- From: Dan Connolly <connolly@w3.org>
- Date: Wed, 17 Oct 2007 16:37:53 -0500
- To: www-tag <www-tag@w3.org>
- Cc: public-ietf-w3c <public-ietf-w3c@w3.org>
This recent IESG review suggests lots of interesting resources shouldn't have http: URIs. I'm just starting to look into it, so I haven't decided whether I agree... "At this point it's inevitable we'll end up with intrusive firewalls on port 80 that will break anything beyond stock browser-based HTTP. " -- Chris Newman 21 Sep 2007 http://www1.ietf.org/mail-archive/web/apps-review/current/msg00084.html "I'll give two examples of HTTP-based protocols with separate ports where that was clearly the right technical choice in my opinion: IPP: RFC 2910 SIP: RFC 3261 I'll also mention that the Mail Submission protocol runs on port 587 primarily, but can also run on port 25. That's a practical way to (1) remain backwards compatible with deployed usage or limitations. (2) provide a separate port when it's helpful to avoid middle-box restrictions on an overused/abused port like port 25. It's my technical opinion there should be a separate port registered for HTTP access to information used to validate security credentials (CRLs, OCSP, etc) with port 80 as a fallback for situations where the separate port can't be used and for legacy use." http://www1.ietf.org/mail-archive/web/apps-review/current/msg00095.html The thread continues; for example, Newman in reply to Hallam-Baker... http://www1.ietf.org/mail-archive/web/apps-review/current/msg00097.html -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E
Received on Wednesday, 17 October 2007 21:37:25 UTC