[
Lists Home |
Date Index |
Thread Index
]
2/8/2002 12:27:03 AM, Paul Prescod <paul@prescod.net> wrote:
>
>
>Okay, fine, you are tunneling. I've mentioned this possibility on
>several occasions! There's no law against it. It's pretty inefficient to
>abuse HTTP in that way but if it's easier to implement than using TCP
>sockets then go ahead. Just be clear that you aren't using HTTP as it
>was meant to be used and you should expect a performance penalty for
>adding a superfluous layer into your app.
I fear to jump in here ... but this seems to be the heart of the matter. There seems to
be a school of thought that says it's an abuse of some principle to use HTTP when TCP
would suffice. I thought that the whole point of using HTTP like this was almost purely
pragmatic -- there are a lot more systems out there that will accept GET and POST requests
than there are systems that will let you open a TCP socket on an arbitrary port. The
option isn't between efficient TCP and inefficient HTTP, it's between good enough HTTP and
totally unacceptable sneakernet. In a hacker-free environment Paul Prescod would be
absolutely right ... but what about in the world we live in? I don't follow argument that
HTTP is a superfluous layer in a world of firewalls that close out most everything except
port 80.
Or to put it differently, HTTP is powerful enough to be useful but limited enough to make
it hard for hackers to attack you with. It is an inefficient use of cheap and abundant
computer resources, but who cares, if it saves expensive and scarce human resources?
Anyway, that's the counter-argument as I understand it ... what am I missing?
|
