Slashdot Mirror
TCP/IP Over HTTP
Nick Towers sends news of a nifty new RFC that has just come out - RFC 3093, the Firewall Enhancement Protocol, promises to reduce the hassle of setting up a firewall by tunneling any TCP/IP application over HTTP.
← Back to Stories (view on slashdot.org)
If you look at the IPP (Internet Printing Protocol, RFC 2567), you'll notice that it's a protocol designed to encapsulate printing in HTTP POST operations. The motivation for this? Ease of administration, since so many firewalls out there already allow HTTP out, it makes remote printing much easier for end users. Of course, the fact that HTTP is basically a client-driven, instantaneous response protocol totally inappropriate to things like delayed spooled printing and reporting of asynchronous printer error conditions hasn't ever stopped the IETF from forging ahead with this.
All hail the Printer Working Group!
I think this RFC is actually a parody of SOAP, as chronicaled in Bruce Schneier's June 2000 Crypto-Gram.
-"Zow"
- RFC3093 - Firewall Enhancement Protocol (FEP).
- RFC3092 - Etymology of "Foo".
- RFC3091 - Pi Digit Generation Protocol.
- RFC2795 - The Infinite Monkey Protocol Suite (IMPS).
- RFC2551 - The Roman Standards Process -- Revision III.
- RFC2550 - Y10K and Beyond.
- RFC2549 - IP over Avian Carriers with Quality of Service.
- RFC2325 - Definitions of Managed Objects for Drip-Type Heated Beverage Hardware Devices using SMIv2
- RFC2324 - Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0).
- RFC2323 - IETF Identification and Security Guidelines.
- RFC2322 - Management of IP numbers by peg-dhcp.
- RFC2321 - RITA -- The Reliable Internetwork Troubleshooting Agent.
- RFC2100 - The Naming of Hosts.
- RFC1927 - Suggested Additional MIME Types for Associating Documents.
- RFC1926 - An Experimental Encapsulation of IP Datagrams on Top of ATM.
- RFC1925 - The Twelve Networking Truths.
- RFC1924 - A Compact Representation of IPv6 Addresses.
- RFC1776 - The Address is the Message. S. Crocker.
- RFC1607 - A VIEW FROM THE 21ST CENTURY. V. Cerf.
- RFC1606 - A Historical Perspective On The Usage Of IP Version 9.
- RFC1605 - SONET to Sonnet Translation.
- RFC1438 - Internet Engineering Task Force Statements Of Boredom (SOBs).
- RFC1437 - The Extension of MIME Content-Types to a New Medium.
- RFC1313 - Today's Programming for KRFC AM 1313 Internet Talk Radio.
- RFC1217 - Memo from the Consortium for Slow Commotion Research (CSCR).
- RFC1216 - Gigabit network economics and paradigm shifts.
- RFC1149 - Standard for the transmission of IP datagrams on avian carriers.
- RFC1097 - Telnet subliminal-message option.
Did I miss any?---
Its February 4th? Damn, that international date line thingy really isn't working well these days is it? :)
Come play Heroes of Might and Magic Mini online.
I guess they don't realize that some people actually do this? VTCP/Secure from Infoexpress does in fact have a mode that tunnels over HTTP.
RFCs 3091 (Pi Digit Generation Protocol) and 3092 (Etymology of "Foo") are also available. Looking over the comments here, they're probably funnier, too.
It's a bug in Microsoft's development libraries. There was a discussion about it on Bugtraq, with a link to a FAQ . It's not a Y2K bug, so no one will bother tracking the productivity lost as a result, which is too bad, because it could be really big. And yes, changing the clock on your computer at work does count as lost productivity.
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
RFC 2795 (Infinite Monkey Control Protocol) is by far the best RFC I've ever read.
You are so wrong. HTTP uses TCP. Therefore, TCP over HTTP would be fine, technically (if senseless)
As for your assertion that TCP could not be implemented on top of UDP anyway, think about this --- TCP is implemented on top of IP. IP is an _unreliable_ protocol as well. It's perfectly possible to implement a reliabl protocol on top of UDP or any other unrealiable protocol using the types of mechanisms TCP does.
I have seen firewalls that are overly strict, but they allow HTTP or HTTPS through them. If you have a host on the outside and a client on the inside, you can setup a PPP connection using stunnel between the two machines. Then you can do anything you like (including display a browser from the outside host back, run icq, etc. The cool thing is, if you use stunnel you can encapsulate it over https. This gives you the ability to have a secure, non-monitored, encryted connection to the outside host.
Goto www.stunnel.org and you'll actually find examples of tunneling ppp (and thus tcp/ip) over HTTPS.
--
Twivel
Daylight saving is an april fool, DON'T DO IT
1. . The idea behind it is that the units, days, months, years, go in ascending order of magnitude. The US system, in all its wisdom, uses an apparantly random order.
Ascending order seems backwards to me. When you name file versions by changing the date and you sort the files by name, then the files end up in some weird order. I name files using the descending order 01-04-01 (I guess today is a bad example).
The date format I use isn't mm-dd-yy because it's a random order. I use mm-dd-yy because that is what all of my coworkers, family, and clients use. I know that it bothers most people, but i _do_ live in the U.S. so I date things according to the way that the U.S. does it.
3. As far as your question goes, here's an answer: The US does it the way that they do because of what you said April, 02, 2001 -> 04-02-02. We didn't switch it back so that it would 'make more sense' in the same way that microsoft will never put the 'shut down' command anywhere but within the 'start' menu. People are just used to it.
By the way, mod me as a troll if you like, but Slashdot April Fool's addition sucks this year.
Keeping
Er... Well, y'know. You can't make an omelette without um... destroying a forest. Or something.
My only political goal is to see to it that no political party achieves its goals.