- From: Adam Barth <ietf@adambarth.com>
- Date: Wed, 1 Dec 2010 10:01:09 -0800
- To: "Roy T. Fielding" <fielding@gbiv.com>
- Cc: "William A. Rowe Jr." <wrowe@rowe-clan.net>, Hybi HTTP <hybi@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
On Wed, Dec 1, 2010 at 9:45 AM, Roy T. Fielding <fielding@gbiv.com> wrote: > On Dec 1, 2010, at 1:30 AM, William A. Rowe Jr. wrote: >> On 11/26/2010 6:55 AM, Greg Wilkins wrote: >>> >>> And do you get similar feeling to think about using the CONNECT method >>> to establish tunnels for arbitrary protocols? >> >> CONNECT suffers from the same issues you identify is deploying a new port. >> Namely, http servers will reject those requests. Leveraging CONNECT >> successfully would require additional HTTP-level authentication to identify >> users and prevent abuse (as most proxies do). Restructuring the internet, >> whether it is adding a new port to unblock, or permitting specific classes >> of CONNECT traffic, would be a similar battle. > > Perhaps more to the point, CONNECT is a method that is only allowed to be > sent to a client-side proxy server. Deliberately sending it in other > HTTP messages would be a violation of its method semantics and the > HTTP/1.1 syntax (because its unusual target syntax is only allowed > when sent to a proxy). That seems like a matter of perspective. When opening a connection to a WebSocket server, can one not view the server as a proxy sever? Adam
Received on Wednesday, 1 December 2010 18:02:17 UTC