IETF Logo Mail Archive

Re: [hybi] Criteria for evaluating handshake proposals

Zhong Yu <zhong.j.yu@gmail.com> Wed, 08 December 2010 22:16 UTC

Return-Path: <zhong.j.yu@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F2F93A689E for <hybi@core3.amsl.com>; Wed, 8 Dec 2010 14:16:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.355
X-Spam-Level:
X-Spam-Status: No, score=-3.355 tagged_above=-999 required=5 tests=[AWL=0.244, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vUkX-rc77k-4 for <hybi@core3.amsl.com>; Wed, 8 Dec 2010 14:16:44 -0800 (PST)
Received: from mail-ew0-f53.google.com (mail-ew0-f53.google.com [209.85.215.53]) by core3.amsl.com (Postfix) with ESMTP id 48E1C3A69A4 for <hybi@ietf.org>; Wed, 8 Dec 2010 14:16:44 -0800 (PST)
Received: by ewy6 with SMTP id 6so1294402ewy.40 for <hybi@ietf.org>; Wed, 08 Dec 2010 14:18:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=XpF4JZUbBMPi5E7rxP0tY83YggDHSriwlaoIgRJvqRI=; b=uQ1pjkcoBoS4+rIADbtLL7THZavAXzCEV690PMe7uOVNt7jurBw9GMzqO6n1EKzGtu RjtB2rvGOKP/Q/gm0wHnPtDnoJVMeUwPg8uSURBcYc4Himj/J45ml0pYmzA57U3BLcDc CngAmuEYKgcX8q1U449GMM++OC9ccabjjAWos=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=m1OqFwzxZETCJF8LIr855u4xmi13SbIFR0u6U38+P80zZwmOXsjQlYnkgndVyPmxNc AshoxsJw9TOFnvyskmoWVSQljAU3JEfaKkKzeiZw/H3xRbkERck6fDyibDO7/r9NgTIG i2MI/kyS/s5UhsP6BgsT38lCMuQFFqwV7Z8ok=
MIME-Version: 1.0
Received: by 10.213.17.16 with SMTP id q16mr2963125eba.62.1291846690975; Wed, 08 Dec 2010 14:18:10 -0800 (PST)
Received: by 10.213.16.142 with HTTP; Wed, 8 Dec 2010 14:18:10 -0800 (PST)
In-Reply-To: <AANLkTi=xaOgxn7UF9PBZLEJkmfMAiXrKFhZzRjobhM+q@mail.gmail.com>
References: <4CFFE943.6050601@isode.com> <AANLkTi=xaOgxn7UF9PBZLEJkmfMAiXrKFhZzRjobhM+q@mail.gmail.com>
Date: Wed, 08 Dec 2010 16:18:10 -0600
Message-ID: <AANLkTikhh5xzc_SjGxJogTeRzbDogGr5LL7ZiYbSeyWC@mail.gmail.com>
From: Zhong Yu <zhong.j.yu@gmail.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: hybi@ietf.org
Subject: Re: [hybi] Criteria for evaluating handshake proposals
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Dec 2010 22:16:45 -0000

On Wed, Dec 8, 2010 at 3:55 PM, Zhong Yu <zhong.j.yu@gmail.com> wrote:
> It's ironic that nobody emphasizes on success rate now. At least I
> haven't heard any recently. Yet that was the reason that current
> WebSocket proposals are contained in HTTP connections on port 80.
>
> If we are happy with the 70-80% success rate with a "raw" WebSocket
> protocol over today's internet infrastructure, and if we are in a
> hopeless gridlock if we try to improve the success rate by dressing
> WebSocket in HTTP's clothes, maybe we should just abandon HTTP and go
> with a "raw" WebSocket on a new port.
>
> At least, we deserve a new trial after such a long time. The original
> proponents of building WebSocket in HTTP should examine the new
> evidences and discussions and remake the case.
>
> The success rate is only an initial problem anyway. After WebSocket is
> widely deployed, the obstacles that prevent successful WebSocket
> connections will be under great pressure to correct themselves. People

And if today's firewalls block WebSocket connections, we should not
count that as failure. The firewalls are doing what they are supposed
to do. Whether they should be modified to allow WebSocket is up to the
firewall admins. We should not make that decision for them. What gives
WebSocket the right to *cheat* these firewalls? If the cheating is
successful, aren't we designing something that *breaks* security?

> are dying to have WebSocket. It's hard to see why this little initial
> problem can have any significant impact on adoption rate. As far as
> success rate is concerned, everyday WebSocket isn't deployed is a day
> it has 0% success rate.
>
> - Zhong Yu
>

v2.23.0 | Report a Bug | By Email