W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2017

Re: Call For Adoption HTTPbis BCP56bis

From: <nicolas.mailhot@laposte.net>
Date: Thu, 12 Oct 2017 20:15:56 +0200 (CEST)
To: Patrick McManus <pmcmanus@mozilla.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <1880204744.950712.1507832156391.JavaMail.zimbra@laposte.net>
Hi,

I'd say that 4.3.3. Transport Ports is overly lax and outdated.

One would be most insane to rely on transport ports to distinguish application’s traffic for operational reasons nowadays. It's just too easy for Joe random developper (or Bill random hacker) to squat any given port with something else, vendors always think you should only buy their stuff so it's not a problem if they reuse the competitor's port for something else, all of them feel 8080, 9443 or variations on those is completely innovative with no collision risk and so on.

Relying on special ports only works in strongly controlled networks. But if you control the network to this level, you can use specific DNS rules, separate VLans or IP ranges without breaking all the HTTP(s) infrastructure by switching ports.

Regards,

-- 
Nicolas Mailhot
Received on Thursday, 12 October 2017 18:21:19 UTC

This archive was generated by hypermail 2.3.1 : Monday, 9 September 2019 17:48:38 UTC