IETF Logo Mail Archive

Re: [hybi] Comments to draft-ietf-hybi-thewebsocketprotocol-05

Iñaki Baz Castillo <ibc@aliax.net> Thu, 24 February 2011 02:22 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A87663A68C5 for <hybi@core3.amsl.com>; Wed, 23 Feb 2011 18:22:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.677
X-Spam-Level:
X-Spam-Status: No, score=-2.677 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PTLzM6jMM4DV for <hybi@core3.amsl.com>; Wed, 23 Feb 2011 18:22:47 -0800 (PST)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by core3.amsl.com (Postfix) with ESMTP id 997523A6938 for <hybi@ietf.org>; Wed, 23 Feb 2011 18:22:47 -0800 (PST)
Received: by qwh6 with SMTP id 6so76979qwh.31 for <hybi@ietf.org>; Wed, 23 Feb 2011 18:23:35 -0800 (PST)
MIME-Version: 1.0
Received: by 10.229.190.13 with SMTP id dg13mr155925qcb.170.1298514215609; Wed, 23 Feb 2011 18:23:35 -0800 (PST)
Received: by 10.229.89.77 with HTTP; Wed, 23 Feb 2011 18:23:35 -0800 (PST)
In-Reply-To: <AANLkTi=HV2Et1tEXFE5khLRw6Gox4BR_uJmkcg4oUxu6@mail.gmail.com>
References: <AANLkTinMDCm=uv1KPaXW3PwVN-0Fmtw8sn2iWzVjSh7h@mail.gmail.com> <AANLkTi=h+1cQKW87Gs7dOKnAQRuEtt6ZDmi4VHSwHxLF@mail.gmail.com> <AANLkTikxWyNZT1KyREH04jwqNp06qi+_zfhNAkz24Xma@mail.gmail.com> <AANLkTim-8S8AZxGKGStfBEE9j85yx06UetCPM-yhY7QW@mail.gmail.com> <AANLkTinfvRDzmXMBSFrbkzFRO5M4kdqpxiMi7xZnxyhN@mail.gmail.com> <AANLkTi=mR3a-WWVRQ_MZxPSGpFG3QZAQ=JcyU7GhQJh=@mail.gmail.com> <AANLkTinzZXgYhspJNo4G3H+iuGs_atC=SN03=CbM--mf@mail.gmail.com> <AANLkTimonxh=8_G4qvW+VaXejRjjdOqUu-W=XsdV5B_V@mail.gmail.com> <AANLkTik+Oz_LdCBQ3dkhxw5gPBytDnVTDZbm_gcnTLLj@mail.gmail.com> <AANLkTimUzXykudZVyW7Z7X5N6Pi1vTWOf7+TWzDEDSOp@mail.gmail.com> <AANLkTi=qc9VZsjmGKEAZKEOFh6ADX-P8QVKLRuFhFgs6@mail.gmail.com> <AANLkTi=FYSzrTj+t-TejKXQgh__cpivyJkVOuv3-dHaj@mail.gmail.com> <AANLkTim4apFEtzYNNCDOfN9XWpSf3FQnAM5Ry_QPN_h5@mail.gmail.com> <AANLkTin-Kh8BYv=wSqoUWBCcnA0koUj1ec0=W3dkXaVx@mail.gmail.com> <AANLkTimnZHWhO1KfGXv9JfTAuXGYY0ExPKioAX9xNPVh@mail.gmail.com> <AANLkTi=HV2Et1tEXFE5khLRw6Gox4BR_uJmkcg4oUxu6@mail.gmail.com>
Date: Thu, 24 Feb 2011 03:23:35 +0100
Message-ID: <AANLkTiny0UFd7=OxeNJEOhzL2q6_yr4z0Ue5S7L42+7W@mail.gmail.com>
From: Iñaki Baz Castillo <ibc@aliax.net>
To: ifette@google.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: Salvatore.Loreto@ericsson.com, hybi@ietf.org, jhildebr@cisco.com
Subject: Re: [hybi] Comments to draft-ietf-hybi-thewebsocketprotocol-05
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Feb 2011 02:22:48 -0000

2011/2/24 Ian Fette (イアンフェッティ) <ifette@google.com>:
>> Really? so what is this draft? a "HOWTO" for developing software?. A
>> specification describing a protocol must include extensive information
>> about the reasoning for its design, even more when it aims to become a
>> standard. You are describing a *protocol*, not a guide for a lazy
>> implementor. Could you please check *any* other RFC describing any
>> other protocol?
>>
>
> If RFC2616 had to list out the full history of every debate of every feature
> in HTTP it would be unreadable and worthless. The protocol is a guide to
> what you must do if you want to create software that can interoperate with
> other WS endpoints, in that sense yes, it is something of a howto. You do
> not need a transcription of months of arguments that led to what it is. I am
> sure that back in the 90s people were debating about whether Accept-Lang:
> en, de; q=0.8 was more understandable or less understandable than en;
> de,q=0.8, but at the end of the day one won out, and the history doesn't
> really matter as if I want it to work, I need to send en,de;q=0.8.

You are comparing a format/grammar rule with a security design.

I don't expect (neither I desire) that this draft explains why
Sec-WebSocket-1 is called as it is rather than "Security-WS-A", even
if you all spent 5 weeks discussing about it.
But if the draft defines a exotic handshake it must argue it. If it
requires masking just for client-to-server communication it must argue
it ("avoid confusing network intermediaries, such as intercepting
proxies" is not enough).

Also -05 seems to be HTTP compliant but I still don't know how should
a websocket client react if it receives a 302 when performing the
handshake. Same as a "real" HTTP client? or not? Initially the
protocol was just "similar" to HTTP (but not HTTP) so it's hard to
figure how is currently defined to behave without explicit mention in
the draft.

If the protocol is HTTP compliant, why is the draft full of phrases
like the following?:

   Headers in the handshake are sent by the client in a random order;
   the order is not meaningful.

This is obvious in HTTP! order of different headers never matter, so
why to include it in this draft? Is it not clear that a WebSocket
implementor must know HTTP protocol? Wouldn't be better to remove such
unnecessary information from the draft and, instead, include useful
information (as technical rationale)? maybe you still save space :)


Regards.



-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email