 2, 2012 at 10:56 AM, Peter Lepeska wrote:
>>
>>  Big bites do seem to go down easier than lots of little ones. The problem
>>> is that SPDY is eating *two* shit sandwiches, trying to make the web
>>>
>>> both fast and secure, at the same time. This bite is more than most can
>>> chew and so adoption will be much slower b/c of the SSL requirement, in
>>> my
>>> opinion.
>>>
>>
>>
>> Really? I'd say it was two delicious ingredients, personally. I also think
>> that assuming that deployment is greatly suffering is not validated by
>> real-world experience.
>>
>>
> in the past few months there has been a noticeable increase in queries
> about:
> * how to decrypt CONNECT tunnels to port 443
> * how to implement MITM of port 443 for filtering
>

The former of these has nothing to do with current SPDY deployments.
The latter could, but is likely for significantly more than just SPDY.


>
> followed shortly after by:
> * how to force port-443 traffic through the proxy without breaking
> non-HTTPS traffic on that port
> * how to decrypt CONNECT traffic without breaking VoIP tunnels and other
> non-HTTPS CONNECT traffic
> * how to force https:// to http:// by the browser, then reverse it at the
> proxy outgoing to https://
> * how to force http:// to https:// by the browser, then reverse it at a
> proxy outgoing to http:// again
>
> then more recently these have started coming in:
> * why some recent browsers are doing things without being logged by proxy
> monitors (use of SPDY/WebSockets connections?)
>
> Now you tell us there is no suffering...
>

None of these requests is SPDY specific. All of them could be correlated
with various sites switching to actually using HTTPS traffic.

I said that it doesn't appear to be hampering deployment.

-=R


>
> AYJ
>
>
>
Received on Tuesday, 3 April 2012 07:14:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:59 GMT