On Thu, 16 Jul 2009, Mark Nottingham wrote:
>
> So, to be clear, the only time the byte-for-byte HTTP handshake is used
> is when it's over a TLS tunnel via CONNECT (i.e., it's not used to set
> up the tunnel, but only once it's established)?
It's used whenever the client thinks it has a connection to the
destination HTTP or WebSocket server, whether that's over TLS or not.
If it _knows_ that it is talking to a proxy, then it does the CONNECT
thing first (or whatever is appropriate; SOCKS proxies are preferred).
If it thinks it is talking to the destination server but is being
intercepted by a man-in-the-middle proxy, e.g. when it tries to connect
over port 80 without knowing of any proxies (not a recommended practice,
but it could happen), then you run into the problem that Adrian and I are
discussing in the separate branch of this thread.
> If that's the case, should be no problem. A bit weird, thought; speaking
> two protocols on the same port isn't really good practice...
Indeed, that's why it has (well, will have, they're not registered yet)
its own ports. On the long term, I would hope that we could just use
those, and not have to worry about HTTP at all. We're not there yet.
-- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'Received on Thu Jul 16 2009 - 03:07:04 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 16 2009 - 12:00:05 MDT