IETF Logo Mail Archive

Re: [hybi] A WebSocket handshake

Maciej Stachowiak <mjs@apple.com> Fri, 08 October 2010 22:06 UTC

Return-Path: <mjs@apple.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 72FE33A6978 for <hybi@core3.amsl.com>; Fri, 8 Oct 2010 15:06:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.606
X-Spam-Level:
X-Spam-Status: No, score=-106.606 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B96OzW7xpksW for <hybi@core3.amsl.com>; Fri, 8 Oct 2010 15:06:18 -0700 (PDT)
Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by core3.amsl.com (Postfix) with ESMTP id 7A0843A693C for <hybi@ietf.org>; Fri, 8 Oct 2010 15:06:18 -0700 (PDT)
Received: from relay11.apple.com (relay11.apple.com [17.128.113.48]) by mail-out4.apple.com (Postfix) with ESMTP id 364F8B4C4D7B for <hybi@ietf.org>; Fri, 8 Oct 2010 15:07:24 -0700 (PDT)
X-AuditID: 11807130-b7b53ae0000049b6-84-4caf961c1062
Received: from et.apple.com (et.apple.com [17.151.62.12]) by relay11.apple.com (Apple SCV relay) with SMTP id 5F.1F.18870.C169FAC4; Fri, 8 Oct 2010 15:07:24 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from [17.151.102.89] by et.apple.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit)) with ESMTPSA id <0L9Z00489S4BC500@et.apple.com> for hybi@ietf.org; Fri, 08 Oct 2010 15:07:24 -0700 (PDT)
From: Maciej Stachowiak <mjs@apple.com>
In-reply-to: <AANLkTinTLK5p0tErj0t0t=sGwqN8v19_F-J4k2=8iqe=@mail.gmail.com>
Date: Fri, 08 Oct 2010 15:07:23 -0700
Message-id: <5C230595-C673-464C-B63E-62BBD75CD62A@apple.com>
References: <AANLkTimQ5x-v+Mz_OHrNDdtVd94E+HOBWwo3_f1ktEeg@mail.gmail.com> <AB43D171-AC38-47CE-BDC7-401E6D782622@apple.com> <AANLkTimfXPuh=8z-Q75iLFApvi93Wq+kC4LY9ev=bGFu@mail.gmail.com> <FACFC0FA-4ED4-4B18-BBCB-6D48D84D0D06@apple.com> <AANLkTinTLK5p0tErj0t0t=sGwqN8v19_F-J4k2=8iqe=@mail.gmail.com>
To: Adam Barth <ietf@adambarth.com>
X-Mailer: Apple Mail (2.1081)
X-Brightmail-Tracker: AAAAAA==
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] A WebSocket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Oct 2010 22:06:19 -0000

On Oct 8, 2010, at 2:50 PM, Adam Barth wrote:

> On Fri, Oct 8, 2010 at 2:41 PM, Maciej Stachowiak <mjs@apple.com> wrote:
>> On Oct 8, 2010, at 2:28 PM, Adam Barth wrote:
>>> On Fri, Oct 8, 2010 at 2:10 PM, Maciej Stachowiak <mjs@apple.com> wrote:
>>>> I like the general approach (based on CONNECT and encrypting the data
>>>> stream), it seems more robust than depending on the details of error
>>>> handling code.
>>> 
>>> Thanks.  I think we can use the encrypted additional information sent
>>> with the initial handshake to address the concerns you express above.
>> 
>> It would be good to spell out the details of what additional information is
>> sent and how. Then we could evaluate how much of a burden it would be for
>> multiplexing servers to dispatch between HTTP and WebSocket, to dispatch to
>> the right virtual host for WebSocket connections, and to dispatch among the
>> "servlets" (or equivalent) that implement individual WebSocket resources.
>> It seems like they would have to handle this differently than how it's
>> currently done for HTTP, it would be useful to understand how different.
> 
> Ok.  We have a lot of flexibility in this regard.  If you like the
> format of the current handshake, you could include the following in
> the additional information (encrypted as described in the document):
> 
>        GET /demo HTTP/1.1
>        Host: example.com
>        Sec-WebSocket-Protocol: sample
>        Origin: http://example.com
> 
> You can also include cookies or whatever else you like.  There are
> only two constraints:
> 
> 1) You don't want to include too many bytes to avoid spamming servers
> with too much traffic before they've agreed to the connection.
> 
> 2) You probably don't want to send message frames until the server
> accepts the connection.  The reason for this is to let simple servers
> just spam back the one-and-only origin they want to accept connections
> from.  If we hold off on message frames until the handshake finishes,
> the browser stops the attacker from sending them messages.  Otherwise,
> they have to actively ignore messages from origins they don't like.

Sounds reasonable. What's interesting about this kind of approach is that it would let servers feed back the second set of headers into their usual host/resource dispatch code. This may make modifications for WebSocket-awareness somewhat simpler.

REgards,
Maciej

v2.23.0 | Report a Bug | By Email