IETF Logo Mail Archive

Re: [hybi] [Editorial Errata Reported] RFC6455 (3473)

Salvatore Loreto <salvatore.loreto@ericsson.com> Thu, 14 February 2013 07:45 UTC

Return-Path: <salvatore.loreto@ericsson.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54DEB11E809C for <hybi@ietfa.amsl.com>; Wed, 13 Feb 2013 23:45:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.248
X-Spam-Level:
X-Spam-Status: No, score=-106.248 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NVcoIbQR9Kku for <hybi@ietfa.amsl.com>; Wed, 13 Feb 2013 23:45:57 -0800 (PST)
Received: from mailgw2.ericsson.se (mailgw2.ericsson.se [193.180.251.37]) by ietfa.amsl.com (Postfix) with ESMTP id 8366F21E8042 for <hybi@ietf.org>; Wed, 13 Feb 2013 23:45:51 -0800 (PST)
X-AuditID: c1b4fb25-b7f366d000004d10-5f-511c962e2ff6
Received: from esessmw0256.eemea.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw2.ericsson.se (Symantec Mail Security) with SMTP id 5B.4A.19728.E269C115; Thu, 14 Feb 2013 08:45:50 +0100 (CET)
Received: from mail.lmf.ericsson.se (153.88.115.8) by esessmw0256.eemea.ericsson.se (153.88.115.97) with Microsoft SMTP Server id 8.3.279.1; Thu, 14 Feb 2013 08:45:50 +0100
Received: from nomadiclab.lmf.ericsson.se (nomadiclab.lmf.ericsson.se [131.160.33.3]) by mail.lmf.ericsson.se (Postfix) with ESMTP id B48DD2ADD for <hybi@ietf.org>; Thu, 14 Feb 2013 09:45:49 +0200 (EET)
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 5857F54319 for <hybi@ietf.org>; Thu, 14 Feb 2013 09:45:47 +0200 (EET)
Received: from Salvatore-Loretos-MacBook-Pro.local (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 126F953F90 for <hybi@ietf.org>; Thu, 14 Feb 2013 09:45:47 +0200 (EET)
Message-ID: <511C962C.8080904@ericsson.com>
Date: Thu, 14 Feb 2013 09:45:48 +0200
From: Salvatore Loreto <salvatore.loreto@ericsson.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: hybi@ietf.org
References: <20130201073846.78956B1E003@rfc-editor.org> <CABkgnnVO_qfFAKY28y_VL5vjXdUYtuAV5vNtFLpAFUk9zPiJkQ@mail.gmail.com> <CAHixhFpR7SPWoiQrduDa5oDnss0GPQKa4ptroD0dVgP4+v7OqQ@mail.gmail.com> <CABkgnnUkq0bzVbq1Np=S03JHMtCatZ9GFwo2atnRxda_ukuLUw@mail.gmail.com>
In-Reply-To: <CABkgnnUkq0bzVbq1Np=S03JHMtCatZ9GFwo2atnRxda_ukuLUw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------000705090901010303060602"
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrBLMWRmVeSWpSXmKPExsUyM+Jvja7eNJlAg5+rxS3ev9zG5MDosWTJ T6YAxigum5TUnMyy1CJ9uwSujJ8dB1gLnoZX/G99ztjAeMO+i5GDQ0LAROJnJ3MXIyeQKSZx 4d56ti5GLg4hgZOMEhe6n7FAOBsYJdZd6WaGcM4xSjx88RKq7CCjxNUTPVBlpxglVj6ewAwy l1dAW+LjnVCQuSwCqhIH/y5kBLHZBMwknj/cArZPVCAZqOQaK4jNKyAocXLmExYQWwTI7t66 BmyMsICdxPEZgRDj25gktuw6ywZSwykQKHFl6kmwOcwCYRIT53SyQ/ygJnH13CawuJCAlkTv 2U6mCYzCs5CsmIWkBcK2lbgw5zpUXF5i+9s5zBC2rsSF/1NQxBcwsq1iZM9NzMxJLzfaxAgM /YNbfqvuYLxzTuQQozQHi5I4b7jrhQAhgfTEktTs1NSC1KL4otKc1OJDjEwcnFINjB5GMzeL ZRXpLy3bMyk6W+7KwQ9SDkFVT2dsPjGnVK+Zh1/9lsMUrper+sWfG93nfunz66rqj5peS92E Zy/36ppJC138qLTyluPzj6xlbZ7VHjIL457+fHDS5UuE7p+o+xdU80TZfq/TLpEu+F53xiR3 rtqKlLNqj45Ntjnd58GtKD+lMjM6RImlOCPRUIu5qDgRAHDLAhtLAgAA
Subject: Re: [hybi] [Editorial Errata Reported] RFC6455 (3473)
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2013 07:45:59 -0000

the original idea was to serialize the tentative to connect to the same 
IP address (especially in
the case several /host/ names share the same IP address);
IMO it becomes clear if you read the second paragraph of the bullet #2 
and the NOTE.


    2.  If the client already has a WebSocket connection to the remote
        host (IP address) identified by /host/ and port /port/ pair, even
        if the remote host is known by another name, the client MUST wait
        until that connection has been established or for that connection
        to have failed.  There MUST be no more than one connection in a
        CONNECTING state.  If multiple connections to the same IP address
        are attempted simultaneously, the client MUST serialize them so
        that there is no more than one connection at a time running
        through the following steps.

        If the client cannot determine the IP address of the remote host
        (for example, because all communication is being done through a
        proxy server that performs DNS queries itself), then the client
        MUST assume for the purposes of this step that each host name
        refers to a distinct remote host, and instead the client SHOULD
        limit the total number of simultaneous pending connections to a
        reasonably low number (e.g., the client might allow simultaneous
        pending connections to a.example.com and b.example.com, but if
        thirty simultaneous connections to a single host are requested,
        that may not be allowed).  For example, in a web browser context,
        the client needs to consider the number of tabs the user has open
        in setting a limit to the number of simultaneous pending
        connections.


        NOTE: This makes it harder for a script to perform a denial-of-
        service attack by just opening a large number of WebSocket
        connections to a remote host.  A server can further reduce the
        load on itself when attacked by pausing before closing the
        connection, as that will reduce the rate at which the client
        reconnects.



-- 
Salvatore Loreto, PhD
www.sloreto.com



On 2/5/13 3:00 PM, Martin Thomson wrote:
>
> That is approximately where my reasoning lead. I think that the *safe* 
> option is to have one connection per name.
>
> On Feb 4, 2013 3:20 AM, "Adam Rice" <ricea@google.com 
> <mailto:ricea@google.com>> wrote:
>
>     On 1 February 2013 23:27, Martin Thomson <martin.thomson@gmail.com
>     <mailto:martin.thomson@gmail.com>> wrote:
>
>         Is this "host and port" or "IP and port" ?  That too is
>         unclear.  If
>         I'm sharding a.example.com <http://a.example.com> and
>         b.example.com <http://b.example.com> and they are served on
>         the same VIP, is the expectation that wss://a.example.com/
>         <http://a.example.com/> and
>         wss://b.example.com/ <http://b.example.com/> can't have
>         concurrent connection attempts?
>
>
>     I was assuming that in the first sentence the text "connection to
>     the remote host (IP address) ... even if the remote host is known
>     by another name" made the interpretation of "IP address" unambiguous.
>
>     But section 4.1 says that /host/ is defined in section 3, and
>     section 3  actually defines /host/ as "host = <host, defined in
>     [RFC3986], Section 3.2.2
>     <http://tools.ietf.org/html/rfc3986#section-3.2.2>>", ie. the host
>     portion of the URI.
>
>     So now I don't know.
>
>
>
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi

v2.23.0 | Report a Bug | By Email