- From: Willy Tarreau <w@1wt.eu>
- Date: Thu, 3 Jun 2021 05:22:01 +0200
- To: "Soni L." <fakedme+http@gmail.com>
- Cc: ietf-http-wg@w3.org
On Wed, Jun 02, 2021 at 11:54:55PM -0300, Soni L. wrote: > > > On 2021-06-02 11:15 p.m., Paul Vixie wrote: > > On Thu, Jun 03, 2021 at 12:23:08AM +0000, Adrien de Croy wrote: > > > > > > Let's not get ahead of ourselves. > > > > > > Port 80 is still heavily used. > > > > > > Suggest revisiting this idea in maybe 50 years. > > > > TCP/80 will remain in use for vm-internal and hypervisor-scale API's > > for much longer than 50 years. it's nice that we have a null-crypto > > option on TCP/443 now, but negotiating that across shared silicon when > > the endpoints all share a von neumann domain is complexity we would > > never be grateful for. it may also have a long life on disconnected > > LANs. > > > > so, +2. > > > Have you heard of asymmetric PAKE (TLS-SRP)? It's kinda, perfect for LAN > (and by extension VM-internal/hypervisor-scale). Would be great to > replace TCP/80 with PAKEs on TCP/443 and UDP/443. You seem to be in favor of purposely ignoring 30 years of deployed components, applications and contents that are readily available and working fine and that don't need to be trashed every single time a new protocol extension suggests it could work for them. I know that destroying human-created digital contents will be the specificity of the 21th century but I don't see any compelling reason for accelerating this (sad) trend. What is accessible can remain accessible for as long as there are people interested in it. Instead maybe you should write an article recommending the use of TLS-SRP for a number of use cases where you think it will provide a benefit over using port 80 (or clear communication over any other port), but I think you'll have to orient it towards "if you were considering deploying over 80 to avoid the hassle of configuring and managing TLS, there's another option that might work for you". Regards, Willy
Received on Thursday, 3 June 2021 03:22:52 UTC