IETF Logo Mail Archive

Re: [hybi] Redesigning the Web Socket handshake

Justin Erenkrantz <justin@erenkrantz.com> Wed, 03 February 2010 16:05 UTC

Return-Path: <justin.erenkrantz@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4200C3A6A20 for <hybi@core3.amsl.com>; Wed, 3 Feb 2010 08:05:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.984
X-Spam-Level:
X-Spam-Status: No, score=-1.984 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K5a-CL49RqEu for <hybi@core3.amsl.com>; Wed, 3 Feb 2010 08:05:24 -0800 (PST)
Received: from mail-px0-f186.google.com (mail-px0-f186.google.com [209.85.216.186]) by core3.amsl.com (Postfix) with ESMTP id 7B9983A68FA for <hybi@ietf.org>; Wed, 3 Feb 2010 08:05:24 -0800 (PST)
Received: by pxi16 with SMTP id 16so424978pxi.29 for <hybi@ietf.org>; Wed, 03 Feb 2010 08:06:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=ngBI//4llN3QA3W6pRmlZuouAW0PcLiKuRoQ6iQHCUc=; b=Al3kKRo2svZsWi1MK5ItMDLlAy/qVIla4vwKPpPDPg/mJJYGA9PLytPoLM1bImyie3 lCUtTJUAF7BEQYrlbYHQG+ZmtBCwJA3BhRF7CDWMs8pNxK9zPwiVAvA+WrPikz4TCYRv YYtKJWKruxRRwlhy30sfNPhvZbIXnkN3FZyHE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=AXaQDVN9Da4BSY5CtvteLUP+0D1egZgUKEbKaDv2k0QV+F6wyzpB+MLLmMIX6kWX5l vo81z1dyout5fnPuEvBCDmklyktl//zOGyU6e4uNQ1IGmv9wYPQz5ipiD7rEYAITE2Gg P5laEvEyOviwbttOn4tESfS0YIOACVaBYVDeA=
MIME-Version: 1.0
Sender: justin.erenkrantz@gmail.com
Received: by 10.142.152.40 with SMTP id z40mr1591206wfd.211.1265213164795; Wed, 03 Feb 2010 08:06:04 -0800 (PST)
In-Reply-To: <E1EB568E-F023-4C69-B66A-AF55F1703438@apple.com>
References: <Pine.LNX.4.64.1002012305000.21600@ps20323.dreamhostps.com> <4B676E8C.70804@webtide.com> <Pine.LNX.4.64.1002020311030.3846@ps20323.dreamhostps.com> <4B679E2C.2080502@webtide.com> <FD440FEA-9F53-4F4C-8AA5-98B23318F0F7@apple.com> <5c902b9e1002021431w25768b2eu4e21244f080bed25@mail.gmail.com> <9A862D96-FD32-4532-BDBE-AAC5C82DB954@apple.com> <BD4D49B1-6EB0-425E-BA3C-AE34DE826739@apple.com> <5c902b9e1002030738j20d6a20dud9154b956c338a28@mail.gmail.com> <E1EB568E-F023-4C69-B66A-AF55F1703438@apple.com>
Date: Wed, 03 Feb 2010 08:06:04 -0800
X-Google-Sender-Auth: 6f76388f6c8b453c
Message-ID: <5c902b9e1002030806tdf7d34ci40446f500cd2b22f@mail.gmail.com>
From: Justin Erenkrantz <justin@erenkrantz.com>
To: Maciej Stachowiak <mjs@apple.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: hybi@ietf.org
Subject: Re: [hybi] Redesigning the Web Socket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 16:05:25 -0000

On Wed, Feb 3, 2010 at 7:52 AM, Maciej Stachowiak <mjs@apple.com> wrote:
> The goal is more like "first few bytes" than "probably first packet". Remember, we're trying to defend against cross-protocol attacks, so what well-behaved clients and servers will do is not super relevant. I am more concerned with the security of the protocol than pleasing the aesthetic sense of HTTP gurus.

No, but what matters is what well-behaved servers will do when they
accidentally break the only security mechanism when they reset the
status reason and clear those hash'd bytes.

Many servers and proxies will allow the status reason to be overriden
and replaced (think localization).  The failure case is going to be
abysmal to track down and completely fatal - the handshakes will fail
because some intermediary is rewriting the status reason and there
won't be *anything* at all that a client can do about it.  Suck.  At
least if it is in a separate HTTP header, it's a pretty good bet that
it won't be touched and will survive most interactions with reasonable
servers and intermediaries.

>>> 2) The hash should also include the request origin and some fixed
>>> WebSocket-specific string (e.g. "WebSocket::"). (He actually suggested 'HMAC
>>> the string "Web
>>> Socket::" and origin of WebSocket request using the nonce as a key' but I'm
>>> not sure if he was serious.)
>>
>> Using the origin IP introduces a lot of problems when there are
>> reverse proxies involved.
>
> The origin is not an IP address. I'm talking about what goes in the WebSocket-Origin header. See the spec for an explanation and examples.

Oops.  My bad.  (Perhaps we should consider another name besides
"origin" - that's a very overloaded term?)  -- justin

v2.23.0 | Report a Bug | By Email