I've exhausted myself reading the HTTP 1.1 (RFC2616) and HTTP Authentication (RFC2617) trying to understand how you make various network requests through a proxy server. But there are some parts left out and maybe I don't know what RFC covers these points.

I'll give one example and hopefully someone knows what's going on.

telnet proxyserver 8080
<connected>
CONNECT www.google.com:80 HTTP/1.1
Proxy-Authenticate: Basic <base64 of "username:password">
<blank line>

The server instantly replies with an HTML page saying that port 80 is not allowed. But this I don't understand because I'm working through the proxy server. Of course I can pull up external web pages on IE, Firefox, etc.

I even loaded up a packet sniffer "Ethereal (http://ethereal.sf.net)" to try to capture Firefox making proxy calls. The best I could see is it would open a connection to the proxy server and do a "GET http://www.google.com/ HTTP/1.1". I try that from telnet, and it says it failed authentication. What's wierd is that the packets I captured didn't have any Proxy-Authorization headers, so I don't know how it worked.

Is there an RFC that precisely defines the proxy server protocol? Any clues?