IETF Logo Mail Archive

[hybi] WebSockets : Question about masqued frames !

"Jean-Christophe Bos" <jczic@free.fr> Thu, 09 June 2011 15:13 UTC

Return-Path: <jczic@free.fr>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4554311E80F2 for <hybi@ietfa.amsl.com>; Thu, 9 Jun 2011 08:13:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.389
X-Spam-Level:
X-Spam-Status: No, score=-0.389 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kU92mzBoSiqg for <hybi@ietfa.amsl.com>; Thu, 9 Jun 2011 08:13:46 -0700 (PDT)
Received: from smtp3-g21.free.fr (smtp3-g21.free.fr [212.27.42.3]) by ietfa.amsl.com (Postfix) with ESMTP id 4EF3E11E80DB for <hybi@ietf.org>; Thu, 9 Jun 2011 08:13:44 -0700 (PDT)
Received: from JCzicLaptop (unknown [83.153.177.3]) by smtp3-g21.free.fr (Postfix) with ESMTP id CFABCA62AA for <hybi@ietf.org>; Thu, 9 Jun 2011 17:13:38 +0200 (CEST)
From: Jean-Christophe Bos <jczic@free.fr>
To: hybi@ietf.org
Date: Thu, 09 Jun 2011 17:13:25 +0200
Message-ID: <002101cc26b7$c8901c20$59b05460$@fr>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0022_01CC26C8.8C18EC20"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acwmt8cyWIukpOPbS0WvnJ/o0ovl3Q==
Content-Language: fr
X-Mailman-Approved-At: Thu, 09 Jun 2011 08:51:14 -0700
Subject: [hybi] WebSockets : Question about masqued frames !
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2011 15:15:27 -0000

 

Hello everyone,

 

I wanted to ask you (from France!) about the latest WebSocket's drafts that
I also fully implemented in my own HTTP server (since hixie 76).

 

On the masked frames, you mentioned earlier, that the mask must be selected
by an high entropy but it seemed illusive.

However, you came back to say that just choose a random mask but always in a
logical of non-predictability.

 

So, what is the real utility of this mask and that it should not be
predictable except to prevent a simple human readable dump of the
connection?

 

Why have won so much space on the data payload length and lose unnecessarily
32b for the masks contained in each frame?

 

WebSockets is indeed a protocol over HTTP over TCP, thus ensuring a good
packets order and lossless.

So why not simply imagine a mask whose evolutionary of the Salt was fixed at
the start (why not from the handshake key) and whose encryption evolve based
on the contents of the frames?

 

I would be really pleased that you explain on that!

 

Thank you very much because I truly believe that WebSockets are a priority
in the future of dynamic web apps :-)

 

 

Sincerely,

 

-

Jean-Christophe Bos,

CEO, Tenactys Group

0 820 620 118
06 80 27 93 84

 <mailto:jcb@tenactys-group.fr> jcb@tenactys-group.fr

v2.23.0 | Report a Bug | By Email