IETF Logo Mail Archive

Re: [hybi] Extensibility mechanisms?

Mike Belshe <mike@belshe.com> Mon, 19 April 2010 09:23 UTC

Return-Path: <mike@belshe.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 452EB3A6980 for <hybi@core3.amsl.com>; Mon, 19 Apr 2010 02:23:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.228
X-Spam-Level:
X-Spam-Status: No, score=0.228 tagged_above=-999 required=5 tests=[AWL=0.715, BAYES_05=-1.11, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G9zfVySNdUpO for <hybi@core3.amsl.com>; Mon, 19 Apr 2010 02:23:30 -0700 (PDT)
Received: from mail-pz0-f195.google.com (mail-pz0-f195.google.com [209.85.222.195]) by core3.amsl.com (Postfix) with ESMTP id EE5143A697F for <hybi@ietf.org>; Mon, 19 Apr 2010 02:22:58 -0700 (PDT)
Received: by pzk33 with SMTP id 33so3075257pzk.17 for <hybi@ietf.org>; Mon, 19 Apr 2010 02:22:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.143.44.3 with HTTP; Mon, 19 Apr 2010 02:22:48 -0700 (PDT)
In-Reply-To: <20100419091736.GA28758@shareable.org>
References: <Pine.LNX.4.64.1004161952530.751@ps20323.dreamhostps.com> <Pine.LNX.4.64.1004180246380.751@ps20323.dreamhostps.com> <4BCAB2C1.2000404@webtide.com> <B9DC25B0-CD21-44E7-BD9B-06D0C9440933@apple.com> <Pine.LNX.4.64.1004181812370.751@ps20323.dreamhostps.com> <4BCB6641.70408@webtide.com> <Pine.LNX.4.64.1004182010070.751@ps20323.dreamhostps.com> <4BCB6FD0.7080003@webtide.com> <j2n5c4444771004181403o81184b00r294f3c3b878f24f6@mail.gmail.com> <20100419091736.GA28758@shareable.org>
Date: Mon, 19 Apr 2010 02:22:48 -0700
Received: by 10.143.25.34 with SMTP id c34mr1862624wfj.181.1271668968313; Mon, 19 Apr 2010 02:22:48 -0700 (PDT)
Message-ID: <p2w2a10ed241004190222ne3a61417i47b021dbe0422f71@mail.gmail.com>
From: Mike Belshe <mike@belshe.com>
To: Jamie Lokier <jamie@shareable.org>
Content-Type: multipart/alternative; boundary="001636e0b5fc20d22904849381f6"
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] Extensibility mechanisms?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2010 09:23:34 -0000

On Mon, Apr 19, 2010 at 2:17 AM, Jamie Lokier <jamie@shareable.org> wrote:

> Adam Barth wrote:
> > On Sun, Apr 18, 2010 at 1:47 PM, Greg Wilkins <gregw@webtide.com> wrote:
> > > Ian Hickson wrote:
> > > Intermediaries can know about websocket framing and so long as
> > > all sub protocols and extensions are restricted to adhere to
> > > websocket framing, then intermediaries can continue to work
> > > regardless of sub protocols.
> >
> > I'm not sure I buy the premise that we want intermediaries to
> > understand and/or interfere with the websocket protocol.  It seems
> > more robust and more secure to establish a point-to-point encrypted
> > tunnel between the user agent and the server.
>
> More secure, but higher latency and slower.
>
> Going by the "each application on each open web page should open its
> own connection" approach, and encrypted tunnels enforcing that, as
> well as enforcing TLS setup latency for each one, *much* slower than
> HTTP.  Not to mention the torrent of idle keepalives with so many
> connections.
>

A few notes:
   - The bulk of the time goes to round trips.
   - WebSockets has a round trip for the upgrade header too.



>
> Less robust - I put together an alternative to Ian's "tic tac toe"
> using long-GET HTTP.  It's a similar amount of code with a similar
> structure, and as far as I can tell fails in all the exact same
> scenarios, except for one: The HTTP version keeps working after a NAT
> or SPI router times out in the middle.  The WebSocket version breaks
> at that point, because it won't detect the broken TCP connection or
> create a new one.
>

The NAT point is a great one.  I don't have any data on how often long-lived
connections are broken by NAT.  We need this.  Unfortunately, I bet may NATs
just drop the connection without notifying the endpoints (e.g. never sends a
RST).   This could become problematic for websockets, I'm not sure.
 Keepalives may help some, but I bet NATs are smart enough to break even
there too.  Data is needed....


> One of the not so obvious strengths of HTTP, which probably wasn't
> deliberate design, is it recovers well from contemporary TCP-breaking
> routers.
>
>
True true true!  Lots of short connections, although less efficient, are
self-healing and robust.

Mike


> -- Jamie
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi
>

v2.23.0 | Report a Bug | By Email