Re: Proxy Servers (and SOCKS)

Ian Dunkin (imd1707@ggr.co.uk)
Fri, 25 Feb 1994 23:04:16 --100


On Fri, 25 Feb 1994, Kevin Altis wrote:

> Most sites that require the use of a proxy would not need anything more
> than the ability to specify a proxy for a particular protocol, plus a
> domain or domains to not proxy. I need specific examples if this doesn't
> work for your site so we can understand your needs.

Kevin, Thanks for your reply (and the new mechanism!)

If it allows for domains (plural: we use internal servers across several
different domains) they yes, it would fit _my_ site's needs.

> Actually, the proxy scheme is intended to be a complete replacement for
> SOCKS in the case of Web clients (reliance on HTTP), while SOCKS can
> continue to work for telnet and special ftp clients. There are numerous
> reasons for the SOCKS replacement, but I don't want to drag all of the
> reasons out on this list.

I'd be genuinely interested in them. You see, for me an advantage of
using SOCKS for all services is that it does give a unity of access
control and configuration. Adding further mechanisms for particular
protocols adds overheads in this respect and requires additional software
on a firewall host, where one wants as little as possible. Let people
choose SOCKS if they want.

Mind you, they can: After quick experiment, I found that if I SOCKSize a
CERN httpd, and direct the debug Win-Mosaic's proxy requests at that, I
can use my existing SOCKS transport well enough. (Nasty, eh? :-)

I.

(Tentative question: Have you thought of the `Firewalls' mailing list for
canvassing further, non-WWW opinion?)