AC> Firewalls pass DNS and port 80. An http interface is a good
AC> policy anyway. People sitting behind truely horrible proxies
AC> can then still use it.
No, this is not necessarily true. Not all firewalls pass through DNS
requests. More firewalls pass through HTTP than DNS.
However, that being said, DNS is an intriguing idea... I think it's
pretty doable (and feasible) to use DNS, but I prefer the idea of HTTP
more since I can transparently query HTTP right through the firewall
and I can't do so with DNS.
-- Gary F.
-- "In the end, the overall 'productivity' of the system the fact that it came into being at all, was the handiwork not of tools that sought to make programming seem easy, but the work of engineers who had no fear of 'hard.'" -- Ellen Ullman, "The Dumbing Down of Programming"