Re: Alt-Svc #62: proxies

On 12.06.2015 05:38, Mark Nottingham wrote:
> On 12 Jun 2015, at 10:07 am, Amos Jeffries <> wrote:
>> On 12/06/2015 8:44 a.m., Martin Thomson wrote:
>>> On 11 June 2015 at 08:54, Ryan Hamilton <> wrote:
>>>> I'm not sure about this. Consider the case where a client is configured to
>>>> use for all request. The client wants to request
>>>> To do this, the browser connects to the proxy and
>>>> issues a CONNECT request, resulting in a TLS handshake and an HTTP/2
>>>> connection (via the proxy) to Now, lets say that the
>>>> client wants to request Previously,
>>>> advertised as an alternative service.
>>>> Should not the client be able to use the existing (tunneled through the
>>>> proxy) connection to The TLS connection *is* end-to-end
>>>> in this case (though the underlying TPC connection is not).
>>> Do we consider the proxy to be configured for the request or the connection?
>>> I know that sophistry, but maybe it makes sense to invent that
>>> distinction for this purpose.
>> I dont think it matters.
>> The client UA has chosen to use and its configured
>> to use the proxy when sending requests to that authority. Whether it
>> re-uses the same connection or creates another CONNECT through the proxy
>> it should still be following the configured next-hop.
>> Thats usually the whole point of such configuration existing at all.
> In that spirit:
> "A client configured to use a proxy for a given request SHOULD NOT directly connect to an alternative service for it, but instead route it through that proxy."
In that spirit the client should use the alternate service as URL when 
looking up which proxy to use in a PAC file. But what is the 
corresponding URL to use, e.g. should, or 
http_opportunistic_security:// be used?


Received on Friday, 12 June 2015 08:32:49 UTC