On Wed, Dec 02, 2015 at 02:06:03PM -0800, Peter Eckersley wrote: > On Wed, Dec 02, 2015 at 12:01:04PM -0500, Phillip Hallam-Baker wrote: > > > > Again, I think you are missing the real problem here. Let us say we have a > > new protocol to run over port 666 that is actually a Web service under the > > covers. > > > > Hosting provider has a host that supports the following Web Sites that > > belong to different parties: > > > > example.com > > malicious.com > > > > The hosting provider allows any form of executable to run on the host > > (10.6.6.6) that does not interfere with apache which has 80 & 443 reserved. > > [This is typical] > > Are there any typical hosting environments in which such executables can > bind to port 666, while being unable to tear down and replace the > service that's bound of 443? What are they?
(And perhaps you were arguing elsewhere in this thread that .Net Core + Raspberry Pi devices might be an example of this, but it would be an interesting and surprising fact if ASP could bind :666 on such devices, but not bind or reconfigure the server on :443) -- Peter Eckersley [email protected] Chief Computer Scientist Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993 _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
