Re: [hybi] requirement draft as wg item
"Thomson, Martin" <Martin.Thomson@andrew.com> Wed, 12 May 2010 06:59 UTC
Return-Path: <Martin.Thomson@andrew.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A4AB53A6CB0 for <hybi@core3.amsl.com>; Tue, 11 May 2010 23:59:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.855
X-Spam-Level:
X-Spam-Status: No, score=-0.855 tagged_above=-999 required=5 tests=[AWL=-0.856, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kDuqwdn8DqGX for <hybi@core3.amsl.com>; Tue, 11 May 2010 23:59:37 -0700 (PDT)
Received: from csmailgw2.commscope.com (csmailgw2.commscope.com [198.135.207.242]) by core3.amsl.com (Postfix) with ESMTP id 121CB3A6C83 for <hybi@ietf.org>; Tue, 11 May 2010 23:59:27 -0700 (PDT)
Received: from [10.86.20.103] ([10.86.20.103]:63595 "EHLO ACDCE7HC2.commscope.com") by csmailgw2.commscope.com with ESMTP id S278616Ab0ELG7Q (ORCPT <rfc822; hybi@ietf.org>); Wed, 12 May 2010 01:59:16 -0500
Received: from SISPE7HC2.commscope.com (10.97.4.13) by ACDCE7HC2.commscope.com (10.86.20.103) with Microsoft SMTP Server (TLS) id 8.1.436.0; Wed, 12 May 2010 01:59:16 -0500
Received: from SISPE7MB1.commscope.com ([fe80::9d82:a492:85e3:a293]) by SISPE7HC2.commscope.com ([fe80::58c3:2447:f977:57c3%10]) with mapi; Wed, 12 May 2010 14:59:12 +0800
From: "Thomson, Martin" <Martin.Thomson@andrew.com>
To: Salvatore Loreto <salvatore.loreto@ericsson.com>, "hybi@ietf.org" <hybi@ietf.org>
Date: Wed, 12 May 2010 15:00:55 +0800
Thread-Topic: [hybi] requirement draft as wg item
Thread-Index: AcrxG77kwCn+dkMqSW2/IObbIiZr1QAgtqcg
Message-ID: <8B0A9FCBB9832F43971E38010638454F03E7E23798@SISPE7MB1.commscope.com>
References: <4BE972C5.4060006@ericsson.com>
In-Reply-To: <4BE972C5.4060006@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-BCN: Meridius 1000 Version 3.4 on csmailgw2.commscope.com
X-BCN-Sender: Martin.Thomson@andrew.com
Subject: Re: [hybi] requirement draft as wg item
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 May 2010 06:59:38 -0000
Reading through this, it would be easier to maintain if the requirements were numbered separately by section:
E.g. C1, C2 for client, S1, S2, S3 for server, X1, X2 for security.
Regarding the following security requirement:
REQ. 17: The WebSocket Protocol MUST use the Origin-based security
model commonly used by Web browsers to restrict which Web pages
can contact a WebSocket sever when the WebSocket protocol is used
from a Web page.
It seems that _using_ this model is not what the protocol does. "Supporting" might be a better choice. The attacks that are foiled by the same model are foiled by the browser and its security policy, not the protocol. Same comment for the next requirement.
I'm still not satisfied by the discussion on protocol mimickry. That needs a much longer explanation than the one given. Also, this:
REQ. 19: WebSocket should be designed to be robust against cross-
protocol attacks. The protocol design should consider and
mitigate the risk presented by WebSocket clients to existing
servers (including HTTP servers). It should also consider and
mitigate the risk to WebSocket servers presented by clients for
other protocols (including HTTP).
Could be more simply worded as two requirements:
REQ X-. An HTTP request MUST be difficult for a WebSocket server to mistake for a WebSocket handshake.
With much more explanation. A simple scenario (as Ian provided me recently) would go a long way. Similarly:
REQ X-. A WebSocket handshake MUST be difficult for an HTTP server to mistake for a valid HTTP request.
...with a similar degree of justification. (Random thought: requiring Content-Length: 0 might be a price worth paying here.)
--Martin
> -----Original Message-----
> From: hybi-bounces@ietf.org [mailto:hybi-bounces@ietf.org] On Behalf Of
> Salvatore Loreto
> Sent: Wednesday, 12 May 2010 1:08 AM
> To: hybi@ietf.org
> Subject: [hybi] requirement draft as wg item
>
> Hi,
>
> I want let you know that Greg and Maciej have agreed to take on the
> editorship of the requirement draft,
> and yesterday they have submitted it as wg item.
> The 00 version is substantially the version that has been discussed
> during the face to face meeting
> in Anaheim.
>
> http://tools.ietf.org/html/draft-ietf-hybi-websocket-requirements-00
>
> cheers
> Sal
>
> --
> Salvatore Loreto
> www.sloreto.com
>
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi
- [hybi] requirement draft as wg item Salvatore Loreto
- Re: [hybi] requirement draft as wg item Thomson, Martin
- Re: [hybi] requirement draft as wg item Maciej Stachowiak
- Re: [hybi] requirement draft as wg item Mike Belshe
- Re: [hybi] requirement draft as wg item Greg Wilkins
- Re: [hybi] requirement draft as wg item Greg Wilkins
- Re: [hybi] requirement draft as wg item Scott Ferguson