IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Greg Wilkins <gregw@webtide.com> Mon, 11 October 2010 12:26 UTC

Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6A9123A69DC for <hybi@core3.amsl.com>; Mon, 11 Oct 2010 05:26:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.753
X-Spam-Level:
X-Spam-Status: No, score=-1.753 tagged_above=-999 required=5 tests=[AWL=0.223, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M0TDaNZgYlv3 for <hybi@core3.amsl.com>; Mon, 11 Oct 2010 05:26:51 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id 376E13A69B6 for <hybi@ietf.org>; Mon, 11 Oct 2010 05:26:50 -0700 (PDT)
Received: by iwn10 with SMTP id 10so4592191iwn.31 for <hybi@ietf.org>; Mon, 11 Oct 2010 05:28:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.231.159.203 with SMTP id k11mr4444672ibx.115.1286800082477; Mon, 11 Oct 2010 05:28:02 -0700 (PDT)
Received: by 10.231.39.199 with HTTP; Mon, 11 Oct 2010 05:28:02 -0700 (PDT)
In-Reply-To: <9B9FA451-5551-4434-8EC1-BAC834FB9A61@apple.com>
References: <4CAFA043.10101@caucho.com> <AANLkTi=eo-cjBz160FN0cn53v4-CpDSYaEneqkr_ZP7k@mail.gmail.com> <4CAFAC2B.5000800@caucho.com> <55bva61goeqtn0lifgjt5uihf50obh7kf4@hive.bjoern.hoehrmann.de> <4CAFB9C4.6030905@caucho.com> <AANLkTinv5Ym5jwUEqS76z3UkVa7GpmOBT_WXhBbFK0-m@mail.gmail.com> <20101009055723.GL4712@1wt.eu> <AANLkTimY2DjxgZybibSRtc7L34Wns2KhQC=Wa9K6PYku@mail.gmail.com> <20101009204009.GP4712@1wt.eu> <AANLkTi=Az0RmE1Uipo068zMh3YzgMpM2tQ+zYxaDT47A@mail.gmail.com> <20101011053354.GA12672@1wt.eu> <4CB2D7BD.1070004@opera.com> <9B9FA451-5551-4434-8EC1-BAC834FB9A61@apple.com>
Date: Mon, 11 Oct 2010 23:28:02 +1100
Message-ID: <AANLkTimDc_aqRTtgRpMKhdhk6x+vPGyOPvU3A=6mK9S7@mail.gmail.com>
From: Greg Wilkins <gregw@webtide.com>
To: Maciej Stachowiak <mjs@apple.com>
Content-Type: multipart/alternative; boundary="005045015627d0246e0492567d57"
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Oct 2010 12:26:52 -0000

On 11 October 2010 20:34, Maciej Stachowiak <mjs@apple.com> wrote:

> On Oct 11, 2010, at 2:24 AM, James Graham wrote:
> > I'm not sure I follow this objection. Unless I am misunderstanding Adam's
> proposal, all the information needed to access the Host header is in the
> initial client request; the only additional effort needed is to use the
> client-sent key to decrypt the headers. According to this understanding, one
> doesn't have to maintain state across requests just to determine if one will
> handle the request and, if so, with which back end server.
>
> I agree with this understanding. With Adam's elaborations (not fully
> detailed in the original proposal), all the routing information is available
> in the initial client handshake request.
>
> > Is it just the decryption that you believe represents an unmanagable
> burden?
>
> In the unlikely case that the encryption is an unreasonable burden, I think
> it's possible to use a trivial form of encryption (XOR with one-time pad)
> instead of AES-128-CTR. But I think it's probably both safer and typically
> easier to use a well-known cipher.
>


I think there are things that we can do to restrict "attacker" content in
the handshake short of encryption.

Firstly I don't think we can encrypt the host header, at least not for an
Upgrade handshake. It is part of RFC2616 that a host header should be
included and we have agreed that we must be HTTP compliant before a 101.
While the host value it is "attacker" supplied content, it has been at least
been partially validated by performing a DNS lookup, which I believe will
restrict the content to A-Za-z and a restricted set of punctuation. I think
this significantly limits the usefulness of the host name to an attacker.

Similarly, the subprotocol string is not necessarily free content for an
attacker.  We can impose a very strict token definition for subprotocol
names that will also substantially deny that as a field that can inject
anything useful to an attacker.

That leaves the URI in the handshake.   The requirement to be HTTP compliant
does not mean that we need to allow all legal URIs.  We could also restrict
the URLs to deny usage of many characters that would be needed to make a
meaningful attack.


regards

v2.23.0 | Report a Bug | By Email