IETF Logo Mail Archive

Re: [hybi] #1: HTTP Compliance

Maciej Stachowiak <mjs@apple.com> Mon, 17 May 2010 09:31 UTC

Return-Path: <mjs@apple.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C45F63A6965 for <hybi@core3.amsl.com>; Mon, 17 May 2010 02:31:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.463
X-Spam-Level:
X-Spam-Status: No, score=-104.463 tagged_above=-999 required=5 tests=[AWL=-0.464, BAYES_50=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yVz7iszVQS3J for <hybi@core3.amsl.com>; Mon, 17 May 2010 02:31:44 -0700 (PDT)
Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22]) by core3.amsl.com (Postfix) with ESMTP id 4C8383A690A for <hybi@ietf.org>; Mon, 17 May 2010 02:29:52 -0700 (PDT)
Received: from relay16.apple.com (relay16.apple.com [17.128.113.55]) by mail-out3.apple.com (Postfix) with ESMTP id 6B47492FF267 for <hybi@ietf.org>; Mon, 17 May 2010 02:29:44 -0700 (PDT)
X-AuditID: 11807137-b7c23ae000001561-a4-4bf10c884ff2
Received: from et.apple.com (et.apple.com [17.151.62.12]) by relay16.apple.com (Apple SCV relay) with SMTP id 4C.A5.05473.88C01FB4; Mon, 17 May 2010 02:29:44 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from [10.0.1.6] (c-69-181-42-237.hsd1.ca.comcast.net [69.181.42.237]) by et.apple.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit)) with ESMTPSA id <0L2K00CIA51JUZ60@et.apple.com> for hybi@ietf.org; Mon, 17 May 2010 02:29:44 -0700 (PDT)
From: Maciej Stachowiak <mjs@apple.com>
In-reply-to: <4BF106AD.6020506@webtide.com>
Date: Mon, 17 May 2010 02:29:43 -0700
Message-id: <A42E692A-7210-4FF1-AB4F-CFB3E8C38756@apple.com>
References: <068.d07026741c6694cd80652d2a7d34f236@tools.ietf.org> <4BF106AD.6020506@webtide.com>
To: Greg Wilkins <gregw@webtide.com>
X-Mailer: Apple Mail (2.1078)
X-Brightmail-Tracker: AAAAAQAAAZE=
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] #1: HTTP Compliance
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 May 2010 09:31:46 -0000

On May 17, 2010, at 2:04 AM, Greg Wilkins wrote:

> 
> All,
> 
> I know this issues has been somewhat sidetracked by the
> discussion about TLS.
> 
> However, this particular requirements is conditional for only when
> sharing a port with HTTP, so I think it valuable to continue to
> try to finalize this requirement.

I think we need to reframe this requirement so that it makes sense even if we change the handshake to be at the TLS level rather than at the HTTP level. Both the current requirement and the new requirement would make no sense if the handshake was done via TLS.

> 
> Currently there is no clear consensus either way, with perhaps
> a few more voices against compliance is not required.
> 
> For firstly, I'd like to encourage all list lurkers to
> speak up and help sway the debate one way or the other.
> 
> Also, in an attempt to move the conversation on, I'd like
> flip the question around and ask if somebody can clearly
> state what is the down side of adopting HTTP compliance
> other than it might force a breaking change in the
> -76 draft.   Is there some other requirement that can only
> be achieved by breaking compliance?


Ian has claimed that the extra bytes after the request help WebSocket fail early in the face of unaware proxies, though we do not yet have data showing this to be the case. We do know that without this, often the handshake will appear to succeed but transmitting messages will fail, for the network setups of many users.

I don't think anyone has indicated a practical problem caused by the extra bytes.

If we do get evidence that the extra bytes make the WebSocket protocol work better, and if we do not get evidence that they actually cause a problem for WebSocket servers that are sharing a port with a Web server, then I think we should sacrifice theoretical purity for practical benefit.

That being said, this whole issue is irrelevant if we switch to TLS-only and a handshake based on nextprotoneg (and possibly TLS upgrade followed by nextprotoneg).


We should try to frame the requirements so they do not overly depend on the technical details of the current draft. If a requirement could be completely invalidated by a plausible technical change, then it is framed the wrong way and depends too much on protocol details. It would be an indication that we're trying to move issues that should be technical decisions about the protocol into the requirements document.


Therefore, I think the "HTTP compatible/compliant" requirement should be deleted completely, or rewritten to make sense for any plausible handshake. 


I note that the following requirement would apply reasonably to both the current draft mechanism and the proposed TLS-based handshake (with perhaps added specific mention of HTTPS):

"The WebSocket protocol MUST allow HTTP and WebSocket connections to be served from the same port.  Consideration MUST be given:
         * to provide WebSocket services via modules that plug in to existing web infrastructure.
         * to making it possible and practical to implement standalone implementations of the protocol without requiring a fully conforming HTTP implementation."

and should cover all the practical issues that would actually be faced by servers in either scenario.

Regards
Maciej

v2.23.0 | Report a Bug | By Email