Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt

Willy Tarreau <w@1wt.eu> Fri, 09 September 2011 14:05 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16BE521F8B40 for <hybi@ietfa.amsl.com>; Fri, 9 Sep 2011 07:05:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.9
X-Spam-Level:
X-Spam-Status: No, score=-3.9 tagged_above=-999 required=5 tests=[AWL=-1.857, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zr-dPz20H3E7 for <hybi@ietfa.amsl.com>; Fri, 9 Sep 2011 07:05:05 -0700 (PDT)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by ietfa.amsl.com (Postfix) with ESMTP id 4FA4E21F8B1F for <hybi@ietf.org>; Fri, 9 Sep 2011 07:05:04 -0700 (PDT)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id p89E6bVQ031686; Fri, 9 Sep 2011 16:06:37 +0200
Date: Fri, 09 Sep 2011 16:06:37 +0200
From: Willy Tarreau <w@1wt.eu>
To: "Richard L. Barnes" <rbarnes@bbn.com>
Message-ID: <20110909140637.GB30240@1wt.eu>
References: <20110831184207.1514.64093.idtracker@ietfa.amsl.com> <0fc901cc6878$1681eec0$0a00a8c0@Venus> <CAH9hSJb2rH+fX0AnekYxsEkHKzb15aHrg_hDQw1baWLiWBF-3w@mail.gmail.com> <CA566BAEAD6B3F4E8B5C5C4F61710C11448BCD04@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <20110908211638.GD27297@1wt.eu> <462EDFEF-9BAF-4509-96AF-61D450FCD425@bbn.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <462EDFEF-9BAF-4509-96AF-61D450FCD425@bbn.com>
User-Agent: Mutt/1.4.2.3i
Cc: "hybi@ietf.org" <hybi@ietf.org>, Gabriel Montenegro <Gabriel.Montenegro@microsoft.com>
Subject: Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 14:05:06 -0000

On Fri, Sep 09, 2011 at 09:56:48AM -0400, Richard L. Barnes wrote:
> > - clients are not required to accept masked frames, so the server MUST NOT
> >  send masked frames. Whether clients accept or not masked frames has no
> >  importance.
> > 
> > - In order to ensure intermediary protection, clients MUST mask outgoing
> >  frames, and servers MUST NOT accept unmasked frames.
> 
> Let's not fool ourselves that having servers reject unmasked frames does anything about intermediary protection. 
> 
> If there's a WS stack out there that an attacker can force to send unmasked frames, then the game is already over.  The attacker just connects to a server under his control that will accept the unmasked frames, and the gig is up.

It's not what I'm targetting at all. My concern is that if we accept that
servers don't check, then laziness will win and we'll quickly see a number
of clients who won't mask at all because it works. And THEN server-side
controlled software will be an issue. By ensuring that servers only accept
masked frames, we force clients to always enable masking.

Regards,
Willy