Reverse HTTP

In the recent days and weeks I thought about a way to use HTTP as a device management protocol, to access devices sitting behind NAT routers or firewall. The idea is, basically, to access a device’s web interface, even if the device is behind a firewall, and thus not reachable by HTTP. The basic idea I had was that the device would initiate a (secure) socket connection to a central device management server. This is usually not a problem for devices sitting behind a NAT router or firewall. That connection would then be used for HTTP – but in the reverse direction. That means, the server would use the connection established by the device to send HTTP requests to the device. There would also be a simple reflector service on the server, which would forward incoming HTTP requests for a device’s web interface to the device, over the reverse HTTP connection. So far so good. Now, I did some Googling today, and found that others have had similar ideas. There’s even an internet draft for Reverse HTTP that was submitted in March 2009. Great – this might some day even become a standard practice.