[plt-scheme] Re: Planet vs firewalls

From: Neil W. Van Dyke (neil at neilvandyke.org)
Date: Sat Jan 22 12:38:47 EST 2005

> From: John Clements <clements at ...>
> Date: Thu, 20 Jan 2005 13:28:49 -0500
[...]
> Couldn't you also encode the current protocol as an HTTP exchange?  
> Since you have control over both the client and the server, you could 
> say that the client sends an initial request, and the response would be 
> an html thing that encoded the information that the server needed from 
> the client.  Et Cetera.

Seconded.  I think HTTP on port 80, with an old HTML MIME type, is the
only thing you can bet will get through almost everywhere.

If you make your protocol look like HTML (even in "text/plain"), you
might avoid the 0.001% of evil HTML filters by putting your protocol
encoding inside of an HTML element like "pre", and either escaping
special characters appropriately for HTML or using something like MIME
Base-64.  You don't want some overzealous transparent proxy rewriting
your 'HTML' when you're downloading PLaneT libraries to your mobile
phone.  The bundled PLT collections already contain adequate HTTP, HTML,
and MIME code for this -- you'd just have to take the resource hit of
loading them for PLaneT clients (hopefully autoloading only when
needed).

(I was going to suggest that the client first attempt HTTPS on 443, and
then fall back to HTTP on 80 if there's no response, as a security
measure beyond package-signing.  This would permits mirrors who are
willing to offer HTTPS to do so, without discouraging mirrors who are
only willing/able to offer HTTP.  However, that would probably cause
more support/reliability problems than are justified by the minor
additional security.  So long as you have package-signing...)

-- 
                                             http://www.neilvandyke.org/



Posted on the users mailing list.