DSKPP review brings up HTTPSubstrate-16 ISSUE-16; [URNsAndRegistries-50 ISSUE-50]

This recent IESG review suggests lots of interesting resources
shouldn't have http: URIs. I'm just starting to look into
it, so I haven't decided whether I agree...


"At this point it's inevitable we'll end up with intrusive firewalls on
port 80 that will break anything beyond stock browser-based HTTP. "
 -- Chris Newman 21 Sep 2007
 http://www1.ietf.org/mail-archive/web/apps-review/current/msg00084.html

"I'll give two examples of HTTP-based protocols with separate ports
where that was clearly the right technical choice in my opinion:
IPP: RFC 2910
SIP: RFC 3261

I'll also mention that the Mail Submission protocol runs on port 587
primarily, but can also run on port 25. That's a practical way to (1)
remain backwards compatible with deployed usage or limitations. (2)
provide a separate port when it's helpful to avoid middle-box
restrictions on an overused/abused port like port 25.

It's my technical opinion there should be a separate port registered for
HTTP access to information used to validate security credentials (CRLs,
OCSP, etc) with port 80 as a fallback for situations where the separate
port can't be used and for legacy use."
http://www1.ietf.org/mail-archive/web/apps-review/current/msg00095.html


The thread continues; for example, Newman in reply to Hallam-Baker...
http://www1.ietf.org/mail-archive/web/apps-review/current/msg00097.html

-- 
Dan Connolly, W3C http://www.w3.org/People/Connolly/
gpg D3C2 887B 0F92 6005 C541  0875 0F91 96DE 6E52 C29E

Received on Wednesday, 17 October 2007 21:37:25 UTC