Re: [hybi] Last Call: <draft-ietf-hybi-thewebsocketprotocol-10.txt> (The WebSocket protocol) to Proposed Standard

Dave Cridland <> Thu, 21 July 2011 21:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8F10D21F86A2; Thu, 21 Jul 2011 14:46:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.395
X-Spam-Status: No, score=-2.395 tagged_above=-999 required=5 tests=[AWL=-0.096, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id FVw+sASwYfhE; Thu, 21 Jul 2011 14:46:45 -0700 (PDT)
Received: from ( [IPv6:2001:470:1f09:882:2e0:81ff:fe29:d16a]) by (Postfix) with ESMTP id F325B21F8665; Thu, 21 Jul 2011 14:46:44 -0700 (PDT)
Received: from localhost ( []) by (Postfix) with ESMTP id EFD6D1168087; Thu, 21 Jul 2011 22:46:40 +0100 (BST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0TK7J2XiP8KI; Thu, 21 Jul 2011 22:46:37 +0100 (BST)
Received: from puncture ( [IPv6:2001:470:1f09:882:221:85ff:fe3f:1696]) by (Postfix) with ESMTPA id 1DC921168067; Thu, 21 Jul 2011 22:46:37 +0100 (BST)
References: <> <> <9031.1311082001.631622@puncture> <> <> <> <> <> <9031.1311270000.588511@puncture> <> <> <> <> <9031.1311279546.247694@puncture> <>
In-Reply-To: <>
MIME-Version: 1.0
Message-Id: <9031.1311284797.122597@puncture>
Date: Thu, 21 Jul 2011 22:46:37 +0100
From: Dave Cridland <>
To: David Endicott <>, Server-Initiated HTTP <>, IETF-Discussion <>, Willy Tarreau <>, =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <>
Content-Type: text/plain; delsp="yes"; charset="iso-8859-1"; format="flowed"
Content-Transfer-Encoding: 8Bit
Subject: Re: [hybi] Last Call: <draft-ietf-hybi-thewebsocketprotocol-10.txt> (The WebSocket protocol) to Proposed Standard
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Jul 2011 21:46:46 -0000

On Thu Jul 21 21:57:23 2011, David Endicott wrote:
> >
> > I have no idea what you might mean by "highly dynamic host  
> environment" in
> > this context, but XMPP servers are normally found at the same  
> location
> > consistently. However, it is *not* always (or typically) the same  
> location
> > as a simple A record lookup:
> >
> That's what I meant.  XMPP systems have hosts that change around  
> (for many
> reasons) and having a name resolution that handles that is good.
But that statement makes no sense.

Firstly, XMPP servers simply *don't* change around. Really. I don't  
think Google's servers have changed since the service launched:

;; ANSWER SECTION: 26125 IN	SRV	5 0 5269 26125 IN	SRV	20 0 5269 26125 IN	SRV	20 0 5269 26125 IN	SRV	20 0 5269 26125 IN	SRV	20 0 5269

The *clients* move, but they're *doing* SRV resolution, in order to  
locate the servers for their domain.

Secondly, there's nothing dynamic or magical about SRV lookup; the  
records are no more or less static than any other. SRV handles  
roaming hosts as targets no better or worse than A records,  
therefore. All SRV adds is a way of adding indirection, host/port  
discovery, and pushing fallback and load balancing toward the client.

I'm concerned that you may have critically misunderstood what SRV  
records are useful for.

> > This property alone is very useful - in a websockets case this  
> would mean
> > being able to provide websockets services from a different host  
> (or network)
> > to the traditional web services in a simple manner, fully  
> compatible with
> > SOP.   The fact that this also allows cheap lightweight load  
> balancing and
> > fallback control is also useful in other cases; none of this  
> relates to
> > dynamic hosts, but simply richer service location.
> Yes, those are all excellent reasons to use DNS SRV.   None of them  
> are a
> reason to mandate that WS require it.   Because something is good  
> for some
> (or many) use cases, does not mean it is appropriate for everything  
> and
> certainly is not a reason to mandate it as a requirement.
>  System implementer should be free to pick and choose tools and  
> mechanisms
> appropriate for their tasks.   DNS SRV would likely be an excellent  
> choice
> for many people.   But it should not be the one and only choice.    
> That's
> really all I'm saying - don't force people to use something without  
> an
> overwhelming reason to make it the only option.

SRV records simply can't be bolted on afterwards. That's been proven  
with HTTP itself. That's an overwhelming reason, in my opinion.

> Imagine I'm a SMTP server.   People connect to me.   They do SMTP
> transactions.    I do not care how they found me.   Perhaps they  
> used DNS to
> find the MX server.  Perhaps they had it cached from before.   
> Perhaps they
> guessed.  Perhaps it's in a hosts file.   I don't care.     I  
> answer VRFY
> and RCPT TO commands as appropriate.   If the "name" they are  
> trying to
> mailwith is one I recognize, I process it.  If I don't, it's an  
> error.
> Just because DNS-MX said that @foobar was handled at <addr>,  
> doesn't mean
> the dave@foobar is going to work.
Erm. OK...

In the real world, people do care that their mailserver can be found,  
and so they publish MX records, in the confidence that other mail  
servers will use them. This is similar to being a webmaster and  
wanting your website to be found, thus putting A records in. But  

Now, I agree that, in theory, it would be possible to not bother with  
DNS, and simply ask people to put your hostname into their hosts  
files, but you know, I don't think this would work as well, and it's  
certainly not an argument against SRV. (Iñaki's proposal, as I  
recall, even has fallbacks to allow server administrators to avoid  
SRV records in some cases).

> Yes, DNS MX is a well known mechanism for determining what SMTP  
> server to
> connect with, but like I tried to say above, it's not mandated by  
> the SMTP
> protocol.   DNS MX is independent of SMTP and the two mechanisms
> operate separately, but with a common goal.  I can use DNS to  
> resolve a name
> and never send email/message.  I can send a email/message via SMTP  
> and never
> use DNS to resolve a name.    Or I can use one to do the other.
In practical terms, the MX record and SMTP are interlinked. Moreover,  
RFC 5321 says:

   Only resolvable, fully-qualified domain names (FQDNs) are permitted
   when domain names are used in SMTP.  In other words, names that can
   be resolved to MX RRs or address (i.e., A or AAAA) RRs (as  
   in Section 5) are permitted, as are CNAME RRs whose targets can be
   resolved, in turn, to MX or address RRs.  Local nicknames or
   unqualified names MUST NOT be used.

So there is an argument that it does, indeed, mandate DNS.

> When a SMTP server handles mail for multiple domains, the SMTP  
> server has to
> process the @domain part of the RCPT TO request - DNS is not  
> involved at
> that point.   This process is unrelated to any DNS MX definitions.   
>   I used
> that as an example of how some name resolutions are sometimes done  
> outside
> of any DNS framework.

But the name resolutions are done in exactly the same way, whether  
the mailserver handles one or many domains.

So a mail administrator must ensure that MX records for all the  
domains point to the mailserver host.

> Do they?   A http uri and a ws uri have the same host/path  
> construction.
>  It's really only the scheme that differs - and that identifies the
> transport protocol to be used.   Resolution of host name/addresses  
> and
> mapping of paths "should" be consistent.
So you're expecting xmpp:// to do what,  
exactly? Because it doesn't do an A record lookup of, for  

> WS is a connection that is semantically related to the URI of the  
> request.
> e.g. I could ws://host/davesaid  and get live traffic of what Dave  
> is
> saying, and then I could ws://host/bobsaid  and get traffic of what  
> Bob
> says.  I wouldn't get Bob on /davesaid and I wouldn't get Dave on  
> /bobsaid.
>    Dynamic content identified by a URI
> And if I http://host/davesaid  I could get a <li> of what Dave said.
> Static content of a URI.
> It could be problematic if  ws://host/davesaid resolves to a  
> different
> address than http://host/davesaid.     (Or it could be advantage -  
> not for
> us to decide, however)

I have no idea what any of this means, but it sounds largely  
theoretical, and orthogonal to the point at hand.

Let's put it in practical terms.

'ws' and 'http' URIs have to be treated in different ways.

Therefore, we can treat them in different ways.

> > Your suggestion of "how URI resolution is done in general" is  
> somewhat
> > self-defeating, too, since aside from 'http' and 'https', there  
> are
> > 'mailto', which uses MX, 'sip' and 'xmpp', which both use SRV.
> >
> As you just said, the universe is bigger than just xmpp, sip, and  
> http.


What this has to do with SRV record usage in websockets is entirely  
beyond me.

> >
> > I think opponents of SRV records need to mount a stronger  
> argument than the
> > kind of luddite argument that if it's hard for one protocol in  
> use by the
> > browser, it should be hard for them all.
> I think you misinterpret my position.  And I resent the luddite  
> slight.   I
> think DNS SRV is an awesome tool and would greatly benefit many
> implementations.
> My position is that it should not be a *requirement*.     It should  
> be an
> optional mechanism that can be used if desired.   Further, since WS  
> is a
> bastard cousin to HTTP, they should share a similar name resolution
> mechanism.

My argument is that it cannot be made optional, so if we want to ever  
take advantage of this "awesome tool", we need to bake it in from the  

Dave Cridland - -
  - acap://
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade