On Fri, 17 Jul 2009, Mark Nottingham wrote:
>
> I missed that Ian was still talking about using port 80. I think that's
> broken / more trouble than it's worth, for the reasons Adri is going
> through.
>
> If you have to tunnel using an existing port, use 443 (with null
> encryption if you're worried about overhead, but still want to
> authenticate the endpoint). Even then, Wifi hotspots are probably going
> to redirect you, but using 443 should be a last-gasp measure anyway.
I agree -- you would only use port 80 if the network wasn't intercepting
your requests (which you can figure out pretty quickly by just trying to
connect, since that will fail quickly in the case of a proxy). I would
expect uses of this protocol that don't want encryption to try port 81,
then port 80, then port 443 with encryption, in that order; I would expect
uses of this protocol that _do_ want encryption to just try ports 815 and
443, in that order. 443 should always work if anything is going to work,
as far as I can tell.
-- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'Received on Fri Jul 17 2009 - 10:08:19 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 17 2009 - 12:00:05 MDT