incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <...@apache.org>
Subject Re: [IANA #411617] Application for port-number: couchdbs
Date Tue, 01 Mar 2011 21:20:05 GMT
Well done, Noah, thanks!

Cheers
Jan
-- 

On 1 Mar 2011, at 18:52, Noah Slater wrote:

> Hello,
> 
> CouchDB is a document database that implements a RESTful JSON API via HTTP. All interaction
between the server and client is made via standard HTTP 1.1 responses and requests. The database
only makes use of standard HTTP 1.1, and does not add any features.
> 
> While CouchDB speaks vanilla HTTP, just like a WWW server on TCP 80, it does so in a
constrained manner. The specific URLs exposed, and database-specific consequences of using
a GET or a POST request (for example) are formalised for client and server.
> 
> Additionally, CouchDB only exposes an API via HTTP. It does not serve up web pages for
human consumption. TCP 80 is reserved for uses of HTTP that serve up World Wide Web pages.
These two use-cases for HTTP a quite different, and call for different ports.
> 
> Many CouchDB users want to install a WWW server on a host, at the same time as a CouchDB
server. While both server daemons speak the same network protocol, they both have very different
uses. And both daemons cannot listen on the same port for connections.
> 
> And just like one might want to host a MySQL database server on the same host as an Apache
WWW server, many people want to host a CouchDB database server too. And just like MySQL has
TCP allocated 3306 for this, CouchDB has TCP 5984.
> 
> The problem we're having now is that users want to run a CouchDB database server with
newly enabled TLS/SSL feature. Because of the way HTTP 1.1 works with TLS/SSL, you cannot
listen for secure connections on the same port as non-secure connections.
> 
> This is because the WWW server must know the host before the proper secure handshake
can be initiated. Upgrading to TLS/SSL within a regular  HTTP 1.1 request would have fixed
this problem, but this was never properly implemented by many clients.
> 
> To solve this problem, most WWW servers additionally listen on a new hostname and TCP
443 combination for each TLS/SSL site they accept connections for. It is the only interoperable
way to accept secure and non-secure connections at the same time.
> 
> Because CouchDB is a non-WWW HTTP 1.1 server that requires the ability to serve secure
and non-secure connections from the same host, it is therefor requested that a secure port
be allocated, so that the same solution as WWW HTTP 1.1 can be implemented.
> 
> Thank you,
> 
> Noah
> 


Mime
View raw message