Re: [hybi] Redesigning the Web Socket handshake
Maciej Stachowiak <mjs@apple.com> Fri, 05 February 2010 11:52 UTC
Return-Path: <mjs@apple.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A26E3A6D3E for <hybi@core3.amsl.com>; Fri, 5 Feb 2010 03:52:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.591
X-Spam-Level:
X-Spam-Status: No, score=-106.591 tagged_above=-999 required=5 tests=[AWL=0.007, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X+N5Y89-bWF3 for <hybi@core3.amsl.com>; Fri, 5 Feb 2010 03:52:45 -0800 (PST)
Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by core3.amsl.com (Postfix) with ESMTP id 4B4933A6880 for <hybi@ietf.org>; Fri, 5 Feb 2010 03:52:45 -0800 (PST)
Received: from relay14.apple.com (relay14.apple.com [17.128.113.52]) by mail-out4.apple.com (Postfix) with ESMTP id 6D5268A380E9 for <hybi@ietf.org>; Fri, 5 Feb 2010 03:53:35 -0800 (PST)
X-AuditID: 11807134-b7cd9ae000001002-c3-4b6c06bfb4d0
Received: from elliott.apple.com (elliott.apple.com [17.151.62.13]) by relay14.apple.com (Apple SCV relay) with SMTP id FE.36.04098.FB60C6B4; Fri, 5 Feb 2010 03:53:35 -0800 (PST)
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_zl13W+n1xg87ZTlpDS7eMA)"
Received: from [10.0.1.5] (c-69-181-42-237.hsd1.ca.comcast.net [69.181.42.237]) by elliott.apple.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit)) with ESMTPSA id <0KXD00I8MAD98900@elliott.apple.com> for hybi@ietf.org; Fri, 05 Feb 2010 03:53:34 -0800 (PST)
From: Maciej Stachowiak <mjs@apple.com>
In-reply-to: <A82FE113-B675-424A-9B35-737A7CB1A5BA@nokia.com>
Date: Fri, 05 Feb 2010 03:53:32 -0800
Message-id: <D9B3CE74-246F-436D-8452-0148355CD6E2@apple.com>
References: <Pine.LNX.4.64.1002012305000.21600@ps20323.dreamhostps.com> <4B6A98EE.9090006@it.aoyama.ac.jp> <A82FE113-B675-424A-9B35-737A7CB1A5BA@nokia.com>
To: Lars Eggert <lars.eggert@nokia.com>
X-Mailer: Apple Mail (2.1077)
X-Brightmail-Tracker: AAAAAQAAAZE=
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Redesigning the Web Socket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2010 11:52:46 -0000
On Feb 5, 2010, at 12:23 AM, Lars Eggert wrote: > Hi, > > On 2010-2-4, at 11:52, Martin J. Dürst wrote: >> On 2010/02/02 8:47, Ian Hickson wrote: >> >>> * Using ports 81/815 instead of 80/443 would be ideal, but IANA said that >>> if we look like HTTP, we must use ports 80/443. > > I'm trying to find out from IANA if this is really what the IANA Expert Reviewer said. There might have been a misunderstanding here. > >> Well, the port space is pretty crowded these days. But IANA is not going >> to tell the *IETF* that they need the same ports as another protocol in >> case the IETF decides that it needs different ports. IANA's job >> description, for the protocol registries, is essentially: Register >> everything the IETF tells you, the way they tell you. > > IANA assumes that requests coming through the IETF have been more carefully vetted than port requests that arrive from elsewhere, so there is no Expert Review for those, because the IETF process should have eliminated/corrected nonsensical requests before they hit IANA. > >> So for the moment, please assume that if we (as an IETF WG, followed by >> IETF last call) decide that we need new ports, IANA will try their best >> to give us new ports. The exact number may be treated as a detail. > > Yes. Notwithstanding what IANA may say, sharing the standard HTTP and HTTPS ports is rather useful for getting through firewalls. Even if they were not the defaults, I bet a lot of people would manually choose 443 in particular. Given this, we really want to make the protocol look enough like HTTP that you can share that port on the same host between HTTP and WebSocket. If there was no need to look anything like HTTP, we could use a handshake that's much more secure n the face of cross-protocol attacks. Regards, Maciej
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Vladimir Katardjiev
- Re: [hybi] Redesigning the Web Socket handshake Francis Brosnan Blázquez
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Roberto Peon
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst
- Re: [hybi] Redesigning the Web Socket handshake Lars Eggert
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst