Re: Hello from Mozilla from Henrik Nordstrom on 2009-07-13 (squid-dev)

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Mon, 13 Jul 2009 12:50:04 +0200

ons 2009-07-08 klockan 15:16 +1200 skrev Amos Jeffries:

> CONNECT to port-80 by default is IMO not an option. It pretty much
> defeats all the other HTTP-level security measures.

For what it's worth, RFC2817 Upgrading to TLS Within HTTP/1.1 requires
CONNECT to be accepted to port 80.

Not that I really know of anyone who uses this "standards-track" method
of TLS/SSL encrypting HTTP, just plain old HTTP over TLS/SSL (https).

Regards
Henrik
Received on Mon Jul 13 2009 - 10:50:10 MDT

This archive was generated by hypermail 2.2.0 : Mon Jul 13 2009 - 12:00:04 MDT