Re: Backwards compatibility

On Mon, Apr 2, 2012 at 7:28 PM, Amos Jeffries <squid3@treenet.co.nz> wrote:

> On 03.04.2012 09:32, Roberto Peon wrote:
>
>> On Mon, Apr 2, 2012 at 10:56 AM, Peter Lepeska wrote:
>>
>>  Big bites do seem to go down easier than lots of little ones. The problem
>>> is that SPDY is eating *two* shit sandwiches, trying to make the web
>>>
>>> both fast and secure, at the same time. This bite is more than most can
>>> chew and so adoption will be much slower b/c of the SSL requirement, in
>>> my
>>> opinion.
>>>
>>
>>
>> Really? I'd say it was two delicious ingredients, personally. I also think
>> that assuming that deployment is greatly suffering is not validated by
>> real-world experience.
>>
>>
> in the past few months there has been a noticeable increase in queries
> about:
> * how to decrypt CONNECT tunnels to port 443
> * how to implement MITM of port 443 for filtering
>

The former of these has nothing to do with current SPDY deployments.
The latter could, but is likely for significantly more than just SPDY.


>
> followed shortly after by:
> * how to force port-443 traffic through the proxy without breaking
> non-HTTPS traffic on that port
> * how to decrypt CONNECT traffic without breaking VoIP tunnels and other
> non-HTTPS CONNECT traffic
> * how to force https:// to http:// by the browser, then reverse it at the
> proxy outgoing to https://
> * how to force http:// to https:// by the browser, then reverse it at a
> proxy outgoing to http:// again
>
> then more recently these have started coming in:
> * why some recent browsers are doing things without being logged by proxy
> monitors (use of SPDY/WebSockets connections?)
>
> Now you tell us there is no suffering...
>

None of these requests is SPDY specific. All of them could be correlated
with various sites switching to actually using HTTPS traffic.

I said that it doesn't appear to be hampering deployment.

-=R


>
> AYJ
>
>
>