Re: [hybi] Redesigning the Web Socket handshake
Justin Erenkrantz <justin@erenkrantz.com> Wed, 03 February 2010 15:38 UTC
Return-Path: <justin.erenkrantz@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E73453A6839 for <hybi@core3.amsl.com>; Wed, 3 Feb 2010 07:38:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.985
X-Spam-Level:
X-Spam-Status: No, score=-1.985 tagged_above=-999 required=5 tests=[AWL=-0.008, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XKiFJVPkyd-C for <hybi@core3.amsl.com>; Wed, 3 Feb 2010 07:38:10 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by core3.amsl.com (Postfix) with ESMTP id 03E353A6C40 for <hybi@ietf.org>; Wed, 3 Feb 2010 07:38:09 -0800 (PST)
Received: by vws13 with SMTP id 13so345757vws.31 for <hybi@ietf.org>; Wed, 03 Feb 2010 07:38:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=CzGP7h/+N3zLk2/uhu+CcCD7iVSPJQvR7Oo9PpThEB0=; b=jkwNvEdZL+L9Zang5BHUcHPwquUaEZGQSM1esnmIcSgAtyZks/MZOvHZI5HnY/Wckj H1UpiRz/PcE5v8WeeT+6d/GqyFJY/To/0AtNcq695kn9trM4ZU+/w2f0WQkUVDXBL/Kj P8ACM9qvpkrFSmqg3GsTb4Pz2InH7FpiU/X7A=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=rxMYgPfP9eojgJmSUnPucvUIMuwfiyr9nrJeOms6hNzOd+Yr216ZBDS4ldV1f5xo1S 9pfI5woq6+acNHIXJknL1OYGZsBScCE5tGLRKEtfIxMgJ51VEQQF2xdZJbMA01uromUs snT7/iAZbqB2PX6p/sxW8Of1JSHu+vsZehQmo=
MIME-Version: 1.0
Sender: justin.erenkrantz@gmail.com
Received: by 10.142.66.34 with SMTP id o34mr5146521wfa.239.1265211528495; Wed, 03 Feb 2010 07:38:48 -0800 (PST)
In-Reply-To: <BD4D49B1-6EB0-425E-BA3C-AE34DE826739@apple.com>
References: <Pine.LNX.4.64.1002012305000.21600@ps20323.dreamhostps.com> <4B676E8C.70804@webtide.com> <Pine.LNX.4.64.1002020311030.3846@ps20323.dreamhostps.com> <4B679E2C.2080502@webtide.com> <FD440FEA-9F53-4F4C-8AA5-98B23318F0F7@apple.com> <5c902b9e1002021431w25768b2eu4e21244f080bed25@mail.gmail.com> <9A862D96-FD32-4532-BDBE-AAC5C82DB954@apple.com> <BD4D49B1-6EB0-425E-BA3C-AE34DE826739@apple.com>
Date: Wed, 03 Feb 2010 07:38:48 -0800
X-Google-Sender-Auth: 804dac3204d5d28b
Message-ID: <5c902b9e1002030738j20d6a20dud9154b956c338a28@mail.gmail.com>
From: Justin Erenkrantz <justin@erenkrantz.com>
To: Maciej Stachowiak <mjs@apple.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: hybi@ietf.org
Subject: Re: [hybi] Redesigning the Web Socket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 15:38:11 -0000
On Wed, Feb 3, 2010 at 12:20 AM, Maciej Stachowiak <mjs@apple.com> wrote: > I asked a security expert to review this and he had two suggestions: > 1) Include the nonce hash in the status line. The strongest protection > against cross-protocol attacks comes in the first few bytes, according to > him, so it should be as early as possible. The drawback with doing it in the reason is that it is going to be substantially harder to trust that HTTP/1.1 clients and such get proper access to the reason. (And, again, relying upon any bits in the reason is a violation of HTTP - the reason is *only* intended for human eyes. I've seen hands slapped by Roy many times when folks try to expect that the reason is machine-parsable.) Due to that, I think it's an acceptable tradeoff to just put it in the header as originally suggested. It will likely still be in the first packet that the client receives. > 2) The hash should also include the request origin and some fixed > WebSocket-specific string (e.g. "WebSocket::"). (He actually suggested 'HMAC > the string "Web > Socket::" and origin of WebSocket request using the nonce as a key' but I'm > not sure if he was serious.) Using the origin IP introduces a lot of problems when there are reverse proxies involved. (Since it seems that prior discussions have belittled NATs and transparent forward proxies as not being "relevant", I'll set those aside - but I feel the implementation challenges are just as relevant there too.) Try as some might to fight against it, we should simply realize that most large-scale WS deployments are going to see some type of reverse proxy sitting in front of it. Therefore, the server generating the nonce probably won't know the origin easily - and will have to rely upon custom information set by its reverse proxy in front of it to generate the proper nonce. On the server-side, knowing the "real" origin IP is a very error-prone process and probably would give us more grief due to naive server implementations getting it wrong than we really intend. There is no HTTP standard for setting the origin IP on the hops, but most big sites end up setting some custom header out of necessity, but I expect many basic deployments do not do so. My $.02. -- justin
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Ian Hickson
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Vladimir Katardjiev
- Re: [hybi] Redesigning the Web Socket handshake Francis Brosnan Blázquez
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Greg Wilkins
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Roberto Peon
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Justin Erenkrantz
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Jamie Lokier
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst
- Re: [hybi] Redesigning the Web Socket handshake Lars Eggert
- Re: [hybi] Redesigning the Web Socket handshake Maciej Stachowiak
- Re: [hybi] Redesigning the Web Socket handshake Martin J. Dürst