- From: Scott Lawrence <lawrence@agranat.com>
- Date: Mon, 28 Jun 1999 07:49:11 -0400
- To: "Http-Wg@Hplb. Hpl. Hp. Com" <http-wg@hplb.hpl.hp.com>
> From: John Stracke > Subject: Re: Upgrading to TLS Within HTTP/1.1 draft available > > Scott Lawrence wrote: > > > Upgrade header to signal a change to HTTP over TLS on the current > > connection, allowing secured operation without using a separate port. > > Is this necessary? Can you use the CONNECT method instead? (I > know it's not > actually defined in RFC2616--it's just reserved--but it is > implemented, and > it'd be easier to codify existing practice than to come up with a new > mechanism.) It really isn't a new mechanism in the sense that this kind of change from one protocol to another was exactly what the Upgrade header was included in HTTP to accomplish; it's just that the specifics of how to use it were not spelled out in the spec. The CONNECT mechanism is really trying to do something different. It creates a tunnel through an existing proxy, but doesn't signal the protocol to be used end-to-end on that connection. Part of the goal here is to show how secured and unsecured traffic in any protocol can share a TCP well known port, so that we can get away from assigning two ports to each protocol. -- Scott Lawrence Director of R & D <lawrence@agranat.com> Agranat Systems, Inc. Embedded Web Technology http://www.agranat.com/
Received on Monday, 28 June 1999 12:31:15 UTC