IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Ian Hickson <ian@hixie.ch> Mon, 11 October 2010 21:02 UTC

Return-Path: <ian@hixie.ch>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A74803A6B85 for <hybi@core3.amsl.com>; Mon, 11 Oct 2010 14:02:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.478
X-Spam-Level:
X-Spam-Status: No, score=-2.478 tagged_above=-999 required=5 tests=[AWL=0.121, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Xvu2rseHZWx for <hybi@core3.amsl.com>; Mon, 11 Oct 2010 14:02:56 -0700 (PDT)
Received: from homiemail-a50.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by core3.amsl.com (Postfix) with ESMTP id 8DEA73A6B83 for <hybi@ietf.org>; Mon, 11 Oct 2010 14:02:56 -0700 (PDT)
Received: from homiemail-a50.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a50.g.dreamhost.com (Postfix) with ESMTP id 062D96F8070; Mon, 11 Oct 2010 14:04:09 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=hixie.ch; h=date:from:to:cc :subject:in-reply-to:message-id:references:mime-version: content-type; q=dns; s=hixie.ch; b=N/avF1bxvSEQEe9Z11L083jmdMnUc qPlyUtBP48CgZlh5SkcWJmNcKWEVJ+i1hUnRR5AJhy3wxlK4/OpydLAIB9V2/AKk O5I1s2DB5U9bQdcwfsPzeOiHxtd4pc/3anahI4RKpqjyzFHw+A87j8Clt+BA9IHH Q+osFzqAWHcj40=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=hixie.ch; h=date:from:to :cc:subject:in-reply-to:message-id:references:mime-version: content-type; s=hixie.ch; bh=m2uZwclUm4yslo785wLvs7LXZHI=; b=eQb ueFdIkHg2gC4wefzsh7WtDDpgyMw1PWazoyxe5oqcxzuoqUhPrh/iUnEzU4SSRd6 iW8OHatu/eHEooWS4iWXOeL/YAyoMhGQJzfxWRaLUpQeeKysKJ6UgIWOlGt2tt1Z h4os4oYexLOpVqyQDrVB4Mn7qPZl2QkZ6Aq2hw5Y=
Received: from ps20323.dreamhostps.com (ps20323.dreamhost.com [69.163.222.251]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: internal@index.hixie.ch) by homiemail-a50.g.dreamhost.com (Postfix) with ESMTPSA id EA1D86F806B; Mon, 11 Oct 2010 14:04:08 -0700 (PDT)
Date: Mon, 11 Oct 2010 21:04:08 +0000
From: Ian Hickson <ian@hixie.ch>
To: James Graham <jgraham@opera.com>
In-Reply-To: <4CB3373C.5050507@opera.com>
Message-ID: <Pine.LNX.4.64.1010112100560.8618@ps20323.dreamhostps.com>
References: <4CAFA043.10101@caucho.com> <AANLkTi=eo-cjBz160FN0cn53v4-CpDSYaEneqkr_ZP7k@mail.gmail.com> <4CAFAC2B.5000800@caucho.com> <55bva61goeqtn0lifgjt5uihf50obh7kf4@hive.bjoern.hoehrmann.de> <4CAFB9C4.6030905@caucho.com> <AANLkTinv5Ym5jwUEqS76z3UkVa7GpmOBT_WXhBbFK0-m@mail.gmail.com> <20101009055723.GL4712@1wt.eu> <AANLkTimY2DjxgZybibSRtc7L34Wns2KhQC=Wa9K6PYku@mail.gmail.com> <20101009204009.GP4712@1wt.eu> <AANLkTi=Az0RmE1Uipo068zMh3YzgMpM2tQ+zYxaDT47A@mail.gmail.com> <20101011053354.GA12672@1wt.eu> <4CB2D7BD.1070004@opera.com> <9B9FA451-5551-4434-8EC1-BAC834FB9A61@apple.com> <AANLkTimDc_aqRTtgRpMKhdhk6x+vPGyOPvU3A=6mK9S7@mail.gmail.com> <4CB3373C.5050507@opera.com>
Content-Language: en-GB-hixie
Content-Style-Type: text/css
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Oct 2010 21:02:57 -0000

On Mon, 11 Oct 2010, James Graham wrote:
> 
> So there is an underlying issue here that I don't understand. It seems 
> clear to me that Adam and Eric's proposed handshake has a better 
> security story with regard to cross-protocol attacks than -75, -76, or 
> any other proposal other than using NPN with TLS. However there seem to 
> be a number of people who have problems with this proposed handshake to 
> the extent that they are prepared to forgo the security properties in 
> order to get something different. In general people seem to be aware 
> that they are making the security weaker since the arguments are mostly 
> about how different approaches will probably be good enough in practice 
> even though they are theoretically inferior.
> 
> What I haven't followed is what the problems with the proposal actually 
> are. I understand that I have likely missed these in other messages, but 
> it would be helpful if people who believe that the proposed approach, or 
> aspects of it, are unworkable could summarise the outstanding issues 
> they see.

I would like to ask a similar question, but to the people proposing Adam 
and Eric's latest proposed handshake. What real problem does it solve that 
NPN with TLS doesn't solve? As you say, it is weaker than NPN with TLS, so 
why not just go all the way?

This would have multiple advantages beyond just being more secure, for 
example we could halve the number of schemes we're introducing, halve the 
number of handshake implementations on both clients and servers, greatly 
reduce the testing burden, etc.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

v2.23.0 | Report a Bug | By Email