Tunneling from Yogesh Bang on 2001-08-30 (ietf-http-wg@w3.org from July to September 2001)

From: Yogesh Bang <Y.Bang@zensar.com>
Date: Thu, 30 Aug 2001 17:32:52 +0530
To: "'http-wg@cuckoo.hpl.hp.com'" <http-wg@cuckoo.hpl.hp.com>
Message-ID: <B18845BC7DD0D411BEC000062938ECF43EA327@ent37ex00.zensar.com>
Hi ,

As per the discussions, it seems that PROXY can tunnel protocol on HTTP
Then why every proxy has different port for different protocols
(like FTP,SMTP,SOCKS etc).
Why not other protocols are tunneled over HTTP?

If my application (written in say VC++), wants to use HTTP-tunneling
what necessary and sufficient conditions it should have at Client and Server
ends.

There is still confusion on PROXING and HTTP-TUNNELING.
If HHTPS uses HTTP-TUNNELING and HTTP-TUNNELED data cant be seen by anybody,
why encryption is needed for that data (Digital certificates for HTTPS)?

Thanks in advance.

Yog

> -----Original Message-----
> From: Joris Dobbelsteen [mailto:joris.dobbelsteen@mail.com]
> Sent: Thursday, August 30, 2001 2:54 PM
> To: 'Rompo Punyanitya'
> Cc: WWW WG (E-mail)
> Subject: RE: Http Tunneling
> 
> 
> >-----Original Message-----
> >From: Rompo Punyanitya [mailto:rpunyani@bigpond.net.au]
> >Sent: Wednesday, 29 August 2001 11:46
> >To: Joris Dobbelsteen
> >Subject: Re: Http Tunneling
> >
> >  Doesn't it mean that HTTP tunneling is also act and serve the same
> >functionalities as HTTP proxy then? I thought that the
> >different between
> >tunnel and proxy was , the tunnel will only forward the
> >orginal request from
> >client to the actual end server, but the proxy is allow to
> >modify and change
> >the client request to more suitable request then send it to
> >the actual end
> >server.
> 
> Somewhat, however you don't understand tunneling concept to well.
> 
> There is a difference between proxying and tunneling:
> 
> While acting as a proxy, you send a request to the proxy 
> server, the same as
> you whould send to the orgin server. The proxy server can 
> modify/change the
> request (even deny it or get it from cache).
> 
> A tunnel will establish a connection from you to the other 
> end-point (orgin
> server). This tunnel can be established through one one (or 
> more) proxy
> server(s), who should not inferfere with the information send 
> through the
> tunnel. To you it looks just like a normal TCP connection 
> from you to the
> other end-point (actual end server).
> 
> Some more background: tunneling was needed to establish a 
> secure channel
> between two end-points. The property of a secure channel is 
> that nobody,
> except the end-points, can send data over it and optionally 
> cannot read it.
> Both is the case with HTTPS.
> 
> - Joris
> 
> >
> >Cheers.
> >Rompo Punyanitya
> >
> >----- Original Message -----
> >From: Joris Dobbelsteen <joris.dobbelsteen@mail.com>
> >To: 'Yogesh Bang' <Y.Bang@zensar.com>
> >Cc: WWW WG (E-mail) <http-wg@cuckoo.hpl.hp.com>
> >Sent: Tuesday, August 28, 2001 8:50 AM
> >Subject: RE: Http Tunneling
> >
> >
> >> HTTP Tunneling is designed for Secure HTTP (HTTPS). A HTTP
> >tunneling is a
> >> method of going through a proxy server, without the proxy
> >server itself
> >> handling any data transmitted.
> >> A tunnel can be established with the connect method:
> >>
> >> CONNECT <host>:<port> HTTP/1.1 <CRLF>
> >> <CRLF>
> >>
> >> If the HTTP return code is 200 (OK), a connection is
> >established. Now any
> >> data transmitted is directly forwarded (by the proxy server) to the
> >> end-point.
> >>
> >> Take note that most proxy server will only allow tunnels 
> to port 443
> >> (HTTPS), due to security restrictions. So they're not usable
> >for anything
> >> else than HTTPS. Some proxy servers (like the ISA server) can be
> >configured
> >> to interfrere with the data on the tunnel.
> >> Contact the Proxy manual of admin.
> >>
> >> - Joris
> >>
> >> >-----Original Message-----
> >> >From: Yogesh Bang [mailto:Y.Bang@zensar.com]
> >> >Sent: Sunday, 26 August 2001 3:38
> >> >To: 'http-wg@cuckoo.hpl.hp.com'
> >> >Subject: Http Tunneling
> >> >
> >> >
> >> >Hi There,
> >> >
> >> >While going through technical jargons, I came across this term
> >> >'Http-Tunneling'. It is said that using this,it is possible to
> >> >send data of any protocol through proxy over HTTP.Can any one
> >> >tell me how
> >> >this
> >> >can be achieved? any sample code will provide good idea or
> >> >send me the urls
> >> >where
> >> >I can get the basics of http-tunneling.
> >> >
> >> >Is it possible to tunnel complex protocols which are used
> >by 'Microsoft
> >> >Netmeeting',
> >> >or AIM etc?
> >> >
> >> >Thanks in advance!!!
> >> >
> >> >yog
> >> >
> >> >
> >>
> >
> >
>
Received on Thursday, 30 August 2001 15:05:37 UTC