Re: [hybi] hybi Digest, Vol 51, Issue 14
Adam Rice <ricea@google.com> Wed, 12 June 2013 02:26 UTC
Return-Path: <ricea@google.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8E1121F9BAC for <hybi@ietfa.amsl.com>; Tue, 11 Jun 2013 19:26:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.677
X-Spam-Level:
X-Spam-Status: No, score=-1.677 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hH70-iytTIxX for <hybi@ietfa.amsl.com>; Tue, 11 Jun 2013 19:26:06 -0700 (PDT)
Received: from mail-bk0-x22b.google.com (mail-bk0-x22b.google.com [IPv6:2a00:1450:4008:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 72AD821F9BA6 for <hybi@ietf.org>; Tue, 11 Jun 2013 19:26:04 -0700 (PDT)
Received: by mail-bk0-f43.google.com with SMTP id jm2so3037282bkc.2 for <hybi@ietf.org>; Tue, 11 Jun 2013 19:26:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=IIbXbyn950VpY1uy+DkWq/iGF7//mLvjhOGwJfNs+qA=; b=HgXnbOUluc4JvV34D/EKvceoqfBWUSS1P+7C6b7Q3jPDOREy/e3Nf2kSxXW7GG5YWN CTFJNg+rM2H2SjoEr1qAB7C/YiW5NE1YHkx/PYnmzXgz6Ua/E6ONlvwFk8ENdtU9VBkq svnM74b/q/jRMtU2Y4vIf9AGjEmB+TCTXkqOCQT7BpQWtNJpauiqXFmBFPWk8ot85Ctw DXdzCVdIJNwnNpeST5gk7HZ7WPLOduYOnry1FvwXAU0LYbmcRJyfw6DC5mLL3/2r/0M7 7svDkL8oeJFs1dLPxZ39OM4sSfXuw8vOUaxxIwA1lGGMT+poLoxBtx02DiGy9nnD0/mW RBIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=IIbXbyn950VpY1uy+DkWq/iGF7//mLvjhOGwJfNs+qA=; b=c0DzbVTWyTJGy4Jb6DnXcjagkeUz6p12IWbeAj1iulOnwUU+wLfRl26o63rEZwSwf8 CDc/wsMuwWoQVeCvhIfr6jbGNXBkLkPw3KN/1JS2aNZm3obRk0v9IrQfiP8fgWiWtdSv zl3kAAdUXVMgLbVUUlzARhJ0tXkZBD5ob7GpxExcPOwq0Hlv6kehQwFcbPJJjXeaVLjw 4TRUSlpIDRPeBE3Wm4ZwyRS+GtIZoKyjEWhzXvusk3ANjGze6cPQkh9WKXLZKDVBMoyc nLMs+kTkTJ7q17TstpR6wvZ2f5dkkDZ9aWrDXhqeUBPnPwRJVmWi8w0VKSj+LrgSVln7 2sJg==
MIME-Version: 1.0
X-Received: by 10.204.183.16 with SMTP id ce16mr2688331bkb.91.1371003963929; Tue, 11 Jun 2013 19:26:03 -0700 (PDT)
Received: by 10.204.35.195 with HTTP; Tue, 11 Jun 2013 19:26:03 -0700 (PDT)
In-Reply-To: <CANEdHmhBk_Evwz9EEC85CY6u7Ca4tN+NQDePd67OvFz=tPuw9A@mail.gmail.com>
References: <mailman.3.1369767603.10801.hybi@ietf.org> <CANEdHmgDD4OCQf009FijtEjU=LzhLoNLZHvXsBxgROmzAyR4+w@mail.gmail.com> <CAH9hSJYfhnmCOF7a9uovsYLObqdXwop35JB6r3PscFwfeO=R=g@mail.gmail.com> <CANEdHmi7Rvb0SinwVmRBEFJMsVW3bPeOn_3f4qB33NfeYBJj6Q@mail.gmail.com> <CAHixhFp0YoacRBB4AxqNv5YEN9hrqmm32MJ+3o9NcRO1ojN9KQ@mail.gmail.com> <CANEdHmhBk_Evwz9EEC85CY6u7Ca4tN+NQDePd67OvFz=tPuw9A@mail.gmail.com>
Date: Wed, 12 Jun 2013 11:26:03 +0900
Message-ID: <CAHixhFo5EkvjLWzWqfaYBjOMw1DmS3k0Jm4kRVW8fTRvERNRxQ@mail.gmail.com>
From: Adam Rice <ricea@google.com>
To: Scott Morgan <scott@adligo.com>
Content-Type: multipart/alternative; boundary="20cf301ee34142212e04deebbcb3"
X-Gm-Message-State: ALoCoQl56DDp5DX94qnuB+ddCaN4Czp11bdnkrVhvV0sYY5z36ioGCHbrtPOWMdTYHdwaOAat4paE3XtdxYl1+ufdCVabifK91KfVt0YgykWU3sWMS2q3IFDTai/CNkzo/yhD6BTQwgoejKiRlqKWXJ6HXS7jRjuKknOTBL9VejTFj52UZdzK8+7wTac/ijEY9aIzH45Q+Lz
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] hybi Digest, Vol 51, Issue 14
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 02:26:07 -0000
On 12 June 2013 03:22, Scott Morgan <scott@adligo.com> wrote: > Yes it would be easier to implement with a cookie, however it drives me > nuts that cookies are usually used for additional location based > authentication. For instance, I use a few computers with 3+ user agents > (ie browsers) each to connect to my bank , and each browser on each > computer needs to have it's cookie verified at a additional level, which > creates extra work for users. > Personally I usually find the short session timeouts used by banks to be more aggravating. I'm not sure what you mean by "location based authentication". I don't want someone to have access to my account just because they are standing behind me. If you want to put the session ID in a URL, I would recommend making it >> single-use, although that means you need some mechanism to get a new >> session ID if the WebSocket connection fails. >> >> RFC6455 allows WebSocket connections to use a different proxy than HTTPS >> connections. Although I'm not aware of any client that actually implements >> this, you should not assume that all requests from the same sender will >> come from the same IP. >> > Could you be a little more specific as to where in RFC6455 it says this? > 4.1.3: NOTE: Implementations that do not expose explicit UI for selecting a proxy for WebSocket connections separate from other proxies are encouraged to use a SOCKS5 [RFC1928 <http://tools.ietf.org/html/rfc1928>] proxy for WebSocket connections, if available, or failing that, to prefer the proxy configured for HTTPS connections over the proxy configured for HTTP connections. > Also I understand you to mean something like; > Johns FF Browser -> Proxy A https request -> Https/WS Server > Proxy A dies, and Johns internet connection fails over to proxy B > Johns FF Browser ->Proxy B ws request -> WS Server > Is this what you meant? > No, I mean Johns FF Browser -> Proxy A https request from 1.1.1.1 to HTTPS/WS Server Johns FF Browser -> Proxy B ws request from 255.255.255.1 to HTTP/WS Server The proxy is selected based on the protocol, so there is no need to Proxy A to be dead for Proxy B to be used. Of course, there are other circumstances where Johns FF Browser might change IP address, for example when switching between mobile networks. Thanks, Adam
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Takeshi Yoshino
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Scott Morgan
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Scott Morgan
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Takeshi Yoshino
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Adam Rice
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Scott Morgan
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Adam Rice
- Re: [hybi] hybi Digest, Vol 51, Issue 14 Scott Morgan