This is first reply I got back on my enquiry to the TLS DL.
Carl-Uno
EKR <ekr> writes:
Carl-Uno Mamros writes:
> It seems that the overall TLS draft specification (version 5) is silent on
> TLS's use of schemes and port numbers apart from discussing in Annex E that
> TLS might share the "https" scheme and port 443 with SSL3, when both are
> supported.
That was my intention. Since TLS/SSL3 implementations can transparently
negotiate a common protocol, this seems ok--and it avoids further
proliferation of ports. Anyone have other opinions.
It's important to distinguish between the two HTTP/TLS drafts in progress.
The one that I'm working on describes current practice for HTTP over
SSL, extending it to TLS. I understand that Rohit Khare is working
on a draft that allows (the more principled thing) HTTP implementations
to negotiate to HTTP/TLS over the common HTTP port.
Everything in this message, then, refers to the draft that I'm
working on.
> The same question goes for the use of port numbers. E.g. should you still
> use port 80 for the combination of HTTP and TLS (Annex E seems to suggest
> that you use port 443 as for SSL3)?
That's current practice.
> Do you see any reasons to allocate new schemes and/or port numbers for IPP
> (differently from HTTP) when using HTTP as transport?
I'm not very familiar with IPP. If IPP runs over HTTP, you should
be able to use the same port numbers.
> BTW, how is the draft on a TLS profile for HTTP coming along?
I've got a rough draft. There turn out to be some issues that
impact TLS in general, that I'd like to to iron out before
sending it off.
-Ekr
-- [Eric Rescorla Terisa Systems, Inc.] "Put it in the top slot."