W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2015

Re: Working Group Last Call for draft-ietf-httpbis-tunnel-protocol

From: Adrien de Croy <adrien@qbik.com>
Date: Wed, 25 Mar 2015 21:12:38 +0000
To: "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
Message-Id: <emcfc93b12-b1ca-415a-94eb-80c7c8469cc3@bodybag>

this issue has been raised before, but I wasn't aware of a satisfactory 
resolution.

The target of this header is a proxy.  It is proxies that set up 
tunnels.

The feedback from proxy vendors on this proposed header seems to have 
been largely ignored.

If I see

Tunnel-Protocol: smtp

Then I can presume it's either smtp or that there's a TLS layer in there 
as well, and if I want to know, then I have to sniff for a client hello 
packet.  There is therefore what seems to be a deliberate ambiguity put 
into this spec which can only be resolved by sniffing.

The stated purpose of the spec is to allow perhaps prioritisation of 
traffic or something.  But any proxy interested in security (which they 
all are) is not going to blindly take an assertion from a client that it 
cannot verify and use that as a basis for allocation of priority 
resource.

As for the assertion that "proxies do not implement the tunneled 
protocol", well.... what can I say to that? What if they do? It doesn't 
look like normative language to me. Proxies commonly actually DO 
implement such tunneled protocols.
So I can only see this header going into the strip and ignore bucket.  I 
just hope it doesn't create too much confusion further on in time.

Adrien de Croy


------ Original Message ------
From: "Mark Nottingham" <mnot@mnot.net>
To: "HTTP Working Group" <ietf-http-wg@w3.org>
Sent: 25/03/2015 3:24:59 p.m.
Subject: Working Group Last Call for draft-ietf-httpbis-tunnel-protocol

>Everyone,
>
>As discussed in the WG meeting today, we don't have any open issues for 
>this product, so I believe it's ready.
>
>Therefore, this is the announcement of WGLC for:
>   http://tools.ietf.org/html/draft-ietf-httpbis-tunnel-protocol-02
>
>Please review the document carefully, and comment on this list.
>
>WGLC will end on 10 April 2015 (I'm leaving a bit extra because this is 
>an IETF week).
>
>Cheers,
>
>
>--
>Mark Nottingham https://www.mnot.net/
>
>
>
>
>
Received on Wednesday, 25 March 2015 21:14:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:43 UTC