IETF Logo Mail Archive

Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt

"Richard L. Barnes" <rbarnes@bbn.com> Thu, 08 September 2011 16:38 UTC

Return-Path: <rbarnes@bbn.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C6F721F8B5B for <hybi@ietfa.amsl.com>; Thu, 8 Sep 2011 09:38:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.559
X-Spam-Level:
X-Spam-Status: No, score=-106.559 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id imLzTbm3ZlkK for <hybi@ietfa.amsl.com>; Thu, 8 Sep 2011 09:38:27 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 02C6C21F8B5D for <hybi@ietf.org>; Thu, 8 Sep 2011 09:38:27 -0700 (PDT)
Received: from [192.1.255.224] (port=55122 helo=col-dhcp-192-1-255-224.bbn.com) by smtp.bbn.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.74 (FreeBSD)) (envelope-from <rbarnes@bbn.com>) id 1R1heD-0009Cs-Pp; Thu, 08 Sep 2011 12:40:18 -0400
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: "Richard L. Barnes" <rbarnes@bbn.com>
In-Reply-To: <CAO228NuU26y2PkViwqr6DAgJ2v5X-f6c4KZiTs6iQKdK=fW2Vw@mail.gmail.com>
Date: Thu, 08 Sep 2011 12:40:16 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <87A0AF2E-7888-48E7-B70B-4812F3C2188A@bbn.com>
References: <20110831184207.1514.64093.idtracker@ietfa.amsl.com> <0fc901cc6878$1681eec0$0a00a8c0@Venus> <CAH9hSJb2rH+fX0AnekYxsEkHKzb15aHrg_hDQw1baWLiWBF-3w@mail.gmail.com> <17b501cc6d31$3016d6d0$0a00a8c0@Venus> <CAH9hSJYhLpcXrOtS-nzLt2YW9QbngEsfdcNF+0TadyVA6rrK1A@mail.gmail.com> <17ef01cc6d39$3575ae50$0a00a8c0@Venus> <20110907085128.GA19144@1wt.eu> <CAH9hSJYXZ285L_+eJh6VUVCAg4D+u=vQbcjVOA4RMsJSbcHqiw@mail.gmail.com> <CABLsOLBKgnTFga821t2AZ1dXobTsfMb5v8CTJhm_Nr8WMkonaA@mail.gmail.com> <53451FDB-77F7-42A1-8D16-05094C35AB5D@bbn.com> <4E68E9F6.6030901@stpeter.im> <CA566BAEAD6B3F4E8B5C5C4F61710C11448BDC88@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <CAO228NuU26y2PkViwqr6DAgJ2v5X-f6c4KZiTs6iQKdK=fW2Vw@mail.gmail.com>
To: Joel Martin <hybi@martintribe.org>
X-Mailer: Apple Mail (2.1084)
Cc: "hybi@ietf.org" <hybi@ietf.org>, Gabriel Montenegro <Gabriel.Montenegro@microsoft.com>
Subject: Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2011 16:38:27 -0000

On Sep 8, 2011, at 12:36 PM, Joel Martin wrote:

> On Thu, Sep 8, 2011 at 11:24 AM, Gabriel Montenegro <Gabriel.Montenegro@microsoft.com> wrote:
> As chair, I note that the agreement regarding masking (client MUST mask to server) was one of the main points behind the VERY hard fought consensus. I think this is one of those things we can revisit in version 1.1, along with others we've been noting recently.
> 
> As an individual, the MAY mask on Server to client seems to gain nothing (I'm with John Tamplin on this one) and potentially lose something (sendfile), so I'd rather say MUST NOT here.
> 
> I concur. Client to server MUST mask. Server to client MUST NOT mask. Server MUST fail unmasked messages from the client.
> 
> I would also be okay with adding a note indicating that in a future revision of the spec, when WebSockets is used with clients that are running trusted code (i.e. not browsers), the client may choose to not mask and the server can accept unmasked frames. But I think this should only be a note to indicate possible future direction.

You can already make clients that are not browsers.  Indeed, -13 mentions them in several places.  The future is now!

--Richard

v2.23.0 | Report a Bug | By Email