Re: [hybi] [whatwg] Web sockets and existing HTTP stacks
Greg Wilkins <gregw@webtide.com> Tue, 22 December 2009 08:33 UTC
Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 973083A68D4 for <hybi@core3.amsl.com>; Tue, 22 Dec 2009 00:33:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.527
X-Spam-Level:
X-Spam-Status: No, score=-2.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NykotMmbpHwb for <hybi@core3.amsl.com>; Tue, 22 Dec 2009 00:33:00 -0800 (PST)
Received: from mail-yx0-f192.google.com (mail-yx0-f192.google.com [209.85.210.192]) by core3.amsl.com (Postfix) with ESMTP id 3B9883A6908 for <hybi@ietf.org>; Tue, 22 Dec 2009 00:33:00 -0800 (PST)
Received: by yxe30 with SMTP id 30so6836814yxe.29 for <hybi@ietf.org>; Tue, 22 Dec 2009 00:32:41 -0800 (PST)
Received: by 10.90.61.21 with SMTP id j21mr1667482aga.60.1261470759641; Tue, 22 Dec 2009 00:32:39 -0800 (PST)
Received: from ?10.10.1.11? (60-242-119-126.tpgi.com.au [60.242.119.126]) by mx.google.com with ESMTPS id 14sm3268271gxk.10.2009.12.22.00.32.36 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 22 Dec 2009 00:32:38 -0800 (PST)
Message-ID: <4B308412.1050709@webtide.com>
Date: Tue, 22 Dec 2009 19:32:18 +1100
From: Greg Wilkins <gregw@webtide.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Ian Hickson <ian@hixie.ch>
References: <557ae280911171402v7546e5e7n93a1e57f87dc10e5@mail.gmail.com> <557ae280911200711i5493e654k67c1f5f07336bfb9@mail.gmail.com> <Pine.LNX.4.62.0912032347360.15540@hixie.dreamhostps.com> <4B2C1D52.9020505@webtide.com> <5c902b9e0912181640n497169cdrfa71f9a2908e6ef3@mail.gmail.com> <20091219005442.GA10949@shareable.org> <5c902b9e0912181711o65f31266yd86b8db618a1dcb1@mail.gmail.com> <B0B57710-91BC-4CEC-ABA6-50318038E64B@mnot.net> <4B302D5C.3080904@webtide.com> <Pine.LNX.4.62.0912220227020.18249@hixie.dreamhostps.com>
In-Reply-To: <Pine.LNX.4.62.0912220227020.18249@hixie.dreamhostps.com>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: hybi@ietf.org
Subject: Re: [hybi] [whatwg] Web sockets and existing HTTP stacks
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Dec 2009 08:33:01 -0000
Ian Hickson wrote: > On Tue, 22 Dec 2009, Greg Wilkins wrote: >> Mark Nottingham wrote: >>> There was a fairly long thread initiated by Ian on squid-dev, FYI: >>> http://marc.info/?t=124700786100001&r=1&w=2 >>> >>> That discussion is very similar to this one. >> This is looking more an more like a hostile takeover bid of port 80. > > Just so we're clear, Web Sockets (then TCPConnection) was originally > completely independent of HTTP. It was then requested that the handshake > be made HTTP-compatible such that an HTTP server could share its port with > a Web Sockets server, so that port 443 could be used (needed to get around > man-in-the-middle proxies). Even then, though, the Web Sockets spec > originally specifically discouraged the use of port 443 and recommended > the use of ports 81 and 815. It was only in response to feedback > suggesting that discouraging port 443 was a bad idea that the spec was > changed to be neutral on the matter. Then I tried registering ports 81 and > 815 and the IANA told me to just use ports 80 and 443. > > So describing this as a "hostile takeover bid" is rather revisionist. OK fair cop - a bit of an exaggeration. But now that you have been encouraged to use port 80, then you need to play by the existing rules on port 80 - up until the time the upgrade response is sent. After that, you can go crazy with the cheeze-whiz on new protocol and any intermediary that does pass the upgrade, but does not handle the subsequent traffic is in the wrong. But prior to the upgrade response, you are in HTTP and should be governed by RFC2616 and not just pretend HTTP. > It's > only through three years of responding to feedback that we've reached this > point, and I've done my best to ensure that the handshake really is > compatible with HTTP Why "compatible with HTTP"? Why not just be real HTTP prior to the upgrade? > to the extent necessary to handle the use cases that > people have brought to the table. This list and the squid list and other forums are full of people raising use-cases that are not supported. This thread was started by a post about a C HTTP stack that had difficulty with the "compatible HTTP", I've posted similar issues with the Jetty implementation. The squid list shows how a caching proxy is having problems with just "compatibility" and there have been plenty of other use-cases listed about load balancers, SSL offload, etc. etc. You have been entirely unsuccessful in convincing anybody else of the validity of your assertion that binary specified upgrade requests/responses increases security or serves any purpose at all. I've not seen 1 word of support for that approach from anybody else. So I'm sorry about the hostile take over bid comment, but it just reflects my frustration at your intransigence on this issue. When existing HTTP infrastructure on port 80 is incompatible with your new protocol, your response is that we should not use that infrastructure on port 80! But that is simply not an option. regards
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Jamie Lokier
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Greg Wilkins
- [hybi] Fwd: Web sockets and existing HTTP stacks Christian Biesinger
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Jamie Lokier
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Christian Biesinger
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Ian Hickson
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Alexey Proskuryakov
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Justin Erenkrantz
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Jamie Lokier
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Justin Erenkrantz
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Jamie Lokier
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Mark Nottingham
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Ian Hickson
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Ian Hickson
- Re: [hybi] Web sockets and existing HTTP stacks Justin Erenkrantz
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks L.Wood
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Justin Erenkrantz
- Re: [hybi] Web sockets and existing HTTP stacks SM
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Mark Nottingham
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks SM
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- [hybi] Sentinel framing. was: Web sockets and exi… Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Francis Brosnan Blazquez
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Julian Reschke
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Vladimir Katardjiev
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak