Re: [hybi] Redesigning the Web Socket handshake
"Martin J. Dürst" <duerst@it.aoyama.ac.jp> Sun, 07 February 2010 09:08 UTC
Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DD6EA3A7194 for <hybi@core3.amsl.com>; Sun, 7 Feb 2010 01:08:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.814
X-Spam-Level:
X-Spam-Status: No, score=-0.814 tagged_above=-999 required=5 tests=[AWL=-1.024, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pKq8g-hIPxsX for <hybi@core3.amsl.com>; Sun, 7 Feb 2010 01:08:37 -0800 (PST)
Received: from scmailgw02.scop.aoyama.ac.jp (scmailgw02.scop.aoyama.ac.jp [133.2.251.42]) by core3.amsl.com (Postfix) with ESMTP id 2AA953A6783 for <hybi@ietf.org>; Sun, 7 Feb 2010 01:08:36 -0800 (PST)
Received: from scmse01.scbb.aoyama.ac.jp (scmse01.scbb.aoyama.ac.jp [133.2.253.158]) by scmailgw02.scop.aoyama.ac.jp (secret/secret) with SMTP id o1799Msb007437 for <hybi@ietf.org>; Sun, 7 Feb 2010 18:09:22 +0900
Received: from (unknown [133.2.206.133]) by scmse01.scbb.aoyama.ac.jp with smtp id 7283_7b5a004a_13c8_11df_8ae9_001d096c566a; Sun, 07 Feb 2010 18:09:22 +0900
Received: from [IPv6:::1] ([133.2.210.1]:58867) by itmail.it.aoyama.ac.jp with [XMail 1.22 ESMTP Server] id <S12F1260> for <hybi@ietf.org> from <duerst@it.aoyama.ac.jp>; Sun, 7 Feb 2010 18:09:22 +0900
Message-ID: <4B6E833A.2020707@it.aoyama.ac.jp>
Date: Sun, 07 Feb 2010 18:09:14 +0900
From: "\"Martin J. Dürst\"" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.1) Gecko/20090902 Eudora/3.0b3
MIME-Version: 1.0
To: Maciej Stachowiak <mjs@apple.com>
References: <Pine.LNX.4.64.1002012305000.21600@ps20323.dreamhostps.com> <4B6A98EE.9090006@it.aoyama.ac.jp> <A82FE113-B675-424A-9B35-737A7CB1A5BA@nokia.com> <D9B3CE74-246F-436D-8452-0148355CD6E2@apple.com>
In-Reply-To: <D9B3CE74-246F-436D-8452-0148355CD6E2@apple.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Redesigning the Web Socket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Feb 2010 09:08:39 -0000
Hello Maciej, On 2010/02/05 20:53, Maciej Stachowiak wrote: > > On Feb 5, 2010, at 12:23 AM, Lars Eggert wrote: > [I wrote.] >>> So for the moment, please assume that if we (as an IETF WG, followed by >>> IETF last call) decide that we need new ports, IANA will try their best >>> to give us new ports. The exact number may be treated as a detail. >> >> Yes. > > Notwithstanding what IANA may say, sharing the standard HTTP and HTTPS ports is rather useful for getting through firewalls. Even if they were not the defaults, I bet a lot of people would manually choose 443 in particular. Given this, we really want to make the protocol look enough like HTTP that you can share that port on the same host between HTTP and WebSocket. If there was no need to look anything like HTTP, we could use a handshake that's much more secure n the face of cross-protocol attacks. Yes. I didn't want to imply that we need separate ports, or that we don't need to be able to bootstrap from HTTP, or anything. I just wanted to say that "we won't get new port numbers" isn't true for development in the IETF, so we shouldn't take this as a constrain of the design. So we could conclude to go with new ports full force, or we could conclude that we need to stay with the HTTP ports, and only these, or we could conclude that we want to be able to use the HTTP ports when nothing else is available, but to get new ports allocated and used because that's better in the long term, or ... whatever we think will actually work best. Regards, Martin. P.S.: It may also pay out to look at http://tools.ietf.org/html/rfc3205. Although we are not using HTTP as a substrate, some of the considerations there in one way or another may apply to our case. I hope the WG Chairs and the ADs can check out early on how this might affect us. -- #-# Martin J. Dürst, Professor, Aoyama Gakuin University #-# http://www.sw.it.aoyama.ac.jp mailto:duerst@it.aoyama.ac.jp
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Vladimir Katardjiev
- Re: [hybi] Redesigning the Web Socket handshake Francis Brosnan Blázquez
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Roberto Peon
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst
- Re: [hybi] Redesigning the Web Socket handshake Lars Eggert
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst