IETF Logo Mail Archive

Re: [hybi] WS ABNF

Greg Wilkins <gregw@webtide.com> Tue, 16 February 2010 21:17 UTC

Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4FE8828C1BF for <hybi@core3.amsl.com>; Tue, 16 Feb 2010 13:17:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.514
X-Spam-Level:
X-Spam-Status: No, score=-2.514 tagged_above=-999 required=5 tests=[AWL=0.085, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqAkcO64cmHa for <hybi@core3.amsl.com>; Tue, 16 Feb 2010 13:17:08 -0800 (PST)
Received: from mail-bw0-f228.google.com (mail-bw0-f228.google.com [209.85.218.228]) by core3.amsl.com (Postfix) with ESMTP id 350CA28C171 for <hybi@ietf.org>; Tue, 16 Feb 2010 13:17:07 -0800 (PST)
Received: by bwz28 with SMTP id 28so5391955bwz.14 for <hybi@ietf.org>; Tue, 16 Feb 2010 13:18:41 -0800 (PST)
Received: by 10.204.38.80 with SMTP id a16mr4596537bke.199.1266355120652; Tue, 16 Feb 2010 13:18:40 -0800 (PST)
Received: from ?10.10.1.11? (60-242-119-126.tpgi.com.au [60.242.119.126]) by mx.google.com with ESMTPS id 14sm3328479bwz.1.2010.02.16.13.18.36 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 16 Feb 2010 13:18:39 -0800 (PST)
Message-ID: <4B7B0BA4.8090801@webtide.com>
Date: Wed, 17 Feb 2010 08:18:28 +1100
From: Greg Wilkins <gregw@webtide.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Server-Initiated HTTP <hybi@ietf.org>
References: <8B0A9FCBB9832F43971E38010638454F032E566DDF@SISPE7MB1.commscope.com> <18559.1266310165.853559@puncture>
In-Reply-To: <18559.1266310165.853559@puncture>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [hybi] WS ABNF
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2010 21:17:09 -0000

Dave Cridland wrote:
> On Mon Feb 15 01:12:53 2010, Thomson, Martin wrote:
>>      frame         = text-frame / binary-frame
>>      binary-frame  = %x80 length *%x00-FF
>>      length        = %x00 / %x01-7f / ( %x81-FF *%x80-FF %x00-7F )
>>
>> This is a canonical length encoding in that it doesn't allow for
>> leading zeroes.
> 
> Am I alone in seeing two design errors here?

Nope - I've been hammering away on these issues for months!

> Firstly, I see no benefit in having two different framing types. I do
> see a marginal benefit in having multiple frame types, but the idea of
> distinct framing just strikes me as a bad idea, and prone to error. I
> think the correct design decision here is that "bytes is bytes", and to
> the wire, all frames are binary and octet counted. I'm not against an
> end marker, incidentally, although I'm not convinced it's needed except
> in early stages of implementation.

I think sentinel marking is not desirable.  We've had enough problems
with protocols being vulnerable to injection attacks without introducing
another.

I think it is crazy to have a protocol where user supplied data can
fool the protocol framing by providing illegal UTF-8.

length based framing is able to efficiently carry all that is required.


> Secondly, is that really a bespoke new method for integer representation
> on the wire? What is the overriding benefit over a network byte order
> 32-bit integer? I see that it can be 1-N octets, and therefore will
> typically save 1-3 octets - I'm assuming we're not expecting to ship
> more than 256M in a frame, where the trade off is.
> 
> But the chances of this making a measurable difference are very slim,
> whereas the perils of decoding a new integer representation seem
> extraordinarily high, especially given that it's a nicely unbounded
> integer. IMAP implementations used to have enough trouble when asked to
> allocate 4G for a literal, after all, but at least I'm unaware of them
> having decoding difficulty. OTOH, with 5 octets, I can now setup a frame
> length of 32G, and I can't see anything suggesting that this is even a
> bad idea, let alone illegal protocol.

+1

> I have other comments - I'm bewildered that a server responding with
> "HTTP/1.1 101 Web Socket Protocol Handshake." will fail to interop with
> compliant clients, for instance - but I'm intending to leave these for a
> later mail - just be warned these are coming.

+100000000000000000000000000000000


cheers

v2.23.0 | Report a Bug | By Email