Re: Cacheable extension methods (was: an idempotent idea)

Roy Fielding:
> >	A proxy cannot forward a method it doesn't understand.
Shel Kaphan:
> >Why not?  It seems to me this places an unnecessary limitation on the
> >protocol without reason.  (OK, you might have a reason, but you didn't
> >state it, and it isn't obvious).
Roy:
> Because the semantics of the method determine whether or not the
> request contains content and/or the response contains content,
> and whether or not the request is intended for the immediate
> server (possibly a proxy), all servers along the request route,
> or just the origin server.
See an other message from Shel about this.
> No firewall proxy will ever forward an action that it doesn't
> know the consequences of.  In order to experiment with new methods,
> all servers along the request/response chain must have a common
> understanding of the semantics of the method.
I'm using the plug-gw from TIS firewall toolkit to gateway NNTP since may.
(I have a 2-5 node LAN, and I use Netscape to read news.
I need the gateway because my LAN is not advertised by any routing protocol
- I even choosed IP addresses for the LAN, belonging to private address range.)
Now I installed the same plug-gw to forward HTTP. 
When I configure lynx to use http proxy at 10.1.2.3:8083 (plug-gw)
instead of 10.1.2.3:8080 (cern-httpd),
should I consider a HTTP GET request as a security risk?
(both proxies are configured to connect to the same outer proxy.)
(in flame mode - yes, but really no.)
And should I consider a HTTP BLAH request as a security risk?
And how about a GET request with state-info extension?
(or, using netscape, a GET with netscape cookie extension?)
And what should I think, when I change back to cern-httpd?
And what happens, when my wife does the same?
(malfunction - my wife will get the response, sent to me and cached by
cern-httpd, if the response does contain a valid last-modified header field.)

And finally, what we should think about HTTP extensions and extension methods?
(Sorry for provocation, but I really have fewer anwers than questions now.)

Andrew. (Endre Balint Nagy) <bne@bne.ind.eunet.hu>

Received on Monday, 11 September 1995 20:16:45 UTC