- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 26 Oct 2005 18:12:21 +0000 (UTC)
On Mon, 17 Oct 2005, Michael Gratton wrote: > > On Mon, 2005-10-17 at 05:27 +0000, Ian Hickson wrote: > > It's not intended to use port 80 only; where does it say that? That's > > an error. It is intended to be usable on ports 80, 443, and anything > > greater than 1024. (80 and 443 to attempt to tunnel out of psychotic > > firewalls, [...]) > > ObFirewallsExistForAReasonRant: But then you are trying to subvert the > entire point of the firewall in the first place, which is just going to > annoy network admins. If they don't already have a proxy in place they > will put one in pretty quick. XML-RPC and SOAP constitute similar > annoyances. Even if they do, since this protocol supports being carried over SSL and since it supports being sent over port 443, you can still get out. :-) What reason is there to prevent Web pages from making out-going TCPConnections, if they are allowed to make outgoing HTTP connections, given that you can always, if you try hard enough, implement one by using the other? > I would suggest the spec should just require all connections be made on > ports above 1024. It will make it clear to people behind a firewall that > they will need to get a hole made to use the web app and avoids the > problem with transparent proxies. This would basically kill this feature, since Web sites wouldn't use something that they can't guarentee will be able to get out. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 26 October 2005 11:12:21 UTC