IETF Logo Mail Archive

Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt

Ian Fette (イアンフェッティ) <ifette@google.com> Thu, 08 September 2011 20:37 UTC

Return-Path: <ifette@google.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E124C21F8B1A for <hybi@ietfa.amsl.com>; Thu, 8 Sep 2011 13:37:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.398
X-Spam-Level:
X-Spam-Status: No, score=-105.398 tagged_above=-999 required=5 tests=[AWL=0.278, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O70m4k4IQ9Kn for <hybi@ietfa.amsl.com>; Thu, 8 Sep 2011 13:37:21 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by ietfa.amsl.com (Postfix) with ESMTP id EB3EB21F8AFD for <hybi@ietf.org>; Thu, 8 Sep 2011 13:37:20 -0700 (PDT)
Received: from wpaz29.hot.corp.google.com (wpaz29.hot.corp.google.com [172.24.198.93]) by smtp-out.google.com with ESMTP id p88Kd7vj019228 for <hybi@ietf.org>; Thu, 8 Sep 2011 13:39:07 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1315514347; bh=U15OoJThAP05jdMWYl18Hh2HFec=; h=MIME-Version:Reply-To:In-Reply-To:References:Date:Message-ID: Subject:From:To:Cc:Content-Type; b=BxuaD0b5KTaX9hagMLyqvzQF3cD1KB9yvtVXjJX9V2d+W5HpO7ufch31KtcaJ+HwJ yDM1aSJ5kJ0My/N6VgeXw==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=dkim-signature:mime-version:reply-to:in-reply-to:references:date: message-id:subject:from:to:cc:content-type:x-system-of-record; b=Iabp+7h7PF/AOUQ9ahgdzZsFhNfYMME7u73dvE7btDoAgNvQr2QAmz/aR8Uoa94N6 rHdWlxBf+dugZ2pck6wKA==
Received: from yie16 (yie16.prod.google.com [10.243.66.16]) by wpaz29.hot.corp.google.com with ESMTP id p88KbkDv024901 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for <hybi@ietf.org>; Thu, 8 Sep 2011 13:39:06 -0700
Received: by yie16 with SMTP id 16so462303yie.1 for <hybi@ietf.org>; Thu, 08 Sep 2011 13:39:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=9JYDMID8FozeRHyj1vXjkozgjm9+mHtU16nbUGL27UI=; b=eijUOi5NWieBEnsjd0rMb5MLiuftKH9etyGl05zbtv1B8HuiD2kUMK/YjtLpWSxby8 i10MW4D/7/uF/BrCimbA==
Received: by 10.42.197.73 with SMTP id ej9mr499706icb.50.1315514346622; Thu, 08 Sep 2011 13:39:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.42.197.73 with SMTP id ej9mr499699icb.50.1315514346496; Thu, 08 Sep 2011 13:39:06 -0700 (PDT)
Received: by 10.231.32.134 with HTTP; Thu, 8 Sep 2011 13:39:06 -0700 (PDT)
In-Reply-To: <C2CBF8E1-ADC8-48F9-AB82-B98151A36A81@bbn.com>
References: <20110831184207.1514.64093.idtracker@ietfa.amsl.com> <0fc901cc6878$1681eec0$0a00a8c0@Venus> <CAH9hSJb2rH+fX0AnekYxsEkHKzb15aHrg_hDQw1baWLiWBF-3w@mail.gmail.com> <17b501cc6d31$3016d6d0$0a00a8c0@Venus> <C2CBF8E1-ADC8-48F9-AB82-B98151A36A81@bbn.com>
Date: Thu, 08 Sep 2011 13:39:06 -0700
Message-ID: <CAF4kx8cbDwkEeNXkbK7VU3Mvn+QNObueqAdQoe9VkC5H=8VEng@mail.gmail.com>
From: "Ian Fette (イアンフェッティ)" <ifette@google.com>
To: "Richard L. Barnes" <rbarnes@bbn.com>
Content-Type: multipart/alternative; boundary="20cf303bffb051e43704ac740d8b"
X-System-Of-Record: true
Cc: hybi@ietf.org
Subject: Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ifette@google.com
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2011 20:37:22 -0000

I don't think we can go back on c->s masking. If someone really cares within
a datacenter, they are free to do nonstandard things within their own
infrastructure at their own risk, but I don't see why we would need to
mention that within a standard.

I don't see how a client would necessarily know that it's safe to disable
masking or not, and so I really don't think we should reopen that can of
worms.

As for S->C, I am ambivalent as to whether it's MAY or MUST NOT.

On Wed, Sep 7, 2011 at 5:14 AM, Richard L. Barnes <rbarnes@bbn.com> wrote:

> Sorry if I'm missing something (I missed the beginning of the thread), but
> are there people out there who actually *want* masking from the server to
> the client?  The work by abarth, ekr, et al. showed a roughly 40%
> performance hit due to masking under some circumstances -- presumably adding
> s2c masking would degrade performance even further.
>
> --Richard
>
>
> On Sep 7, 2011, at 3:38 AM, Len Holgate wrote:
>
> >>      If we allow the server to mask frames, clients need to
> >> implement logic for unmasking to prepare for them. As we
> >> don't know any important use-case of server-to-client
> >> masking, I think we should just forbid it.
> >>      OLD: All frames sent from the server to the client are
> >> not masked.
> >>      NEW: All frames sent from the server to the client MUST
> >> NOT be masked.
> >>
> >>      Let's also change
> >>      OLD: All frames sent from the client to the server are
> >> masked to avoid ...
> >>      NEW: All frames sent from the client to the server MUST
> >> be masked to avoid ...
> >
> > That sounds good; well better than it being vague anyway.
> >
> > Now, of course, the masking bit in the header is pretty much redundant...
> >
> > Equally good would be:
> >
> > OLD: All frames sent from the server to the client are not masked.
> > NEW: All frames sent from the server to the client CAN be masked but
> there's
> > no technical or security reason for them to be and so in most cases they
> > SHOULD NOT be masked.
> >
> > Clients already have the code to mask/unmask, the logic isnt that
> complex...
> >
> > Len
> > http://www.serverframework.com
> >
> > _______________________________________________
> > hybi mailing list
> > hybi@ietf.org
> > https://www.ietf.org/mailman/listinfo/hybi
>
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi
>

v2.23.0 | Report a Bug | By Email