> > Doesn't SSL/TLS over HTTP (aka HTTPS) set a precedent by using > > port 443instead of 80? Shouldn't this issue be resolved by > > now? > Considering SSL/TLS is being proposed for protocols other than HTTP, no. Several existing protocols perform security negotiation over the same port and predate SSL/TLS. There are proposals that predate the SSL/TLS proposal and have their own momentum, such as draft-myers-auth-sasl-07.txt, last revised December 1996. > Yes it does, but it's not so bad. > > 1. HTTP *has* to be as lightweight as possible. If you used a trigger > like I just described you'd add another round trip at least. > Finally. A reasonable technical argument to support port mirrors, but only for protocols such as http. :) > 2. The core part of the HTTP request comes on the first command from the > client to the server (the "GET" or "POST" or "PUT" etc.) so there's > not that much room to squeeze a trigger in. > > For a critical, fast, lightweight protocol like HTTP even the > purists can probably make an exception ;-) > -dpgReceived on Monday, 10 February 1997 16:51:28 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC