W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2019

Re: Is CONNECT hop-by-hop?

From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Fri, 19 Apr 2019 23:06:18 +0100
Message-ID: <CALGR9oacFoeVsK9gtb2aW+aZi6pDJ2xNhFa2U4dquZ7bkS6uTA@mail.gmail.com>
To: Alex Rousskov <rousskov@measurement-factory.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Hi Alex,

This is an interesting thread. You raise some questions that I had not
thought of. It seems like a good time to tighten up language.

I think that the "open a TCP connection" view is the most accurate thing
here. And so the final hop, from last proxy to origin will never have a way
to express such "end-to-end" headers. Proxies, in the role of client, that
are configured to use a proxy would use their own user agent and
authentication.

I'd considered the chaining case in HTTP/2 but just taken for granted that
a proxy that has it's own *HTTP proxy* configured would attempt to use it
when opening TCP connections to the indicated authority. This seems like a
reasonable assumption to make for HTTP proxies. I'm sure there might be
other ways a proxy might choose to tunnel, like SOCKS, but that is down to
local configuration.

Note that HTTP/3 also defines CONNECT to behave like RFC 7540. This raises
some challenges for tunnelling HTTP/3, which is one of the driving use
cases in the HiNT I-D [1].

Cheers
Lucas

[1]
https://datatracker.ietf.org/doc/draft-pardue-httpbis-http-network-tunnelling/



>
Received on Friday, 19 April 2019 22:06:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:15:34 UTC