Re: [hybi] Counter-proposal for initial HTTP handshake

"Simon Pieters" <simonp@opera.com> Mon, 06 December 2010 09:51 UTC

Content-Type: text/plain; charset="utf-8"; format="flowed"; delsp="yes"
To: John Tamplin <jat@google.com>, Bjoern Hoehrmann <derhoermi@gmx.net>
References: <2416.1291380785.015157@puncture> <AANLkTi=7DCCVSO9jJ8osAzbkQrH__A_GDJ6Hed--KMcq@mail.gmail.com> <2416.1291385767.679839@puncture> <AANLkTikXRk41kkBxi7na65rwAjibryapGatdUKV9b9wu@mail.gmail.com> <AANLkTike_Y76WGu0vCwE74g51E4u0AnzsisfX2urS=70@mail.gmail.com> <or2jf65dgbqtlavbse5m7q19u0qo0bnfpi@hive.bjoern.hoehrmann.de>
Date: Mon, 06 Dec 2010 10:52:11 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: Simon Pieters <simonp@opera.com>
Message-ID: <op.vnado9kbidj3kv@simon-pieterss-macbook.local>
In-Reply-To: <or2jf65dgbqtlavbse5m7q19u0qo0bnfpi@hive.bjoern.hoehrmann.de>
User-Agent: Opera Mail/11.00 (MacIntel)
Cc: Server-Initiated HTTP <hybi@ietf.org>
Subject: Re: [hybi] Counter-proposal for initial HTTP handshake
Precedence: list

On Sat, 04 Dec 2010 01:38:37 +0100, Bjoern Hoehrmann <derhoermi@gmx.net>  
wrote:

> * John Tamplin wrote:
>> The reason it is expensive is that doing any processing on the payload
>> data means you can't do the equivalent of sendfile() to let the OS
>> send a large file for you while you go and do other things.  Also,
>> even inexpensive processes matter when you have to worry about very
>> large scale -- doubling the cost of processing WebSocket payload data
>> on a machine serving thousands or millions of them is a problem.
>
> (I do note in passing that client->server and server->client do not
> necessarily have to use the same message format; the two directions
> differ greatly in their achievable throughputs, odds of long messages,
> and security considerations in most settings. Unfortunately, as far
> as security goes, server->client has not been studied all that much.)

Indeed. Maybe there's no reason to mask the server-sent messages at all.  
It has been pointed out that masking is a performance hit for sendfile()  
use cases.

If the server is under the attacker's control, he can send whatever he  
wants, so masking doesn't help there. If the server is legitimate but the  
attacker succeeds with connecting to it with XHR or something and can read  
the bytes, then masking doesn't help since the attacker can unmask. Are  
there other scenarios where it is helpful to mask the server-sent messages?

-- 
Simon Pieters
Opera Software

Re: [hybi] Counter-proposal for initial HTTP hand… Greg Wilkins
Re: [hybi] Counter-proposal for initial HTTP hand… Dave Cridland
Re: [hybi] Counter-proposal for initial HTTP hand… Roberto Peon
[hybi] Counter-proposal for initial HTTP handshake Dave Cridland
Re: [hybi] Counter-proposal for initial HTTP hand… John Tamplin
Re: [hybi] Counter-proposal for initial HTTP hand… Joe Mason
Re: [hybi] Counter-proposal for initial HTTP hand… Roberto Peon
Re: [hybi] Counter-proposal for initial HTTP hand… Maciej Stachowiak
Re: [hybi] Counter-proposal for initial HTTP hand… Dave Cridland
Re: [hybi] Counter-proposal for initial HTTP hand… Dave Cridland
Re: [hybi] Counter-proposal for initial HTTP hand… Willy Tarreau
Re: [hybi] Counter-proposal for initial HTTP hand… Willy Tarreau
Re: [hybi] Counter-proposal for initial HTTP hand… Maciej Stachowiak
Re: [hybi] Counter-proposal for initial HTTP hand… Eric Rescorla
Re: [hybi] Counter-proposal for initial HTTP hand… Willy Tarreau
Re: [hybi] Counter-proposal for initial HTTP hand… Willy Tarreau
Re: [hybi] Counter-proposal for initial HTTP hand… Zhong Yu
Re: [hybi] Counter-proposal for initial HTTP hand… Bjoern Hoehrmann
Re: [hybi] Counter-proposal for initial HTTP hand… Roberto Peon
Re: [hybi] Counter-proposal for initial HTTP hand… Bjoern Hoehrmann
Re: [hybi] Counter-proposal for initial HTTP hand… Greg Wilkins
Re: [hybi] Counter-proposal for initial HTTP hand… Simon Pieters
Re: [hybi] Counter-proposal for initial HTTP hand… Dave Cridland
Re: [hybi] Counter-proposal for initial HTTP hand… Dave Cridland