IETF Logo Mail Archive

Re: [hybi] A WebSocket handshake

Willy Tarreau <w@1wt.eu> Thu, 07 October 2010 07:04 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 535763A6BAD for <hybi@core3.amsl.com>; Thu, 7 Oct 2010 00:04:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.784
X-Spam-Level:
X-Spam-Status: No, score=-2.784 tagged_above=-999 required=5 tests=[AWL=-0.741, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UkyMWmoavYce for <hybi@core3.amsl.com>; Thu, 7 Oct 2010 00:04:04 -0700 (PDT)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by core3.amsl.com (Postfix) with ESMTP id F2FB03A70E2 for <hybi@ietf.org>; Thu, 7 Oct 2010 00:04:03 -0700 (PDT)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id o97754dB028910; Thu, 7 Oct 2010 09:05:04 +0200
Date: Thu, 07 Oct 2010 09:05:04 +0200
From: Willy Tarreau <w@1wt.eu>
To: Greg Wilkins <gregw@webtide.com>
Message-ID: <20101007070504.GL25988@1wt.eu>
References: <AANLkTimQ5x-v+Mz_OHrNDdtVd94E+HOBWwo3_f1ktEeg@mail.gmail.com> <AANLkTinw7CpY9d1pW0dEtY9kTLoY6dwoUcXHkLbK7b_q@mail.gmail.com> <AANLkTik4sgV17C_LL9AoJSk0kudk6jDb2N-icZ+DmneX@mail.gmail.com> <AANLkTimpEeOd0dzkLLvrHbyiykZxYHMCxHiSjzSRxC_d@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AANLkTimpEeOd0dzkLLvrHbyiykZxYHMCxHiSjzSRxC_d@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] A WebSocket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Oct 2010 07:04:05 -0000

On Thu, Oct 07, 2010 at 05:42:10PM +1100, Greg Wilkins wrote:
> Exactly - the security architecture of the web makes that safe.
> No cookies or credentials for goodguy.somehost.com/secret/ are going
> to be sent to evilgenius.somehost.com/attack.

That's a good point that you're talking about cookies, Greg, because
that's precisely one element which we will definitely need, and which
will imply that some parts of the handshake will be variable. Also, I
don't see why we should make the handshake stricter than whatever an
attacker already has control over in a browser. We just need the
handshake to be as robust as any HTTP handshake, not more. If an
attacker has control over the browser and the WS handshake does not
permit anything, he will still be able to use plain HTTP and have much
more control. So we can relax the rules a bit without turning browsers
into massive attack sources.

Regards,
Willy

v2.23.0 | Report a Bug | By Email