IETF Logo Mail Archive

Re: [hybi] Framing take IV [why fragment]

Ian Hickson <ian@hixie.ch> Wed, 04 August 2010 19:57 UTC

Return-Path: <ian@hixie.ch>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4AF273A68D6 for <hybi@core3.amsl.com>; Wed, 4 Aug 2010 12:57:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.518
X-Spam-Level:
X-Spam-Status: No, score=-2.518 tagged_above=-999 required=5 tests=[AWL=0.081, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cb3n-akIsi4a for <hybi@core3.amsl.com>; Wed, 4 Aug 2010 12:57:48 -0700 (PDT)
Received: from homiemail-a52.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by core3.amsl.com (Postfix) with ESMTP id 2037E3A6965 for <hybi@ietf.org>; Wed, 4 Aug 2010 12:57:48 -0700 (PDT)
Received: from homiemail-a52.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a52.g.dreamhost.com (Postfix) with ESMTP id 7117A6B80EE; Wed, 4 Aug 2010 12:58:17 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=hixie.ch; h=date:from:to:cc :subject:in-reply-to:message-id:references:mime-version: content-type; q=dns; s=hixie.ch; b=g3d6hazIyYeQ81DtHVnMGBXEMg4rz EmEtxGSzmh15m29Y4C+o0rvxFyDA+15vuRu8OrrrC29515GC8JotFTyaterMZWoT KnUGoQcGzyUbQ/+pbp8EzXpu/jbAVCd4Uu2jUvHmlTtfUL3YiVti1rhOXugtfVqM uEXNuf+HJnUCrI=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=hixie.ch; h=date:from:to :cc:subject:in-reply-to:message-id:references:mime-version: content-type; s=hixie.ch; bh=9RMq67MNC6dT5F7AHhn/BSMB82Q=; b=vrv Hxsu3gLTEauUjrxLAFABlkBZi9V5wQa4EAlwvlzwB8vfv4hhMKu/w+duRuuhS9Uz fw/VmBOn9Q62Sh4398F3Jhq2KY/WyJ2hnerwQe5r6CODqOtSptQc7K6zOssnJl8z 4XX4t/AjGGS7uwDuPmx61gsOOock5WmSG2MqPO3s=
Received: from ps20323.dreamhostps.com (ps20323.dreamhost.com [69.163.222.251]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: internal@index.hixie.ch) by homiemail-a52.g.dreamhost.com (Postfix) with ESMTPSA id 614BB6B80C2; Wed, 4 Aug 2010 12:58:17 -0700 (PDT)
Date: Wed, 04 Aug 2010 19:58:17 +0000
From: Ian Hickson <ian@hixie.ch>
To: Patrick McManus <mcmanus@ducksong.com>
In-Reply-To: <1280947861.7561.388.camel@tng>
Message-ID: <Pine.LNX.4.64.1008041956161.5947@ps20323.dreamhostps.com>
References: <AANLkTinyrDoG5d_Ur6HVRy=SgMPjLzJtpJ++Ye=1DQdj@mail.gmail.com> <Pine.LNX.4.64.1008040050040.5947@ps20323.dreamhostps.com> <AANLkTi=3CJDKu37LV+6CG=d7VP5fOe-JNV9Cd=99BjjA@mail.gmail.com> <2AD09E86-CFFE-4378-A437-7EAE2E3026FD@apple.com> <1280937841.7561.292.camel@tng> <Pine.LNX.4.64.1008041754000.5947@ps20323.dreamhostps.com> <1280947861.7561.388.camel@tng>
Content-Language: en-GB-hixie
Content-Style-Type: text/css
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Cc: hybi@ietf.org
Subject: Re: [hybi] Framing take IV [why fragment]
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Aug 2010 19:57:49 -0000

On Wed, 4 Aug 2010, Patrick McManus wrote:
> On Wed, 2010-08-04 at 17:55 +0000, Ian Hickson wrote:
> > On Wed, 4 Aug 2010, Patrick McManus wrote:
> > > 
> > > But I also believe fragments with fixed lengths are simpler than a 
> > > BER because properly aligned lengths are always correct data - there 
> > > are no error cases as all the bits are defined to be some quantity 
> > > regardless of their arrangement. BER has error cases and determining 
> > > the expressed quantity requires multiple indirections and a 
> > > significant algorithm to use it.
> > 
> > As far as I can tell there are no error cases as defined in 
> > WebSockets.
> 
> I believe the specific ber length suggestion was:
> 
>  - a BER-encoded packed integer, most-significant-digits first, high bit 
> used to indicate a continuation byte, giving the payload length.
> 
> In that case, as I understand it, it would be an error if the ber type 
> encoding byte didn't specify a universal primitive type of 2. (or maybe 
> I'm wrong and it needs to be some other identifier - but that doesn't 
> really matter).
> 
> it is not a big deal, but it is an error case.

The spec just uses the packed integer part, not the whole ASN.1 form. 
There are no error conditions with that as far as I can tell. There's one 
redundancy (leading 0x80 bytes), but that's not an error case, and since 
the behaviour is well-defined, doesn't even seen to be a likely attack 
vector (which redundancies can often become), though naturally we'd want 
to make sure we tested that thoroughly in our test suite.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

v2.23.0 | Report a Bug | By Email