In article <[EMAIL PROTECTED]>,
Alan Cox <[EMAIL PROTECTED]> wrote:
>Well I've seen an IP over http proxy driver somewhere. Its fairly easy. It
>feeds back packets and you send it packets as a form or reload regularly
>to pall for data
I considered that, and mostly implemented it too, and it would have
worked, except for one important detail: the Netscape Proxy server
in my case has some kind of net-nanny feature which makes each access
to a site take several seconds to set up in some cases and guarantees
a maximum of at most one read and one write per request. That means
multi-minute ping times if there's even a trivial amount of traffic.
IP over HTTPS, on the other hand, is indistinguishable from a web browser
that is using a cached connection to fetch multiple web pages (many,
many, many tiny web pages...). Unless the proxy has some back door for
decrypting the traffic, there's no way to tell the difference except by
analyzing traffic patterns. In order to support the SSL protocol the
connection has to be bidirectional, and it can't be filtered based on
content so there's no bottleneck in the nanny software.
--
Zygo Blaxell, Linux Engineer, Corel Corporation, [EMAIL PROTECTED] (work),
[EMAIL PROTECTED] (play). It's my opinion, I tell you! Mine! All MINE!
Size of 'diff -Nurw [...] winehq corel' as of Fri Feb 19 16:14:01 EST 1999
Lines/files: In 4568 / 156, Out 23137 / 297, Both 26966 / 392
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
