IETF Logo Mail Archive

Re: [hybi] [whatwg] WebSockets: UDP

Mark Frohnmayer <mark.frohnmayer@gmail.com> Fri, 11 June 2010 15:53 UTC

Return-Path: <mark.frohnmayer@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BDE603A68DA for <hybi@core3.amsl.com>; Fri, 11 Jun 2010 08:53:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.508
X-Spam-Level:
X-Spam-Status: No, score=0.508 tagged_above=-999 required=5 tests=[AWL=0.393, BAYES_40=-0.185, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwDNiLXgb16Y for <hybi@core3.amsl.com>; Fri, 11 Jun 2010 08:53:06 -0700 (PDT)
Received: from mail-yw0-f179.google.com (mail-yw0-f179.google.com [209.85.211.179]) by core3.amsl.com (Postfix) with ESMTP id 8127B3A68A3 for <hybi@ietf.org>; Fri, 11 Jun 2010 08:53:06 -0700 (PDT)
Received: by ywh9 with SMTP id 9so1437525ywh.17 for <hybi@ietf.org>; Fri, 11 Jun 2010 08:53:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=nN7PlRquwvaqFUYW1e4WzbdGB13zyGP2NZumu9EPMJU=; b=n4YkaPk/R/bYwas3VmzRjF13VtaEaiW3hls8IxgYe+P+pB9ZW48YgcBDXBt/PlywBt iT6Me0/lO4tuIfnCAnaXWYSecWjllx2whmOQeXn+iXZOTnBgaYJ+nOzwspJsDjavmuRE 1Nvp2j8wCyEJp2Z9m0eUGHCPOiLElmFWlEOeo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=uNLSf6/mghL2AMh4Un0yQ/9NbgiCtwgp/G0YOaXoa1OGmSwQQ+1RXMn4lnxkmJb+Mz f77ntt1HFMTbv2Oz50+9gPd0IOwNMpgsQRcdIwt/r3ng+PeNoyf0rRKXLW/i1wgylvD7 Lp85WKUdNIphe/l8nTHiRuoZiRjRIzlS581I0=
Received: by 10.101.10.34 with SMTP id n34mr1787810ani.109.1276271585222; Fri, 11 Jun 2010 08:53:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.123.18 with HTTP; Fri, 11 Jun 2010 08:52:45 -0700 (PDT)
In-Reply-To: <op.vd4r8yvlr4mipi@emoller-pc.gothenburg.osa>
References: <op.vdl9bszhr4mipi@emoller-pc.gothenburg.osa> <AANLkTin8TYLeOdZmKbs6IqklsS5P24Qd4kqtTV_UXp-l@mail.gmail.com> <op.vdmg3ov6r4mipi@emoller-pc.gothenburg.osa> <AANLkTim2j9xbgW4fnKYy69uZ9KwBaDvs1ypu92pG1Hxo@mail.gmail.com> <op.vdm0lrqmr4mipi@emoller-pc.gothenburg.osa> <AANLkTimPvtS9hE-frSVQq8dWBEG9-fvCfnTsOVCbVXQt@mail.gmail.com> <op.vdpn931pr4mipi@emoller-pc.gothenburg.osa> <op.vd3ndpzqr4mipi@emoller-pc.gothenburg.osa> <AANLkTilrDDGU10AZQ3KZ2lkuwmEt-RKRJUIls38ajtb6@mail.gmail.com> <op.vd4r8yvlr4mipi@emoller-pc.gothenburg.osa>
From: Mark Frohnmayer <mark.frohnmayer@gmail.com>
Date: Fri, 11 Jun 2010 08:52:45 -0700
Message-ID: <AANLkTim3-lHhZp1Ek_cQSNTfB-UDwDDFL1RnLhRplMEe@mail.gmail.com>
To: Erik Möller <emoller@opera.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: "whatwg@whatwg.org" <whatwg@whatwg.org>, Hybi <hybi@ietf.org>, Philip Taylor <excors+whatwg@gmail.com>
Subject: Re: [hybi] [whatwg] WebSockets: UDP
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2010 15:53:07 -0000

On Fri, Jun 11, 2010 at 3:18 AM, Erik Möller <emoller@opera.com> wrote:
> Absolutely, that's why the path-MTU attribute was suggested. The ~64k limit
> is an absolute limit though at which sends can be rejected immediately
> without even trying.

Ah, gotcha.  I was trying to separate the cases of MTU before
fragmentation and maximum packet size (fragmented) before some host
along the way silently discards the packet.

> The reasoning was that if you do need data security and integrity the secure
> websocket over TCP uses the same state-of-the-art implementation as the
> browsers already have implemented. Secure connections over UDP would either
> require a full TCP over UDP implementation (to use TLS) or a second
> implementation that would need to be maintained. That implementation would
> be either a very complex piece or software or clearly inferior to that users
> are accustomed to.
> So what's a good use-case where you want a secure connection over UDP and
> cannot use a second TLS connection?

I guess I was thinking more in the direction of a well conceived, well
reviewed protocol (TLS-level of scrutiny) for encryption of the
unreliable packet stream - a secure data stream is a useful primitive
and would otherwise have to be implemented at the application level.
I'd rather have security done well at the platform level (what
developers expect from a modern browser).  I'm not sure I'd agree that
it has to be super complex in order to be effective, and could likely
use much of the same functionality (ciphers, etc).

I'm also not assuming a second message channel -- if a developer is
using an API like TNL or RakNet that handles higher level data and
message guarantees then the addition of multiple message streams is
unneeded complexity.

>
> Yes, no doubt it's useful for those implementing higher level APIs. As usual
> it's a matter of at what level to place the API.

Agreed.  This goes back to Phil's point that UDP by itself isn't a
great primitive to build on -- the key element for real-time
applications is that dropped packets shouldn't stall the communication
stream nor be automatically retransmitted.  A slightly higher level
approach (connection handshake, security, etc), as long as its
overhead is low, could be a more effective foundation to build on.

Cheers,
Mark

v2.23.0 | Report a Bug | By Email