Re: 6455 Websockets and the relationship to HTTP

Loïc Hoguin <> Fri, 23 December 2016 15:32 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AF38E129678 for <>; Fri, 23 Dec 2016 07:32:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.001
X-Spam-Status: No, score=-10.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-3.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c2EVhSm_HllW for <>; Fri, 23 Dec 2016 07:32:03 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 62AB912964A for <>; Fri, 23 Dec 2016 07:32:03 -0800 (PST)
Received: from lists by with local (Exim 4.80) (envelope-from <>) id 1cKRmr-0005V0-Ni for; Fri, 23 Dec 2016 15:29:37 +0000
Resent-Date: Fri, 23 Dec 2016 15:29:37 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <>) id 1cKRmj-0005U7-FQ for; Fri, 23 Dec 2016 15:29:29 +0000
Received: from ([]) by with esmtps (TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <>) id 1cKRmi-00065t-ET for; Fri, 23 Dec 2016 15:29:29 +0000
Received: from [] ([]) by (mreue104 []) with ESMTPSA (Nemesis) id 0M0zHj-1cZ6LP2zvT-00v98m; Fri, 23 Dec 2016 16:28:32 +0100
To: Mark Nottingham <>, Wenbo Zhu <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
Cc: Patrick McManus <>, Takeshi Yoshino <>, "Martin J. Dürst" <>, Andy Green <>, Amos Jeffries <>, HTTP Working Group <>
From: Loïc Hoguin <>
Organization: Nine Nines
Message-ID: <>
Date: Fri, 23 Dec 2016 16:28:24 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:BHyJ7Sw9idYRmIrG3IRVBdlOCGu/mfhkZG2I6oO33r0wk/Zy3SC hf0IGn0lGyJTOYrKpow4RgnqUc0xtpxWBsQGXjP1bl+KsbNoBWoYj+sltXVIxsvGkFM4kRa OzeW8+DbKDW01y14JAq/c+ZX+2oErAcFK4cGMJGxU/IHPnxG7oX3z2/ak76g9DhgtnhdMzo /R2m4YbWUyKhK4ewB66jA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:pqIzRxJG0QY=:pUrkGOJA06PKJ4Lo+PWUEI OokcyFQ2w+Gm1m1WJa7lV/zetX2ORoKs99ctlm0R1h+mpj91zQOat8TQOTmr2/Uewe74ppgYq 4BDl1QqW+uOEFC345fHBaMvPWRrBlDRAn+s4XCEWzl4UmXKuxMEzXjx2qrZzrrRkCkyD4pAZB SWiiDiJOOxyzKLbE6KhBeuJxBeDjryZlycXbGPE+oVZj8pFSomx87claTQuPtbKkt1sndAyad 2zqq9bhOwvaHDlkHCzm96c1J0681hbXqbEJn316RFY9xy9vQrHlJNR4gEvEKHqrefB2VEjfpB 74XJtPbvWMgac7nucSHtm27CQYqNmZufMqLB9utUyDtMn2jJVb+psidVRVpIka/G9Fdka9lts DqZNvCB+M5/zBTPkDhC2nzSfZ7JLIJHdoygXSidfdcV1/zI4j4p8FoufksWVF41aLAZ3wisGm AQeAkWkKVTeR6Ydh6xv8pBfLwdmB9CY/Fx8G6RwndPVXUCoIB1qdxiFKCQeWMV+UGntfhsqC9 Or6hnG0kN+0yTtQw6elPdziNDbItvHLB/9xFdGHdA+Dl42qtqY8J8uGgBkCihcKtQETajf+6p klex8Wd3n0eNFtoB9vNtJDKjnV96jMT44dvsF/IcJGqc1vcNKbuPzWhafc8Bn984dWokc7jeA b0GpH3ljINpYGmgbU6CBU00z4wqXJkKKwESiUMgKyObVtRF5kxg7bmk0JnsnQraXw7YxCQ50R /QN6npR8hcdKYVa6
Received-SPF: none client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: 1cKRmi-00065t-ET 818cacf6b0ad83d8efeab250730c911a
Subject: Re: 6455 Websockets and the relationship to HTTP
Archived-At: <>
X-Mailing-List: <> archive/latest/33235
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

On 12/23/2016 03:40 PM, Mark Nottingham wrote:
> Sorry to perpetuate this thread, but...
> On 15 Dec. 2016, at 11:39 am, Wenbo Zhu <> wrote:
>> On non-browsers,
> *confused*
> AIUI the *only* reasonable use case for WebSockets is browsers; who is using it without a browser?
> (keeping in mind that WS is effectively TCP constrained by the Web security / same-origin model)

The three bigger Websocket users I have seen are:

* browsers;
* phone applications;
* servers

Excluding Websocket sub protocols, generally the pattern is the same: a 
server has an HTTP API and some of that API is implemented using 
Websocket to allow the server to push data to the client.

This usage can arguably be replaced by HTTP/2 with push. It is closer in 
spirit to text/event-stream, while also allowing binary data without 
using base64 on that data beforehand. It's not TCP but rather a more 
generalized event push mechanism than text/event-stream provides.

Most of the cases I have seen the usage is much lighter than HTTP/2 push 
provides; there's no cache involved, and the intent is to send the event 
to the client as soon as possible (ie without having to go through the 
push promise and response headers first).

A Websocket over HTTP/2 would allow those users to use the HTTP and 
Websocket API over a single connection.

Servers that use Websocket to speak to each other simply use the same 
interface other clients do. For servers it's more about code reuse than 
any other considerations. Developer implements HTTP/Websocket server for 
phone apps; writes a client module for testing this server; uses the 
client module to speak to other servers.

The same-origin only seems useful for browsers in practice, I have not 
seen it applied elsewhere.

Loïc Hoguin