Re: [hybi] Last Call: <draft-ietf-hybi-thewebsocketprotocol-10.txt> (The WebSocket protocol) to Proposed Standard

Dave Cridland <dave@cridland.net> Wed, 27 July 2011 07:38 UTC

Return-Path: <dave@cridland.net>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92CC421F8AD1; Wed, 27 Jul 2011 00:38:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.385
X-Spam-Level:
X-Spam-Status: No, score=-2.385 tagged_above=-999 required=5 tests=[AWL=-0.086, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PujJvoCqUUz7; Wed, 27 Jul 2011 00:38:03 -0700 (PDT)
Received: from peirce.dave.cridland.net (peirce.dave.cridland.net [IPv6:2001:470:1f09:882:2e0:81ff:fe29:d16a]) by ietfa.amsl.com (Postfix) with ESMTP id CE7AF21F86A1; Wed, 27 Jul 2011 00:38:02 -0700 (PDT)
Received: from localhost (peirce.dave.cridland.net [127.0.0.1]) by peirce.dave.cridland.net (Postfix) with ESMTP id BA9E01168087; Wed, 27 Jul 2011 08:37:57 +0100 (BST)
X-Virus-Scanned: Debian amavisd-new at peirce.dave.cridland.net
Received: from peirce.dave.cridland.net ([127.0.0.1]) by localhost (peirce.dave.cridland.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vGJXQvdsteqp; Wed, 27 Jul 2011 08:37:55 +0100 (BST)
Received: from puncture (puncture.dave.cridland.net [IPv6:2001:470:1f09:882:221:85ff:fe3f:1696]) by peirce.dave.cridland.net (Postfix) with ESMTPA id E25D71168067; Wed, 27 Jul 2011 08:37:54 +0100 (BST)
References: <CALiegf=pYzybvc7WB2QfPg6FKrhLxgzHuP-DpuuMfZYJV6Z7FQ@mail.gmail.com> <CAP992=FJymFPKcPVWrF-LkcEtNUz=Kt9L_ex+kLtjiGjL1T46w@mail.gmail.com> <4E28A51F.4020704@callenish.com> <CALiegf=4K2oWfmZjGMD7J_jyaDtS3i+Mu7R0Wh75Rr+MrQCjtw@mail.gmail.com> <20110722054345.GE18126@1wt.eu> <CALiegfnYm6g63JDHLiSH__r-or3kzK0XCVa3cC7RMP14KWBOSg@mail.gmail.com> <20110724120751.GQ22405@1wt.eu> <CALiegfncavmoMp4YDCeeJ3rsOfHAYQ99itKX2Q2eHB351T3X5A@mail.gmail.com> <20110724184537.GZ22405@1wt.eu> <CALiegfne620wuDMAp235n3mVcXTAnbhhNm8vpiNCy5F7+VD92A@mail.gmail.com> <20110724192948.GD22405@1wt.eu> <CALiegf=e48kkF+Gky1mY7LippUB-0kZDgSGZrJxk1aZupAGkYw@mail.gmail.com> <20110727012806.EBB811231907@drugs.dv.isc.org>
In-Reply-To: <20110727012806.EBB811231907@drugs.dv.isc.org>
MIME-Version: 1.0
Message-Id: <9031.1311752274.907487@puncture>
Date: Wed, 27 Jul 2011 08:37:54 +0100
From: Dave Cridland <dave@cridland.net>
To: Mark Andrews <marka@isc.org>, Server-Initiated HTTP <hybi@ietf.org>, Willy Tarreau <w@1wt.eu>, IETF-Discussion <ietf@ietf.org>, =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Content-Type: text/plain; delsp="yes"; charset="us-ascii"; format="flowed"
Subject: Re: [hybi] Last Call: <draft-ietf-hybi-thewebsocketprotocol-10.txt> (The WebSocket protocol) to Proposed Standard
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jul 2011 07:38:03 -0000

On Wed Jul 27 02:28:06 2011, Mark Andrews wrote:
> Billions of dollars have been wasted globally for the sake of a few  
> hours
> work by webbrowser vendors.

Seems to be a recurring theme - browsers could have easily performed  
probe tests to check for vulnerable proxies and disabled WebSockets  
(or negotiated masking), but that was ruled out long ago.

Dave.
-- 
Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade