Re: Working Group Last Call for draft-ietf-httpbis-tunnel-protocol

this issue has been raised before, but I wasn't aware of a satisfactory 

The target of this header is a proxy.  It is proxies that set up 

The feedback from proxy vendors on this proposed header seems to have 
been largely ignored.

If I see

Tunnel-Protocol: smtp

Then I can presume it's either smtp or that there's a TLS layer in there 
as well, and if I want to know, then I have to sniff for a client hello 
packet.  There is therefore what seems to be a deliberate ambiguity put 
into this spec which can only be resolved by sniffing.

The stated purpose of the spec is to allow perhaps prioritisation of 
traffic or something.  But any proxy interested in security (which they 
all are) is not going to blindly take an assertion from a client that it 
cannot verify and use that as a basis for allocation of priority 

As for the assertion that "proxies do not implement the tunneled 
protocol", well.... what can I say to that? What if they do? It doesn't 
look like normative language to me. Proxies commonly actually DO 
implement such tunneled protocols.
So I can only see this header going into the strip and ignore bucket.  I 
just hope it doesn't create too much confusion further on in time.

Adrien de Croy

------ Original Message ------
From: "Mark Nottingham" <>
To: "HTTP Working Group" <>
Sent: 25/03/2015 3:24:59 p.m.
Subject: Working Group Last Call for draft-ietf-httpbis-tunnel-protocol

>As discussed in the WG meeting today, we don't have any open issues for 
>this product, so I believe it's ready.
>Therefore, this is the announcement of WGLC for:
>Please review the document carefully, and comment on this list.
>WGLC will end on 10 April 2015 (I'm leaving a bit extra because this is 
>an IETF week).
>Mark Nottingham

Received on Wednesday, 25 March 2015 21:14:12 UTC