IETF Logo Mail Archive

Re: [hybi] Web sockets and existing HTTP stacks

Mridul Muralidharan <mridulm80@yahoo.com> Mon, 01 February 2010 10:46 UTC

Return-Path: <mridulm80@yahoo.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1F1B228C114 for <hybi@core3.amsl.com>; Mon, 1 Feb 2010 02:46:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.024
X-Spam-Level:
X-Spam-Status: No, score=-3.024 tagged_above=-999 required=5 tests=[AWL=0.582, BAYES_00=-2.599, GB_I_INVITATION=-2, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JDGY2QKCOU+F for <hybi@core3.amsl.com>; Mon, 1 Feb 2010 02:46:19 -0800 (PST)
Received: from web95402.mail.in2.yahoo.com (web95402.mail.in2.yahoo.com [203.104.18.226]) by core3.amsl.com (Postfix) with SMTP id D017128C0E9 for <hybi@ietf.org>; Mon, 1 Feb 2010 02:46:14 -0800 (PST)
Received: (qmail 31363 invoked by uid 60001); 1 Feb 2010 10:46:47 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1265021207; bh=YRuiUV9YaXfiBN9/Okznpik20lEpVM1O/joe2q051G4=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=dVm52UtDwm+M0LemN/xPdBIaNi9NFeeNaH5v1oB4mwTUGE675kXuWLRU5hhVy87RQYxIu3FYyBOyzLpjcSq0gSz/HHwfAFacUKxOgyWpZkJj9Ezi+y5pruCmsG1CGvu++MgbZForsnIv+OFNJWmXEgapJRY5AWQHPFJhUeVcOiQ=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=DNvMx2DUWpXch2hmFIA03MCR1iziNrqq0bUmrwyoGpU8aEJEgCjWvcIUzXlIUPpsPcJ9U8orMMd2kQ6stGnWeJ/oQfvZlqlHz4x1fvGZcH2qTNCw96YU0Fi/kcNcIGT2vgFvcTPJdVsg19wqOfS+emxzyvz+Qz1WawAXnq1vAwU=;
Message-ID: <765230.29362.qm@web95402.mail.in2.yahoo.com>
X-YMail-OSG: lHPUgn0VM1nhC2ny_9BUHknSmaq9pheOzMvLdhIjU5XvJ8wKn_TAfp.s.M0hDSmPAGH7sz.ouW8aXfn6J2F96kHvEAclgTpxPIVfYM2lkd_8eaS83.A_WxAYEU5RtY9.rlhZZBz5_1wyEyBr0URZTtkmiCleWbLKH.pPo2X6n8BxxafG9G5DjBoDG.rU3j6It1U883dZxIukZEV74eA9Um4x6NNJl1QKBk3txDiLWlrceUeK8YfkfcHhN5KUuIVOalv0bC9oKTmHJTyyeyEfyEo3Ndzc5or6xutABuSTLmcHQ3h0
Received: from [203.83.248.32] by web95402.mail.in2.yahoo.com via HTTP; Mon, 01 Feb 2010 16:16:47 IST
X-Mailer: YahooMailRC/272.7 YahooMailWebService/0.8.100.260964
References: <557ae280911171402v7546e5e7n93a1e57f87dc10e5@mail.gmail.com> <Pine.LNX.4.62.0912032347360.15540@hixie.dreamhostps.com> <4B2C1D52.9020505@webtide.com> <5c902b9e0912181640n497169cdrfa71f9a2908e6ef3@mail.gmail.com> <20091219005442.GA10949@shareable.org> <4B2C287E.1030006@webtide.com> <Pine.LNX.4.64.1001310835410.3846@ps20323.dreamhostps.com> <5821ea241001311219j111d25a3h27fb2d05a2ece32d@mail.gmail.com> <20100201012914.GC20940@shareable.org> <470737.82505.qm@web95410.mail.in2.yahoo.com> <ad99d8ce1001312340y1056d7f6w2c570bdbb724edb1@mail.gmail.com>
Date: Mon, 01 Feb 2010 16:16:47 +0530
From: Mridul Muralidharan <mridulm80@yahoo.com>
To: Roberto Peon <fenix@google.com>
In-Reply-To: <ad99d8ce1001312340y1056d7f6w2c570bdbb724edb1@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Cc: hybi@ietf.org
Subject: Re: [hybi] Web sockets and existing HTTP stacks
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2010 10:46:20 -0000



>
>From: Roberto Peon <fenix@google.com>
>To: Mridul Muralidharan <mridulm80@yahoo.com>
>Cc: Jamie Lokier <jamie@shareable.org>; Pieter Hintjens <ph@imatix.com>; hybi@ietf.org
>Sent: Mon, 1 February, 2010 1:10:08 PM
>Subject: Re: [hybi] Web sockets and existing HTTP stacks
>
>I am a server developer
>I do expect that if something goes over port 80, it should conform to HTTP spec until the spec agrees that it no longer applies.
>We have a significant and large population of users who have no understanding of the underpinnings of the technology-- all they want is their web pages to work. 
>
>
>If you're seriously saying that we should not acknowledge that the web is broken over anything other than port 443 (heck, I don't even think that you can claim that port 80 works all the time, especially if you want to use UPGRADE, etc.), I'm interested in hearing about hard data that supports that assertion.
>

I am not sure what is the assertion being referred to here.
My point, in a nutshell was, trying to get arbitrary protocols running on top of port 80 (pls note : not on top of http) just cos it is opened by almost all deployments [proxies, firewalls, etc] is subverting/breaking intermediaries.
443 has been a prime candidate for this for quite a while now.


>
>
>
>
>
>In other words, If deployment using a new port isn't a problem, what is the solution? Whatever it is, should it exist, I'd be happy to use it. 
>-=R


Use 80 if it is HTTP, else dont.
HTTP leading to XYZ is a different case (through upgrade, etc) - since it is done explicitly. From what I understand, websockets tries to not take this route, but masquerade as http. Any intermediary (corporate firewall for example) cant control this sort of access transparently.


>
>
>>On Sun, Jan 31, 2010 at 10:32 PM, Mridul Muralidharan <mridulm80@yahoo.com> wrote:
>
>----- Original Message ----
>>
>>>>> From: Jamie Lokier <jamie@shareable.org>
>>>>> To: Pieter Hintjens <ph@imatix.com>
>>>>> Cc: hybi@ietf.org
>>
>>> Sent: Mon, 1 February, 2010 6:59:14 AM
>>>>> Subject: Re: [hybi] Web sockets and existing HTTP stacks
>>>>>
>>> Pieter Hintjens wrote:
>>
>>> > On Sun, Jan 31, 2010 at 10:22 AM, Ian Hickson wrote:
>>>>> >
>>>>> > > Well, yeah. That's going to be the case with any protocol that shares its
>>>>> > > port with HTTP. Web Socket tries to make this easier by making it at least
>>>>> > > _possible_ to parse the header with an HTTP stack, if not necessarily
>>>>> > > easy.
>>>>> >
>>>>> > Do you not understand the impact of breaking (cheerfully or not) a
>>>>> > 30-year standard respected by the entire Internet?
>>>>> >
>>>>> > Post 80 is not shared by protocols.  Port 80 IS HTTP by definition, by
>>>>> > contract.
>>>>>
>>>>> It is a fact that internet access is only granted over ports 80
>>>>> and/or 443 at some locations.
>>>>>
>>>>> This is why WebSocket uses those.  It is for that practical reason,
>>>>> not from a desire to break the port convention.  Thus there is no
>>>>> point complaining on port convention grounds.
>>
>>
>>This is an oft-repeated argument in this list, and in some xmlrpc/WS lists - and I am not very sure I buy the argument.
>>>>There is a reason why only http is allowed by a lot of firewalls and proxies - and it is a deployment choice the customer makes : whether driven by security concerns, convention, or other - it is a conscious decision at times (not always, I admit).
>>
>
>
>At times? What percentage of web users out there know how it all works? .. and driven by "convention" is a poor reason to do something.

I am not referring to endusers - but to deployers and admins. ISPs, admins and the like.
Hope that clarifies.
HTTP-like is not HTTP.


Thanks,
Mridul

>
>
>>>
>>
>>>>The reasoning that - port 80 is not blocked, so let us tunnel protocol xyz over it, is not a very good line of reasoning: it is not an invitation for protocol designers to tunnel arbitrary protocols on top of http.
>>>>Either you send http on top of port 80, or use something else - so that a deployment has control : both in terms of security concerns, intermediaries which can be deployed, contractual validation, etc.
>>
>
>
>All of those things can still do the right thing over port 80. They see what they don't like, then they can drop it.
>.. and much of the difficulty in deploying anything "new" on the web today is because of intermediaries that the user doesn't know exist (and thus couldn't desire the presence of..)
>
>
>-=R
>
>
>
>>>>My 2 cents.
>>>>Regards,
>>Mridul
>>
>>
>>
>>>>>
>>>>> An earlier version of WebSocket proposed port 81, but that was changed to 80.
>>>>>
>>>>> I do wonder if those sites only allowing port 80 all run intercepting
>>>>> proxies on port 80 which would prevent WebSocket using it, so that it might
>>>>> as well use port 81 anyway. Anybody know?
>>>>>
>>>>> -- Jamie
>>>>> _______________________________________________
>>>>> hybi mailing list
>>>>> hybi@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/hybi
>>
>>
>>
>>
>>     Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/
>>>>
>>_______________________________________________
>>
>>hybi mailing list
>>hybi@ietf.org
>>https://www.ietf.org/mailman/listinfo/hybi
>>
>


      The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/

v2.23.0 | Report a Bug | By Email