Re: [hybi] Call for interest: multiplexing dedicated for WebSocket

Adam Rice <ricea@google.com> Thu, 30 May 2013 04:12 UTC

Return-Path: <ricea@google.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92BE121F8FB3 for <hybi@ietfa.amsl.com>; Wed, 29 May 2013 21:12:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.376
X-Spam-Level:
X-Spam-Status: No, score=-1.376 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_24=0.6, NO_RELAYS=-0.001, WEIRD_PORT=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rJAPrDErXjDA for <hybi@ietfa.amsl.com>; Wed, 29 May 2013 21:12:02 -0700 (PDT)
Received: from mail-bk0-x22d.google.com (mail-bk0-x22d.google.com [IPv6:2a00:1450:4008:c01::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 2BA7511E80A2 for <hybi@ietf.org>; Wed, 29 May 2013 21:12:01 -0700 (PDT)
Received: by mail-bk0-f45.google.com with SMTP id je9so4636557bkc.32 for <hybi@ietf.org>; Wed, 29 May 2013 21:12:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=2Gqa62vkwEscMwNSQQXCZ/3uD7BK4B5o6PS37hvSpOU=; b=adw/ePRZdOg0J3yHmBNbUO9fJ3SxOIZGgdEDLHoJGKRgrmFp5GjZav/FL9aWF1r252 PIcTSCWAwEHFrhWQTyKgUAuKwdzhy3/9robfeyAr7QKjWRobf9e4V1RoDcfGv+htozRZ hw5I6TQC7cp+cWt8vpwrqSA/7SD+bGV3bwuYnwO/c+K3h0RuhRshU7atjEhpwxHyJmdf rJbWzp93m67umnWn81oooTdWjS7o4n58IhckCK/JRu9fN0NoY5Wu+U2AajZgW43QJjJa biUkhMldiUbh665C85p/tSkBw5szoA1z1Iygxvn0lPJHAZwkZyG8zSIfyav9qcIPXfI9 1fag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=2Gqa62vkwEscMwNSQQXCZ/3uD7BK4B5o6PS37hvSpOU=; b=apJccTgnUaXCrbcQ75WQx37KNrLln/GGoddtG993V51Y/1iDoCIG7mCHXIHCyh2g+5 aQdRjDC0HpB3uayc/1V37SkrT6R71F2kyTiUjcpYiXEV2WVVkI8RDaVIOatYkcAUAJXr BTmmA0qQlpPKQpO0LpptwfBQnfsWdDWiEKHIMTtwR+vyxEyRi63LvbPdqKsHaSyh7eKI k+R5Mfr5z0Px0/ocU6EOVHuYNJ2dxWg6zX3P6wTW9QQ9UDZ1A+WlfqgV9jE2uhPMAsdg FxB3qmGtylrhnLwmcHgy2HZg/aSpQ+w3MPpHVkYHoSgKP1x6BRWC580sm4Ar620bHDJd GkfA==
MIME-Version: 1.0
X-Received: by 10.205.115.73 with SMTP id fd9mr1147932bkc.58.1369887121039; Wed, 29 May 2013 21:12:01 -0700 (PDT)
Received: by 10.204.26.140 with HTTP; Wed, 29 May 2013 21:12:00 -0700 (PDT)
In-Reply-To: <634914A010D0B943A035D226786325D4422C3DA774@EXVMBX020-12.exch020.serverdata.net>
References: <CAH9hSJZxr+aG7GZa4f-dUOTGj4bnJ+3XxivUX4jei5CMyqN4LQ@mail.gmail.com> <634914A010D0B943A035D226786325D4422C319646@EXVMBX020-12.exch020.serverdata.net> <CAH9hSJYrrbSM3TTSKCQ=AMcwCfE4zqNAa1kuAvecrXZTLqy2gQ@mail.gmail.com> <634914A010D0B943A035D226786325D4422C3DA774@EXVMBX020-12.exch020.serverdata.net>
Date: Thu, 30 May 2013 13:12:00 +0900
Message-ID: <CAHixhFrTk79A07BjQCgvep_+bmA4rGG1ZvqmoS6gsQYNPyPoZA@mail.gmail.com>
From: Adam Rice <ricea@google.com>
To: Tobias Oberstein <tobias.oberstein@tavendo.de>
Content-Type: multipart/alternative; boundary=14dae9c0971c3bbed704dde7b3cf
X-Gm-Message-State: ALoCoQlmMsRNDf9ZL5bv09aXIym1Q5JPHsBJrt/0+c/3QT5KRUsDiQibz2e0fCtG+c38o1SJkDWczxmuzBFDB+je4EVzIF59/SlSwrBbpGGN3ynTcTdOB7Q2rJNKlkSWc/K7BNml5GI/FuI0Gr5qbr3FRfMt0qSljQFcx2YeCO4VrdAlHXt0f4UKCNIaYB11xn4gGNFs5G3i
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Call for interest: multiplexing dedicated for WebSocket
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2013 04:12:03 -0000

On 27 May 2013 20:59, Tobias Oberstein <tobias.oberstein@tavendo.de> wrote:

> I had a look into the MUX RFC again .. couldn't find anser to the
> following (may have missed sth):
>
> What WS addresses would be eligible to be multiplexed over a single WS
> connection?
>
> a) ws://somehost.com:999/
> b) ws://somehost.com:999/foo
> c) ws://somehost.com:999/bar
>
> d) wss://somehost.com:999/
> e) wss://somehost.com:999/foo
> f) wss://somehost.com:999/bar
>
> All of a) - f) are to the same target IP:port and hence could share the
> same TCP.
>
> However, d) - f) use wss, and hence have a TLS handshake right after TCP
> establishment.
>

While you certainly can serve both ws: and wss: on a single port, and I can
see cases where you might want to, I would not in general consider it to be
a good idea.


> So d) - f) cannot be multiplexed over the same physical WS as a) - c)?
>
> Or can an implementation just "silently" transport a)-c) also over wss,
> and hence multiplex all of a) - f) over 1 physical WS?
>

The handshake does not currently include the schema, so there would be no
way to communicate to the server that a)-c) were supposed to be ws:, not
wss:.

Even if this was amended, both client and server would have to be careful
that no ambient authority leaked from the wss: channels to the ws:
channels. For example: the client would have to be careful not to send
"secure" cookies with the ws: handshakes, and the server would have to be
careful not to apply any authority contained in a client TLS certificate to
the ws: logical channels.

For this reason, I think it would be easiest not to attempt to multiplex
ws: and wss: onto a single TCP/IP connection.


> Lastly, a)-c) are to the same target IP:port and also WS schema (ws, not
> wss) - and hence can be multiplexed over 1 physical WS even though they are
> to different URL paths?
>

Yes. These semantics are inherited from HTTP/1.1.

Adam Rice