I might throw in a line about the secure version being SSL based and the majority of clients in existence will expect there to be a second port. Not to mention I have no idea if its even possible to detect encryption after the socket's been accepted without ruining the communication protocols.
On Wed, Jan 5, 2011 at 4:13 PM, Noah Slater <[email protected]> wrote: > Don't read much into their response. It's probably a canned one for people > who ask for secure ports. They're basically just asking for more > justification, I think. That's why I want some feedback. Want to make sure > I'm making a strong case for it. > > On 5 Jan 2011, at 21:09, Paul Davis wrote: > >> Most odd. Your response looks good to me, but judging from the email >> you're responding to, they've already specifically said that reasoning >> is no longer considered. Perhaps you should ask which modern security >> protocols they're talking about and some pointers on where we might >> look for an "automagical upgrade" which I've never heard of before. >> >> On Wed, Jan 5, 2011 at 4:00 PM, Noah Slater <[email protected]> wrote: >>> I'd like to get some peer review on my response to IANA here. >>> >>> CouchDB is a special use-case of HTTP 1.1 as justified in my previous >>> application for TCP 5984. It is, however, still bound by the common >>> limitations of HTTP 1.1 over SSL/TLS. In theory, HTTP 1.1 provides a >>> mechanism to upgrade an established connection to a secure one, but in >>> practice this is very rarely used, or in fact, implemented. >>> >>> If you wish to use HTTP 1.1 over SSL/TLS in a way that is compatible with >>> current clients and libraries, it is necessary to use a dedicated port for >>> this. Because it is anticipated that users will want to host non-secure and >>> secure CouchDB databases on the same sever, we are therefor requesting a >>> secure port, similar to TCP 443. >>> >>> On 24 Dec 2010, at 16:51, Pearl Liang via RT wrote: >>> >>>> Dear Noah Slater: >>>> >>>> Thank you for your patience. We received the following question for you: >>>> >>>> ----- >>>> >>>> Please justify and explain why a separate port number would be needed >>>> for a secure version of the protocol? IANA does not anymore anticipate >>>> allocating separate ports for secure versions as this is no longer >>>> necessary with modern security protocols. Same holds for new >>>> versions of the protocol (a version number should be included). >>>> >>>> ----- >>>> >>>> When we receive your reply, we will continue the processing of >>>> the request. >>>> >>>> Thank you, >>>> >>>> Pearl Liang >>>> ICANN/IANA >>>> >>>> On Tue Dec 14 11:08:43 2010, pearl.liang wrote: >>>>> On Sat Dec 04 00:04:28 2010, [email protected] wrote: >>>>>> >>>>>> On 3 Dec 2010, at 22:36, Pearl Liang via RT wrote: >>>>>> >>>>>>> Dear Noah Slater: >>>>>>> >>>>>>> Thank you for your submission for a user port number. >>>>>>> >>>>>>> Can you please provide the current spec for the following? >>>>>>> >>>>>>>> Message Formats : >>>>>>>> See TCP 5984. >>>>>>>> >>>>>>>> Message Types : >>>>>>>> See TCP 5984. >>>>>>>> >>>>>>>> Message opcodes : >>>>>>>> See TCP 5984. >>>>>>>> >>>>>>>> Message Sequences : >>>>>>>> See TCP 5984. >>>>>>>> >>>>>>>> Protocol functions : >>>>>>>> See TCP 5984. >>>>>> >>>>>> Sure, CouchDB uses HTTP 1.1 as defined in RFC 2616. >>>>>> >>>>>> The rationale for why CouchDB needs a distinct port from 80 was given >>>>>> in the application for TCP 5984. To summarise: TCP 80 is defined as >>>>>> HTTP for the World Wide Web, and CouchDB is a specialised >>>>>> application of HTTP that is commonly expected to run in parallel >>>>>> with a traditional web server. This same rationale should justify >>>>>> the application for a TSL/SSL port variation. >>>>>> >>>>>>> The information is required to be reviewed by the current expert >>>>>>> review team designated by IESG. >>>>>> >>>>>> Thank you. >>>>>> >>>>> >>>>> ***ORIGINAL TEMPLATE*** >>>>> On Fri Dec 03 05:47:41 2010, [email protected] wrote: >>>>>> >>>>>> Application for User Registered Port Number >>>>>> >>>>>> Name : >>>>>> Noah Slater >>>>>> >>>>>> E-mail : >>>>>> [email protected] >>>>>> >>>>>> Protocol Number : >>>>>> TCP >>>>>> >>>>>> Message Formats : >>>>>> See TCP 5984. >>>>>> >>>>>> Message Types : >>>>>> See TCP 5984. >>>>>> >>>>>> Message opcodes : >>>>>> See TCP 5984. >>>>>> >>>>>> Message Sequences : >>>>>> See TCP 5984. >>>>>> >>>>>> Protocol functions : >>>>>> See TCP 5984. >>>>>> >>>>>> Broadcast or Multicast used ? >>>>>> no >>>>>> >>>>>> How and what for Broadcast or Multicast is used (if used): >>>>>> >>>>>> >>>>>> Description : >>>>>> This port will be for CouchDB HTTP traffic over an SSL connection. >>>>>> CouchDB traffic is currently assigned to TCP 5984 by IANA. Due to >>>>>> Host restrictions inherent to the HTTP protocol, SSL communications >>>>>> need to use a different port number to differentiate them from non- >>>>>> SSL communications from the same network address. Compare TCP 80 >>>>>> and TCP 443. >>>>>> >>>>>> Name of the port : >>>>>> CouchDB over TLS/SSL >>>>>> >>>>>> Short name of the port : >>>>>> couchdbs >>>>>> >>>> >>>> >>> >>> > >
