Re: [hybi] It's time to ship
Eric Rescorla <ekr@rtfm.com> Mon, 10 January 2011 18:18 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BFEB23A6B0E for <hybi@core3.amsl.com>; Mon, 10 Jan 2011 10:18:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.362
X-Spam-Level:
X-Spam-Status: No, score=-102.362 tagged_above=-999 required=5 tests=[AWL=0.015, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_51=0.6, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id saBJup4F1R3N for <hybi@core3.amsl.com>; Mon, 10 Jan 2011 10:18:11 -0800 (PST)
Received: from mail-yi0-f44.google.com (mail-yi0-f44.google.com [209.85.218.44]) by core3.amsl.com (Postfix) with ESMTP id 8AA4B3A6B10 for <hybi@ietf.org>; Mon, 10 Jan 2011 10:18:11 -0800 (PST)
Received: by yie19 with SMTP id 19so6321603yie.31 for <hybi@ietf.org>; Mon, 10 Jan 2011 10:20:25 -0800 (PST)
MIME-Version: 1.0
Received: by 10.91.26.24 with SMTP id d24mr6565756agj.160.1294683625438; Mon, 10 Jan 2011 10:20:25 -0800 (PST)
Received: by 10.90.154.19 with HTTP; Mon, 10 Jan 2011 10:20:25 -0800 (PST)
In-Reply-To: <AANLkTimqw7Dri=m_Fj6Jai=KK59xVt_YVEM+AXTczPYq@mail.gmail.com>
References: <AANLkTim2VGfH2FiJ4iH85wYiuXNKQ1Arh1C1Kg4M58Fs@mail.gmail.com> <20110109224228.GU5743@1wt.eu> <AANLkTikgB+Ju-k0obs9it7TOsy8B1jaCYv8zBpB9dEa_@mail.gmail.com> <20110110065408.GL5743@1wt.eu> <AANLkTimqw7Dri=m_Fj6Jai=KK59xVt_YVEM+AXTczPYq@mail.gmail.com>
Date: Mon, 10 Jan 2011 18:20:25 +0000
Message-ID: <AANLkTinY1V7VvAowmrfoBdSscK7J_BCGkdUSLEB_+wpz@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
To: ifette@google.com
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] It's time to ship
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jan 2011 18:18:12 -0000
2011/1/10 Ian Fette (イアンフェッティ) <ifette@google.com>: > On Sun, Jan 9, 2011 at 10:54 PM, Willy Tarreau <w@1wt.eu> wrote: >> >> Hello Ian, >> >> On Sun, Jan 09, 2011 at 10:08:13PM -0800, Ian Fette >> (????????????????????????) wrote: >> > > - you're using the OPTIONS method. The WG's consensus was voted as >> > > using >> > > GET. While technically working, OPTIONS limits some possibilities >> > > since >> > > no path is sent to the server. >> > > >> > > >> > I agree it is important to be able to identify between various resources >> > on >> > a server. E.g. for our use, we will have multiple different websocket >> > endpoints, and we want our frontend to be able to dispatch to the >> > appropriate backend based on the information in the handshake. That >> > said, I >> > think the draft allows for that (Sec-WebSocket-URL), or as pointed out >> > on >> > another thread, it appears OPTIONS does allow for a path component. So, >> > I >> > think we should be able to resolve that point. >> >> Once again,I'm not opposed at all to this point. I'd even say that would >> it >> not have been accepted as a consensus in the last poll, I'd probably have >> voted for it. It's just that it's a change from what was planned till now >> and participants need to express their opinion on that point. >> >> > > - your proposal involves AES-128-CTR. As was discussed here, it seems >> > > there >> > > are still export regulations for certain countries eventhough >> > > they're >> > > apparently fading out. It could still be a problem for companies >> > > who >> > > want >> > > to export products to some countries and which never had to put >> > > crypto >> > > in >> > > them. >> > > >> > >> > It would be nice to understand if this is actually a hard constraint. >> > AES-128-CTR has the benefit of being well understood, as well as fast, >> > as >> > demonstrated by Maciej in another thread. That said, I don't care >> > strongly >> > one way or another here. >> >> One of my issue with it is that despite being fast, it's a lot slower than >> simpler masking. I design software components to be used at the border >> side >> of infrastructures to dispatch the traffic to multiple servers, and I'm >> very much concerned by the performance limitations. On a machine which has >> normally no issue processing 10 Gbps of HTTP, I could not even process 1 >> Gbps >> of WebSocket with large contents. This is much concerning because it >> implies >> that in order to build the stream analysers we've talked about in the >> past, >> it will become mandatory to install expensive crypto acceleration cards. >> This >> is not logical for a protocol which is supposed to be transferred in clear >> (ws:// as opposed to wss://). Checking for forbidden words, dangerous >> links >> or forbidden contents on campus sites will be much more expensive due to >> this >> masking algorithm alone. >> >> > > - several people on the list asked for the ability to be able to >> > > disable >> > > the masking in some well-controlled environments (eg: >> > > server-to-server >> > > communications). I see no provisions for this. >> > > >> > > >> > There's nothing that would prevent you from writing an extension that >> > would >> > disable the masking, from my understanding. >> >> Adam did not seem favorable to that. >> >> > > - it has not yet been stated whether only the payload or also the >> > > framing >> > > should be masked. Your proposal masks both, which means that it >> > > definitely >> > > blocks any possibility of performing multiplexing later. There does >> > > not >> > > appear to have been a consensus in this area yet. >> > > >> > > >> > I'm not sure why this would block the possibility of multiplexing. I >> > would >> > agree that would be a problem if it were the case. However, a number of >> > the >> > early proposals for multiplexing included something like a stream-id in >> > the >> > frame. This could still be present. Though it would be masked, so would >> > the >> > length and other things that a meaningful intermediary would care about, >> > so >> > assuming the intermediary was capable of un-masking, is this an issue? >> >> Yes, and you got the point : if the ID is masked, how to you know which >> stream it is in order to pick the right unmask key ? At least the stream >> ID will have to be unmasked. If we prepend it before the frame, it means >> a new framing format. Till not it was suggested to have it in the frame. >> > > So, you're saying that with the XOR masking where the entire content > required to unmask the frame was included in the frame, it would be easier > for an intermediary to thus examine the frame? I agree that it would be > easier, and that in the AES method it would require an intermediary to be > "active" instead of "passive", e.g. terminate the connection at the > intermediary. I personally think that's a good argument towards XOR, but am > personally not heavily invested either way as I think for our uses, we would > be terminating at the "intermediary" anyways. > Ian, Im not sure Im following the reasoning here: why does the AES mechanism (which is, after all, just an XOR with a long, randomly computed mask) require an active intermediary? Thanks, -Ekr
- Re: [hybi] It's time to ship Greg Wilkins
- [hybi] It's time to ship Adam Barth
- Re: [hybi] It's time to ship Willy Tarreau
- Re: [hybi] It's time to ship Adam Barth
- Re: [hybi] It's time to ship Willy Tarreau
- [hybi] OPTIONS (was Re: It's time to ship) Maciej Stachowiak
- Re: [hybi] OPTIONS (was Re: It's time to ship) Adam Barth
- [hybi] HELLO frames (was Re: It's time to ship) Maciej Stachowiak
- Re: [hybi] It's time to ship Adam Barth
- Re: [hybi] OPTIONS (was Re: It's time to ship) Maciej Stachowiak
- Re: [hybi] OPTIONS (was Re: It's time to ship) Willy Tarreau
- Re: [hybi] HELLO frames (was Re: It's time to shi… Willy Tarreau
- Re: [hybi] OPTIONS (was Re: It's time to ship) Julian Reschke
- Re: [hybi] OPTIONS (was Re: It's time to ship) Julian Reschke
- Re: [hybi] HELLO frames (was Re: It's time to shi… Julian Reschke
- Re: [hybi] OPTIONS (was Re: It's time to ship) Willy Tarreau
- Re: [hybi] HELLO frames (was Re: It's time to shi… Willy Tarreau
- Re: [hybi] HELLO frames (was Re: It's time to shi… Julian Reschke
- Re: [hybi] HELLO frames (was Re: It's time to shi… Willy Tarreau
- Re: [hybi] OPTIONS (was Re: It's time to ship) Roy T. Fielding
- Re: [hybi] It's time to ship Adam Barth
- Re: [hybi] OPTIONS (was Re: It's time to ship) Willy Tarreau
- Re: [hybi] It's time to ship Willy Tarreau
- Re: [hybi] OPTIONS (was Re: It's time to ship) Julian Reschke
- Re: [hybi] OPTIONS (was Re: It's time to ship) Roy T. Fielding
- Re: [hybi] OPTIONS (was Re: It's time to ship) Roy T. Fielding
- Re: [hybi] OPTIONS (was Re: It's time to ship) Adam Barth
- Re: [hybi] It's time to ship Ian Fette (イアンフェッティ)
- Re: [hybi] It's time to ship Greg Wilkins
- Re: [hybi] It's time to ship Greg Wilkins
- Re: [hybi] OPTIONS (was Re: It's time to ship) Greg Wilkins
- Re: [hybi] It's time to ship Greg Wilkins
- Re: [hybi] It's time to ship Willy Tarreau
- Re: [hybi] It's time to ship Greg Wilkins
- Re: [hybi] It's time to ship Eric Rescorla
- Re: [hybi] It's time to ship Ian Fette (イアンフェッティ)
- Re: [hybi] It's time to ship Ian Fette (イアンフェッティ)
- Re: [hybi] It's time to ship Eric Rescorla
- Re: [hybi] It's time to ship Bruce Atherton
- Re: [hybi] It's time to ship Bjoern Hoehrmann
- Re: [hybi] It's time to ship Adam Barth
- Re: [hybi] It's time to ship Bjoern Hoehrmann
- Re: [hybi] It's time to ship Adam Barth
- Re: [hybi] It's time to ship Takeshi Yoshino
- Re: [hybi] It's time to ship Adam Barth