- From: Willy Tarreau <w@1wt.eu>
- Date: Thu, 15 Dec 2011 07:38:37 +0100
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>, Peter Saint-Andre <stpeter@stpeter.im>, Adrien de Croy <adrien@qbik.com>
Hi Mark, On Thu, Dec 15, 2011 at 01:01:36PM +1100, Mark Nottingham wrote: > We're not quite ready for Working Group Last Call, but I do believe it's not far off. So, if you have issues to bring to the Working Group, please do so soon. Mid-April, we had a discussion with Adrien the suggestion of making UAs connect to proxies using https instead of http so that we stop the horrors that are currently performed for authentication in many corporate environments (you know, redirect to https for auth + set-cookie for the target domain + redirect again + failure quite often...), and apparently there was no ticket for this. Adrien even suggested the use of "GET https://" instead of CONNECT in some cases so that filtering proxies can safely inspect the contents. Since corporate proxies are a place where HTTP works very badly, I think we should address these issues before the final release. Best regards, Willy
Received on Thursday, 15 December 2011 06:39:18 UTC