Re: HTTP Extensions Framework status?

At 18:14 1999/12/07 -0800, Roy T. Fielding wrote:

> That is why HTTP goes through firewalls.  Most of the extensions that
> have been proposed lately (aside from DAV and its ilk) have merely used
> HTTP as a way to move other application protocols through a firewall,
> which is a fundamentally stupid idea.  Not only does it defeat the purpose
> of having a firewall, but it won't work for the long term because firewall
> vendors will simply have to perform protocol filtering to continue their
> existance.  It therefore makes no sense to do those extensions on top of
> HTTP, since the only thing HTTP accomplishes in that situation is to add
> overhead from a legacy syntax.

Just an observation. I think the main reason why HTTP is still
chosen in this case is the following:

If you design your own protocol, then the default/initial firewall
behaviour is to shut it out. If you piggiback on top of HTTP, then
the default/initial behaviour is to pass things through.

There is probably a better chance to get people to use a protocol,
and to get security people understand a protocol, and set the
right restrictions, if at the start you can just use it.

Regards,   Martin.

#-#-#  Martin J. Du"rst, World Wide Web Consortium

Received on Tuesday, 7 December 1999 23:07:40 UTC