Re: [hybi] Moving to a CONNECT-based handshake

Willy Tarreau <w@1wt.eu> Wed, 01 December 2010 07:01 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C6D728C154 for <hybi@core3.amsl.com>; Tue, 30 Nov 2010 23:01:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.231
X-Spam-Level:
X-Spam-Status: No, score=-2.231 tagged_above=-999 required=5 tests=[AWL=-0.188, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uPTaWhYyAYQV for <hybi@core3.amsl.com>; Tue, 30 Nov 2010 23:01:07 -0800 (PST)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by core3.amsl.com (Postfix) with ESMTP id 6AD6028C152 for <hybi@ietf.org>; Tue, 30 Nov 2010 23:01:05 -0800 (PST)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id oB172C2f017338; Wed, 1 Dec 2010 08:02:12 +0100
Date: Wed, 01 Dec 2010 08:02:12 +0100
From: Willy Tarreau <w@1wt.eu>
To: Maciej Stachowiak <mjs@apple.com>
Message-ID: <20101201070212.GC14920@1wt.eu>
References: <op.vmzqkhszidj3kv@simon-pieterss-macbook.local> <EC93027F-395D-41F5-8771-CA9F8C816BE5@apple.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <EC93027F-395D-41F5-8771-CA9F8C816BE5@apple.com>
User-Agent: Mutt/1.4.2.3i
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Moving to a CONNECT-based handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Dec 2010 07:01:13 -0000

On Tue, Nov 30, 2010 at 10:24:30AM -0800, Maciej Stachowiak wrote:
> Speaking personally, I am also in favor of Adam and Eric's proposal for a CONNECT-based handshake, as well as the associated payload masking. I expect many of my Apple colleagues would agree.

I would agree with the CONNECT handshake if we could have a correct
Host header. In my opinion, nothing prevents us from using the exact
same syntax as was used in RFC2817 for the OPTIONS method, which is
to have "*" in place of the URI to indicate the request is for the
server itself, and have the correct host information in the Host
header :

   CONNECT * HTTP/1.1
   Host: realserver.realdomain.com

A transparent proxy is less likely to interpret this as a correct
proxy request than it is with "websocket.invalid:443", and at least
we have the real Host field so that shared environments can deploy
Websocket.

> We would be hesitant to ship protocol updates that do not fix the handshake. Given the security issues identified by the paper from Adam and company, we would even consider disabling WebSocket entirely in future releases until there is a more robust handshake.

Please note that the security issues reported in the paper were
related to the use of HTTP sometimes combined with Flash Player,
nothing was reported for Websocket. I'm not sure you want to
disable HTTP in your browser ;-)

Willy