[snips]
Keith writes:
>
> With due respect, the IESG disagrees. The layering of a new protocol
> over HTTP, and the proposed reuse of http: URLs, has
> generated concerns
> about breaking widely-held assumptions - specifically,
> firewall policies
> and assumptions about what http: means and how it is used.
What can one assume about http? That it is the "browsing" application??
Using conventional http/html one can indeed browse a vast "library" of
information. Many of us are now quite dependant upon this access. But
one can also upload/download files, control routers and other gear
(including printers!), cop a peek at a porn site, get news & other
information, send and receive e-mail and all sorts of services that
imaginative people have managed to implement on these protocols. So it
seems to me that the only meaning http: has it that it is Hypertext
Transport. One cannot tell what is being transported. It is not
possible to infer "application" based upon http:. One would have to dig
into the content of the messages (or filter on hosts) to do much
effective blocking if one wanted to restrict http to a small set of
legitimate applications. So it does not seem like this is much help
for the firewall administrator. The barndoor is already pretty wide
open.
MIME type would seem to provide a most adequate filtering hook for IPP
and other protocols which also wish to ride on http.
>
> Keith
>
Another $.02,
Rich
Richard B. Gray, Sr. Software Egr.| Tel: 513/746-8118 ext. 2405
Digital Controls Corporation | Fax: 513/743-8575
305 South Pioneer Blvd. | Net: rich.gray@digital-controls.com
Springboro OH 45066-1100, USA | Http://lpplus.digital-controls.com