IETF Logo Mail Archive

Re: [hybi] Serf support for BWTP

Greg Wilkins <gregw@webtide.com> Sun, 31 January 2010 22:09 UTC

Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7187A3A67D9 for <hybi@core3.amsl.com>; Sun, 31 Jan 2010 14:09:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.42
X-Spam-Level:
X-Spam-Status: No, score=-2.42 tagged_above=-999 required=5 tests=[AWL=0.179, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MOQdBjpdbAfY for <hybi@core3.amsl.com>; Sun, 31 Jan 2010 14:09:05 -0800 (PST)
Received: from mail-gx0-f226.google.com (mail-gx0-f226.google.com [209.85.217.226]) by core3.amsl.com (Postfix) with ESMTP id 7E1543A67D3 for <hybi@ietf.org>; Sun, 31 Jan 2010 14:09:05 -0800 (PST)
Received: by gxk26 with SMTP id 26so40892gxk.8 for <hybi@ietf.org>; Sun, 31 Jan 2010 14:09:34 -0800 (PST)
Received: by 10.101.105.15 with SMTP id h15mr4175548anm.105.1264975774095; Sun, 31 Jan 2010 14:09:34 -0800 (PST)
Received: from ?10.10.1.11? (60-242-119-126.tpgi.com.au [60.242.119.126]) by mx.google.com with ESMTPS id 16sm2752749gxk.3.2010.01.31.14.09.31 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 31 Jan 2010 14:09:33 -0800 (PST)
Message-ID: <4B65FF91.1070702@webtide.com>
Date: Mon, 01 Feb 2010 09:09:21 +1100
From: Greg Wilkins <gregw@webtide.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Ian Hickson <ian@hixie.ch>, hybi@ietf.org
References: <5c902b9e0912180032o33d58da5hf3411baeb1fc5f7f@mail.gmail.com> <Pine.LNX.4.64.1001310829370.3846@ps20323.dreamhostps.com>
In-Reply-To: <Pine.LNX.4.64.1001310829370.3846@ps20323.dreamhostps.com>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [hybi] Serf support for BWTP
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2010 22:09:06 -0000

Ian Hickson wrote:

> I've tried to address some of this feedback in the spec, in particular
> rewriting some sections to be more straight-forward about what needs
> implementing.


Ian,

you have indeed reacted to this feedback and improved sections of the
document.   Section 1.2 has the ABNF form of the framing and is a very
welcome addition.  Thanks.


> [1] I'm convinced, based on experience with a number of other
> specifications for Web standards, that the abstract style leads to
> significantly more implementation bugs and interoperability problems than
> the more imperative style the spec currently uses. I'm not convinced it's
> possible to sanely define all the error handling rules needed to get good
> interop on the Web without having explicit sections for clients and
> servers.


I believe that the algorithmic specifications that remain in the document
actually introduce a significant lack of clarity and ambiguity.

The algorithms if implemented as described, would have measurable
external artefacts.

For example, when section 4.1 - 5 says "send the following bytes to the
remote server 47 45 54 20", do I actually have to send them?  Or can
I buffer them with the following bytes. Would a server be justified in
rejecting the handshake (on security grounds?) because those bytes
are not sent in their own TCP/IP packet?        The specification relies
on assumed common practise and understanding that "send" can actually
mean "buffer and flush sometime later, perhaps aggregated with previous
and/or following sends".   Relying on assumed interpretation is not
a good thing for a spec.


Another issue is that only the client-side sentinel framing algorithm
says:
              "If the client
              runs out of resources for buffering the incoming data, or
              hits an artificial resource limit intended to avoid
              resource starvation, then it must fail the Web Socket
              connection and abort these steps."

Does this mean that the serverside or client length framing cannot
reject a connection based on resource limits?  Must this sentence be
put into every step of the algorithm that says "read a byte"?

Surely it would be better just to express this error handling
non-algorithmicaly?  In which case your point about "sanely define
all the error handling rules" does not stand up well to this example.

There are numerous error handling cases not handled in your
algorithms:

 + int or long  overflow if a very very large number is sent as a
   frame length.

 + what to do if a client sends for the length 0x80, 0x80, 0x80, ....
   do we read and multiply forever or can we conclude that somebody
   is messing with us?

In the client framing, we are allowed to abort "If no byte could be
read because the Web Socket connection is closed".    But the server
is not granted that permission.   What can we do if a read times out
but the websocket is not closed?


In fact I can see no sanely defined error handling in these
algorithms at all.  Can you point me to one example in section 4.2 or 5.3
that is both complete, un-reliant on common sense interpretation and
could not be better and less verbosely defined in imperative style?


regards

v2.29.0 | Report a Bug | By Email | System Status