I'm attempting to determine what features of HTTP specified by RFC
2817 (Upgrade header and CONNECT method support) have been implemented
and tested with other implementations in order to discover whether or
not the spec can be advanced to Draft Standard status.
The RFC discusses these features in the context of upgrading to HTTP
over TLS, because doing so was needed by IPP, so I expect that some
features will have been done primarily in the HTTP used by IPP clients
and servers.
However, the protocol features it describes are actually generic to
any use of Upgrade and CONNECT. The usage of CONNECT is (we believe)
the same as that specified in the original Internet Draft by Ari
Luotonen, which was never otherwise published as an RFC.
If you are responsible for (or knowlegable regarding) a Client,
Server, or Proxy that implements Upgrade and/or CONNECT support in
some form, would you please take a moment to comment on its support of
the specific features outlined below?
Replies to the list you're reading this on are fine - I'm on both.
Responses sent to me off list will be treated as confidential
information unless you specify otherwise - at most, the fact that an
affirmative response was received from someone will be made known
publicly, but neither the responder nor the implementation will be
identified.
Thank you for your time.
--
Scott Lawrence
Actively seeking work
http://skrb.org/scott/
[ <lawrence at world.std.com> is deprecated ]
================ Origin Servers
Section Server Feature
4.1 Advertisement of TLS/1.0
Server sends
Upgrade: TLS/1.0
in responses other than 101 (use of tokens other than
'TLS/1.0' would also be interesting, but none are
registered with IANA)
3.3 Acceptance of Upgrade Request
Server Sends
101 Switching Protocols
Upgrade: TLS/1.0, HTTP/1.1
Connection: Upgrade
4.2 Mandatory Upgrade Required
Server Sends
426 Upgrade Required
Upgrade: TLS/1.0, HTTP/1.1
Connection: Upgrade
5.3 2xx to CONNECT request
Client Sends on port 80 to origin server www.example.com
CONNECT www.example.com:80 HTTP/1.1
Host: www.example.com:80
Server responds with a 2xx response
================ Clients
Section Client Feature
5.2 CONNECT to port 443
(ok - this is here so almost everyone can say yes to something)
5.2 CONNECT to port 80 prior to upgrade request
Client Sends
CONNECT www.example.com:80 HTTP/1.1
Host: www.example.com:80
3.1 Requests optional switch to TLS/1.0
Clients Sends
GET ... HTTP/1.1
Host: ...
Upgrade: TLS/1.0
Connection: Upgrade
3.2 Probes for support of switch to TLS/1.0 prior to actual request
Client Sends
OPTIONS * HTTP/1.1
Host: ...
Upgrade: TLS/1.0
Connection: Upgrade
(the method need not be OPTIONS; any request for which an
Upgrade is not required by the client is acceptable)
================ Proxy Servers
Section Proxy Feature
5.2 CONNECT to port 443
5.2 CONNECT to port 80 prior to upgrade request
Client Sends
CONNECT www.example.com:80 HTTP/1.1
Host: www.example.com:80
Proxy establishes origin server connection, switches to
tunnel mode and responds with some 2xx response.
5.3 CONNECT through chained proxies
Client Sends
CONNECT www.example.com:80 HTTP/1.1
Host: www.example.com:80
Proxy Sends to next proxy toward origin server
CONNECT www.example.com:80 HTTP/1.1
Host: www.example.com:80
and forwards response appropriately