Re: [hybi] Call for interest: multiplexing dedicated for WebSocket

[Tobias Oberstein <tobias.oberstein@tavendo.de>]

>>However, when running _different_ apps on the same device connecting to the same origin,

>You meant same ws:// address?
 
Yes, sorry not origin.

I had a look into the MUX RFC again .. couldn't find anser to the following (may have missed sth):

What WS addresses would be eligible to be multiplexed over a single WS connection?

a) ws://somehost.com:999/
b) ws://somehost.com:999/foo
c) ws://somehost.com:999/bar

d) wss://somehost.com:999/
e) wss://somehost.com:999/foo
f) wss://somehost.com:999/bar

All of a) - f) are to the same target IP:port and hence could share the same TCP.

However, d) - f) use wss, and hence have a TLS handshake right after TCP establishment.

So d) - f) cannot be multiplexed over the same physical WS as a) - c)?

Or can an implementation just "silently" transport a)-c) also over wss, and hence multiplex all of a) - f) over 1 physical WS?

Lastly, a)-c) are to the same target IP:port and also WS schema (ws, not wss) - and hence can be multiplexed over 1 physical WS even though they are to different URL paths?

IOW: in the context of ws-mux, what is "same target"?

The combination of IP, port and WS schema (but not necessarily same URL path)?

>>Btw: assuming SPDY runs over TLS exclusively, is there any need for WS frame masking anymore?

>See this post by Eric about BEAST attack. I think it's not easy to conclude that mask is unncessary for wss.
>http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
 
Ok, I see. Non-trivial.