- From: Scott Lawrence <lawrence@agranat.com>
- Date: Tue, 29 Jun 1999 13:10:04 -0400
- To: John Stracke <francis@ecal.com>, "Http-Wg@Hplb. Hpl. Hp. Com" <http-wg@hplb.hpl.hp.com>
> From: francis@ariel.local.thibault.org On Behalf Of John Stracke > > Scott Lawrence wrote: > > > Part of the goal here is to show how secured and unsecured > traffic in any > > protocol can share a TCP well known port, so that we can get away from > > assigning two ports to each protocol. > > But aren't there security benefits to having separate ports > (e.g., making it > possible to run your secure server in a separate process)? There is nothing about the proposal that prevents that; I may run my secure server at http://www.example.com/ and the secure one at http://www.example.com:2000/ or the other way around. My server may use the IP address or a Host header value, or a part of the URL path to determine that the request needs to be upgraded to a secure connection. In any event, separate ports are orthogonal to separate processes; one does not imply or require the other. -- Scott Lawrence Director of R & D <lawrence@agranat.com> Agranat Systems, Inc. Embedded Web Technology http://www.agranat.com/
Received on Tuesday, 29 June 1999 10:16:54 UTC