IETF Logo Mail Archive

Re: [hybi] Insight you need to know: Browsers are at fault when servers crash

Maciej Stachowiak <mjs@apple.com> Mon, 26 July 2010 01:45 UTC

Return-Path: <mjs@apple.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D82543A6831 for <hybi@core3.amsl.com>; Sun, 25 Jul 2010 18:45:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.166
X-Spam-Level:
X-Spam-Status: No, score=-106.166 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LhIJDeM1snbR for <hybi@core3.amsl.com>; Sun, 25 Jul 2010 18:45:16 -0700 (PDT)
Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by core3.amsl.com (Postfix) with ESMTP id F1BEC3A680C for <hybi@ietf.org>; Sun, 25 Jul 2010 18:45:08 -0700 (PDT)
Received: from relay15.apple.com (relay15.apple.com [17.128.113.54]) by mail-out4.apple.com (Postfix) with ESMTP id 34CB5A549343 for <hybi@ietf.org>; Sun, 25 Jul 2010 18:45:25 -0700 (PDT)
X-AuditID: 11807136-b7cc9ae000004162-cc-4c4ce8b59ecd
Received: from elliott.apple.com (elliott.apple.com [17.151.62.13]) by relay15.apple.com (Apple SCV relay) with SMTP id 7C.05.16738.5B8EC4C4; Sun, 25 Jul 2010 18:45:25 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from [10.0.1.5] (c-69-181-42-237.hsd1.ca.comcast.net [69.181.42.237]) by elliott.apple.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit)) with ESMTPSA id <0L65008JJ66D1500@elliott.apple.com> for hybi@ietf.org; Sun, 25 Jul 2010 18:45:24 -0700 (PDT)
From: Maciej Stachowiak <mjs@apple.com>
In-reply-to: <AANLkTi=vPAnnK0=gE=YN10vt9b-f6sWXXcwK+La5SriO@mail.gmail.com>
Date: Sun, 25 Jul 2010 18:45:24 -0700
Message-id: <623C6D70-B4AF-49EC-BA07-6F90BD0FFFBF@apple.com>
References: <AANLkTilfxps1wWjFrwrH_3Js6Q9E331AMKFRNHfeHcdL@mail.gmail.com> <AANLkTi=vPAnnK0=gE=YN10vt9b-f6sWXXcwK+La5SriO@mail.gmail.com>
To: Greg Wilkins <gregw@webtide.com>
X-Mailer: Apple Mail (2.1081)
X-Brightmail-Tracker: AAAAAQAAAZE=
Cc: hybi@ietf.org
Subject: Re: [hybi] Insight you need to know: Browsers are at fault when servers crash
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2010 01:45:22 -0000

On Jul 25, 2010, at 5:07 PM, Greg Wilkins wrote:

> Mike,
> 
> thanks for translating the intent of the browser dudes and explaining why they are so concerned about this issue.
> 
> I am certainly not opposed to taking measures to ensure that websocket is not a easy-touch for attackers to use against other protocols and also to make it more robust against attacks itself.    I think these are reasonable requirements.
> 
> However, I still don't see why the only acceptable solution to these concerns has to be a rigid non compliant HTTP handshake with space counting and unframed bytes on the wire?
> 
> I think this WG has to clearly accept the concerns of browser vendors and make sure that the requirements clearly capture them.     But in return, the browser vendors have to accept that there is more than one way to skin a cat, and perhaps we can consider alternative solutions than the one that is currently causing significant objections and real world problems.

>From the perspective of a browser implementor:

(1) I definitely don't think that the current draft WebSocket protocol is the only possible effective defense against cross-protocol attacks.
(2) If anything, I'm not sure that it is effective enough.
(3) I believe there have been proposals made that are more effective at mitigating cross-protocol attacks than the current draft, such as the TLS next protocol mechanism. However, TLS-only has its own downsides.

Regards,
Maciej

v2.23.0 | Report a Bug | By Email