I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.


This document specifies how to proxy IP packets using HTTP.
The protocol defined allows for a client to establish a tunnel
with an HTTP server that acts as an IP proxy.

The document is well written and straightforward in its descriptions.
I only have one minor nit.

Nits:
Section 4.5 - It would be good to clarify some error/unsuccessful
codes that speak explicitly to the proxy setup being unsuccessful as well.
I presume codes NOT in 2xx are deemed to be error/unsuccessful like
 305, 407, et al though not sure they either apply or
not apply. Perhaps adding a clause to the first bullet to clarify
That status codes of anything BUT 2xx should be deemed as unsuccessful
And must then abort the request.