IETF Logo Mail Archive

Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt

Sylvain Hellegouarch <sh@defuze.org> Wed, 07 September 2011 07:13 UTC

Return-Path: <sh@defuze.org>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4251911E807F for <hybi@ietfa.amsl.com>; Wed, 7 Sep 2011 00:13:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.916
X-Spam-Level:
X-Spam-Status: No, score=-2.916 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hEKaOe1ABynP for <hybi@ietfa.amsl.com>; Wed, 7 Sep 2011 00:13:08 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8DA5211E8073 for <hybi@ietf.org>; Wed, 7 Sep 2011 00:13:04 -0700 (PDT)
Received: by yxj20 with SMTP id 20so320008yxj.31 for <hybi@ietf.org>; Wed, 07 Sep 2011 00:14:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.14.228 with SMTP id s4mr11571502pbc.418.1315379692926; Wed, 07 Sep 2011 00:14:52 -0700 (PDT)
Received: by 10.142.113.8 with HTTP; Wed, 7 Sep 2011 00:14:52 -0700 (PDT)
X-Originating-IP: [195.101.247.164]
In-Reply-To: <CAH9hSJb2rH+fX0AnekYxsEkHKzb15aHrg_hDQw1baWLiWBF-3w@mail.gmail.com>
References: <20110831184207.1514.64093.idtracker@ietfa.amsl.com> <0fc901cc6878$1681eec0$0a00a8c0@Venus> <CAH9hSJb2rH+fX0AnekYxsEkHKzb15aHrg_hDQw1baWLiWBF-3w@mail.gmail.com>
Date: Wed, 07 Sep 2011 09:14:52 +0200
Message-ID: <CALkdAkjMro781JiQE7R8wZQf6zW83d25YWiy=QBEgdyJTHXepA@mail.gmail.com>
From: Sylvain Hellegouarch <sh@defuze.org>
To: Takeshi Yoshino <tyoshino@google.com>
Content-Type: multipart/alternative; boundary="bcaec520f08957777804ac54b355"
Cc: hybi@ietf.org
Subject: Re: [hybi] I-D Action: draft-ietf-hybi-thewebsocketprotocol-13.txt
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 07:13:10 -0000

On Wed, Sep 7, 2011 at 7:55 AM, Takeshi Yoshino <tyoshino@google.com> wrote:

> On Thu, Sep 1, 2011 at 16:23, Len Holgate <len.holgate@gmail.com> wrote:
>
>>  4.2.1 step 6 should probably say "value of 13".
>>
>
> Yes, it's a bug.
>
>
>>  Why doesn't 5.1 use MUST and MUST NOT when talking about client to server
>> and server to client masking. Up until now I was under the impression that
>> the server COULD mask data if it really wanted to (hence the need for the
>> masking bit rather than simply assuming that client -> server == masked
>> and
>> server -> client != masked. The text in 5.1 now seems to imply that the
>> server SHOULD NOT mask but it doesn't say so. I realise that client ->
>> server masking is required and is specified with MUST in another part of
>> the
>> document but I think it should be made clear that a server CAN mask if it
>> really wants to so that we don't end up with client implementations that
>> don't expect to receive masked frames. One situation where I might wish to
>> mask a frame from server to client would be in a pong where there's no
>> need
>> for me to unmask the data if I simply echo the ping directly back...
>>
>
> This is continuation of this thread. I think we should clarify this, i.e.
> use MUST NOT or MAY here, or we'll see the same question repeatedly in the
> future.
> http://www.ietf.org/mail-archive/web/hybi/current/msg07768.html
>
> If we allow the server to mask frames, clients need to implement logic for
> unmasking to prepare for them. As we don't know any important use-case of
> server-to-client masking, I think we should just forbid it.
> OLD: All frames sent from the server to the client are not masked.
> NEW: All frames sent from the server to the client MUST NOT be masked.
>
> Let's also change
>  OLD: All frames sent from the client to the server are masked to avoid ...
> NEW: All frames sent from the client to the server MUST be masked to avoid
> ...
>
>
Since the masking and unmasking are the same operations, I fail to
understand the added complexity of server-to-client masking. Clients already
know how to unmask since they can mask in the first place with the same
operation. In my mind you'll get more questions on the reason why it's one
way only as opposed to mask both ways. In fact the spec creates more
questions than it ought to when it suggests intermediaries may have problems
on client-to-server communication but not the other way around.

-- 
- Sylvain
http://www.defuze.org
http://twitter.com/lawouach

v2.23.0 | Report a Bug | By Email