Re: [hybi] Handshake was: The WebSocket protocol issues.

[Adam Barth <ietf@adambarth.com>]

On Mon, Oct 11, 2010 at 9:49 AM, Bjoern Hoehrmann <derhoermi@gmx.net> wrote:
> * James Graham wrote:
>>So there is an underlying issue here that I don't understand. It seems
>>clear to me that Adam and Eric's proposed handshake has a better
>>security story with regard to cross-protocol attacks than -75, -76, or
>>any other proposal other than using NPN with TLS. However there seem to
>>be a number of people who have problems with this proposed handshake to
>>the extent that they are prepared to forgo the security properties in
>>order to get something different. In general people seem to be aware
>>that they are making the security weaker since the arguments are mostly
>>about how different approaches will probably be good enough in practice
>>even though they are theoretically inferior.
>>
>>What I haven't followed is what the problems with the proposal actually
>>are. I understand that I have likely missed these in other messages, but
>>it would be helpful if people who believe that the proposed approach, or
>>aspects of it, are unworkable could summarise the outstanding issues
>>they see.
>
> The conceptional difference between the CONNECT proposal and the Upgrade
> proposal is that the former does not re-use the normal HTTP routing in-
> formation (path, host, port) meaning you may have to implement Websocket
> at a higher level than you might want to. There seems to be a lack of
> data if using CONNECT is problematic and/or beneficial. The only other
> part of the proposal is essentially "all traffic should be randomized",
> and that has been proposed for either approach.

The use of encryption and the use of CONNECT are indeed separable.

Adam