IETF Logo Mail Archive

Re: [hybi] #1: HTTP Compliance

gustav trede <gustav.trede@gmail.com> Sun, 15 August 2010 10:55 UTC

Return-Path: <gustav.trede@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 091D73A67A7 for <hybi@core3.amsl.com>; Sun, 15 Aug 2010 03:55:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Yqkk3yx0yuq for <hybi@core3.amsl.com>; Sun, 15 Aug 2010 03:55:06 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 607E43A657C for <hybi@ietf.org>; Sun, 15 Aug 2010 03:54:57 -0700 (PDT)
Received: by wyb40 with SMTP id 40so4871458wyb.31 for <hybi@ietf.org>; Sun, 15 Aug 2010 03:55:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=yOz6rReyTp17UZa4WuoLuNrfF2c8FyJE5ntIN7VTa/I=; b=WSwjQP1c92g75WSGcnaSCmPrNVqvi1MndAU5b9EKkn9+a7Iqlyqf6XeeEZVV+tIpLw +NDRnZvq7jzme9lmUpfPwxS3lmcVXrwa+2Blek1zSuZGOSm/A5cyloX7R5sYV2APez4G r5oS44/MyST7gZmttGy/U0t23cDsKxblVach0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=vxunSmZTM+/+RYuEI7KPHjpC4aqVDP+s2xWQHPe1HJv5eHnPBFM5RYxsiJXd3KOD9y WQEE8HYiZ/+Jj6mpEOT784t2bVLIJ2HLfA3RlqaBYVSzcjbPdzYscAIfrDTE/VVAqwoc KTveFKaM0pxHlmpgqkplzmj/eRoH5ScuilXSw=
MIME-Version: 1.0
Received: by 10.216.70.132 with SMTP id p4mr1421043wed.112.1281869732611; Sun, 15 Aug 2010 03:55:32 -0700 (PDT)
Received: by 10.216.172.139 with HTTP; Sun, 15 Aug 2010 03:55:32 -0700 (PDT)
In-Reply-To: <20100815105045.GB27614@1wt.eu>
References: <f7d4bb98e444b85b9bf1af6d4d9f0772.squirrel@sm.webmail.pair.com> <20100815100717.GA27614@1wt.eu> <AANLkTimQeG32CbZG5DsGmthwH3CwqHtncs7tGCTtg0d+@mail.gmail.com> <20100815105045.GB27614@1wt.eu>
Date: Sun, 15 Aug 2010 12:55:32 +0200
Message-ID: <AANLkTinT9r47qqG2s-MEpGxwGuOcST9tRTLS_TyQKf_r@mail.gmail.com>
From: gustav trede <gustav.trede@gmail.com>
To: Willy Tarreau <w@1wt.eu>
Content-Type: multipart/alternative; boundary="00504502d31a0f8d7b048dda8e45"
Cc: hybi@ietf.org
Subject: Re: [hybi] #1: HTTP Compliance
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Aug 2010 10:55:08 -0000

On 15 August 2010 12:50, Willy Tarreau <w@1wt.eu> wrote:

> On Sun, Aug 15, 2010 at 12:24:38PM +0200, gustav trede wrote:
> > On 15 August 2010 12:07, Willy Tarreau <w@1wt.eu> wrote:
> >
> > > On Sun, Aug 15, 2010 at 05:10:09AM -0400, Shelby Moore wrote:
> > > > An HTTP proxy that is compatible with draft/proposal #76 (the
> contentious
> > > > one that passes 8 extra characters after the HTTP header without a
> > > > Content-Length header), would need a specific code path for the
> WebSocket
> > > > upgrade request in order to pass 8, and only 8, extra characters
> > > > (concensus is that passing an arbitrary content length would be a
> > > security
> > > > hole).
> > > >
> > > > Isn't it the antithesis of the 80/20 rule and interoperability to
> require
> > > > every HTTP proxy in the world to have specific code path for every
> > > > possible future HTTP Upgrade protocol that comes along?
> > >
> > > it's even worse than that, it means that such a reverse-proxy, when
> shared
> > > between HTTP and Websocket, will have to accept to blindly forward
> those 8
> > > bytes everytime someones *pretends* to talk websocket, without the
> server's
> > > consent.
> > >
> > > Since reverse-proxies are used everywhere (in IDS, HTTP-aware
> firewalls,
> > > caches, load balancers, etc...), it is not even advisable to have
> per-host
> > > or per-IP rules considering the large number of hosts that can be
> installed
> > > behind any of them.
> > >
> > > So it is very important that if we go the HTTP way, we respect the
> > > protocol's
> > > semantics.
> > >
> > > In fact, the protocol can be made HTTP compliant by switching two lines
> in
> > > the description of the server's behaviour : the server just has to send
> the
> > > 101 *BEFORE* it reads the /key3/ parameter, and we're done.
> > >
> > >
> > So how come that several technical unsound ideas that more or less
> originate
> > from one person is ending up in the spec proposal in the first place ?.
>
> You can't blame one single person for proposing something that does not
> happen to work in some circumstances. If everything was that simple, the
> proposal would already have become a spec. One of the goal of the single
> person was to ensure that we'd get quick failures through incompatible
> intermediaries. Achieving this means we may play on the border line of
> the protocol. As long as no problem is identified, there's nothing wrong.
> It's once the problem is identified that we must fix it and get back to
> the compliant side of the protocol.
>
> Regards,
> Willy
>
> Its not the person, its the process of how ideas get formalized into the
spec i was asking about.
Discussions like the one going on now regarding a serious problem, is
perhaps something that should happen before there is a magical decision to
move an idea into the spec proposal ?.

regards
  gustav

v2.23.0 | Report a Bug | By Email