Re: [hybi] Websocket success rates and TLS extension.

Justin Erenkrantz <> Sat, 17 April 2010 07:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E0C413A6A89 for <>; Sat, 17 Apr 2010 00:46:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.724
X-Spam-Status: No, score=-0.724 tagged_above=-999 required=5 tests=[AWL=1.254, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6oiCALyd2bV3 for <>; Sat, 17 Apr 2010 00:46:10 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 85B233A6912 for <>; Sat, 17 Apr 2010 00:46:09 -0700 (PDT)
Received: by with SMTP id 9so1078950qwb.31 for <>; Sat, 17 Apr 2010 00:45:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:received:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=f4a2kedvmmJ+QV8xGbW8H2NfIC3JmqYYa+iDTnkj5/g=; b=kaxqD5t9I6nGnLjiKh5BjFEojbl3i0+Px+bqYyCjnlKzWoMYV0YeOCLRgdYRcZL1Rx RgAPfJ3W36ytgFQH/XTp6g6rHXX39VLimQCXuQm+KPXHvHsdFlVlc1XsDZ26o1XRyWLm RB7fFmuL3VHWbEopcTNA6SliZ8roOwKVqrEjY=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=U1XAuauRS/PunNZf79xEToRwxl9Ms+LjnG6eYQnhDjjPRB3ysXOk2mIseJmryaUVC5 mYkPlNJJXaZoOVnlosFHpZS5dVixVc0QpCM5DEViOzIFMNTmgH/+u8D4apsaoxfjLiue SS1qNRLAJlD8fVwa2bXUF4dhqjC/hHGzlKDzo=
MIME-Version: 1.0
Received: by with HTTP; Sat, 17 Apr 2010 00:45:58 -0700 (PDT)
In-Reply-To: <>
References: <>
Date: Sat, 17 Apr 2010 00:45:58 -0700
X-Google-Sender-Auth: c4b7ca63f391bb51
Received: by with SMTP id ct19mr3770782qcb.16.1271490358516; Sat, 17 Apr 2010 00:45:58 -0700 (PDT)
Message-ID: <>
From: Justin Erenkrantz <>
To: Greg Wilkins <>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: "" <>
Subject: Re: [hybi] Websocket success rates and TLS extension.
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 17 Apr 2010 07:46:11 -0000

On Tue, Apr 6, 2010 at 1:11 AM, Greg Wilkins <> wrote:
> Because TLS negotiations represent round trips, they
> don't want extra round trips for framing negotiations.
> Hence they have proposed a TLS extension to allow
> protocol negotiation during TLS handshake.
> This would allow a TLS connection to be negotiated
> with an application protocol and further round trips
> avoided.

Sorry for coming back to this, but Mike's later posts reminded me of
this comment as a way to reduce round-trips.

This is interesting, but the ID doesn't really contain a useful
description of how it would be implemented - it punts that out of
scope and that's the more critical bit, I think.  I'm just not sure I
understand what the "selected_protocol" field would say at all.

Regardless of the vagueness of this ID, doing something to optimize
latency is important.  If this TLS extension makes it way into
OpenSSL, I'm sure httpd/mod_ssl could easily pick up on it.  Is an
implementation available or planned?

I don't know how hard it is for Java servers to support TLS extensions
- I'm sure you know, Greg.  =P  -- justin