[hybi] -09: handshake
Peter Saint-Andre <stpeter@stpeter.im> Thu, 16 June 2011 21:50 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FFB311E80F9 for <hybi@ietfa.amsl.com>; Thu, 16 Jun 2011 14:50:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.499
X-Spam-Level:
X-Spam-Status: No, score=-102.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aIAJfJmBP4x4 for <hybi@ietfa.amsl.com>; Thu, 16 Jun 2011 14:50:57 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id B2B8211E80CF for <hybi@ietf.org>; Thu, 16 Jun 2011 14:50:57 -0700 (PDT)
Received: from dhcp-64-101-72-207.cisco.com (dhcp-64-101-72-207.cisco.com [64.101.72.207]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 773F3400A5 for <hybi@ietf.org>; Thu, 16 Jun 2011 15:51:22 -0600 (MDT)
Message-ID: <4DFA7ABF.3030308@stpeter.im>
Date: Thu, 16 Jun 2011 15:50:55 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10
MIME-Version: 1.0
To: "hybi@ietf.org" <hybi@ietf.org>
X-Enigmail-Version: 1.1.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms050401060503090609090305"
Subject: [hybi] -09: handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jun 2011 21:50:59 -0000
Here are some comments on Section 5, again mostly editorial... Section 5.1 uses the terms "/resource name/" whereas Section 3 uses the term "resource-name". Section 5.1 talks about a "/secure/ flag" but that term is not used in Section 3. Perhaps modify the latter to say: The URI is called "secure" (and it said that "the secure flag is set") if the scheme component matches "wss" case-insensitively. Change "may" to "MAY" in this sentence... Clients running in controlled environments, e.g. browsers on mobile handsets tied to specific carriers, may offload the management of the connection to another agent on the network. It's not clear to me what we mean by "another agent". Is this, for example, separate software that runs on the same handset as the WebSocket, an application provided by the handset manufacturer or service provider that the handset client interacts with via an API, some kind of third-party service, or any of the above? There are a few confusing phrases and long sentences here: If the client cannot determine the IP address of the remote host (for example because all communication is being done through a proxy server that performs DNS queries itself), then the client MUST assume for the purposes of this step that each host name refers to a distinct remote host, and should instead limit the total number of simultaneous connections that are not established to a reasonably low number (e.g., in a Web browser, simultaneous pending connections to a.example.com and b.example.com would be allowed, but if thirty connections are requested, that may not be allowed. The limit should consider the number of tabs the user has open. I suggest: If the client cannot determine the IP address of the remote host (for example because all communication is being done through a proxy server that performs DNS queries itself), then the client MUST assume for the purposes of this step that each host name refers to a distinct remote host. Instead, the client SHOULD limit the total number of simultaneous pending connections to a reasonably low number (e.g., the client might allow simultaneous pending connections to a.example.com and b.example.com, but might not allow thirty simultaneous pending connections to various hosts). In a Web browser context, the client SHOULD consider the number of tabs the user has open in setting a limit to the number of simultaneous pending connections. I have one nit and one concern with this text: NOTE: This makes it harder for a script to perform a denial of service attack by just opening a large number of WebSocket connections to a remote host. A server can further reduce the load on itself when attacked by making use of this by pausing before closing the connection, as that will reduce the rate at which the client reconnects. Nit: change "by making use of this by pausing before closing the connection" to "by pausing before closing the connection". Concern: this specification says nothing about the reconnection logic. You might adapt some of the text from Section 3.3 of RFC 6120: ### 3.3. Reconnection It can happen that an XMPP server goes offline unexpectedly while servicing TCP connections from connected clients and remote servers. Because the number of such connections can be quite large, the reconnection algorithm employed by entities that seek to reconnect can have a significant impact on software performance and network congestion. If an entity chooses to reconnect, it: o SHOULD set the number of seconds that expire before reconnecting to an unpredictable number between 0 and 60 (this helps to ensure that not all entities attempt to reconnect at exactly the same number of seconds after being disconnected). o SHOULD back off increasingly on the time between subsequent reconnection attempts (e.g., in accordance with "truncated binary exponential backoff" as described in [ETHERNET]) if the first reconnection attempt does not succeed. ### A question about this text: Servers can refuse to accept connections from hosts with an excessive number of existing connections Do we mean "hosts" here or instead "clients" or "IP addresses"? 3. _Proxy Usage_: If the client is configured to use a proxy when using the WebSocket protocol to connect to host /host/ and/or port /port/, then the client SHOULD connect to that proxy and ask it to open a TCP connection to the host given by /host/ and the port given by /port/. Do we really mean "and/or"? I don't think you can connect to just a port. :) s/SOCKS/SOCKS5 [RFC1928]/ s/[RFC3548]/[RFC4648]/ Please also specify which flavor of base64 (Section 4 or Section 5 of RFC 4648) and specify whether padding bits are included at the end of the block. It looks as if [I-D.ietf-websec-origin] is a normative reference, since we're taking the ABNF for the "Sec-WebSocket-Origin" from that spec. I don't think that should hold up publication of the WebSocket spec, but if you're worried about that then please provide reviews of the same origin spec on the WebSec list. :) https://www.ietf.org/mailman/listinfo/websec 10. The request MAY include a header with the name "Sec-WebSocket- Protocol". If present, this value indicates the subprotocol(s) the client wishes to speak, ordered by preference. Please specify that the subprotocols are provided in a comma-separated list. (And again in Section 5.2.1.) Once the client's opening handshake has been sent, the client MUST wait for a response from the server before sending any further data. I don't see anywhere a definition of the server's behavior (e.g., it MUST close the WebSocket if the client tries to send data before the server sends a response). In Section 5.2.2... At this point, the server may begin sending (and receiving) data. I think at this point both parties (client and server) are allowed to send data, right? Peter -- Peter Saint-Andre https://stpeter.im/
- [hybi] -09: handshake Peter Saint-Andre
- Re: [hybi] -09: handshake Simon Pieters
- Re: [hybi] -09: handshake Alexey Melnikov