IETF Logo Mail Archive

Re: websockets in the IETF, was: [whatwg] New URL Standard from Anne van Kesteren on 2012-09-24 (public-whatwg-archive@w3.org from September 2012)

Ian Hickson <ian@hixie.ch> Tue, 23 October 2012 21:12 UTC

Return-Path: <ian@hixie.ch>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7DA211E80BF for <ietf@ietfa.amsl.com>; Tue, 23 Oct 2012 14:12:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.503
X-Spam-Level:
X-Spam-Status: No, score=-2.503 tagged_above=-999 required=5 tests=[AWL=0.096, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DYcJhAQuHLgw for <ietf@ietfa.amsl.com>; Tue, 23 Oct 2012 14:12:18 -0700 (PDT)
Received: from homiemail-a94.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by ietfa.amsl.com (Postfix) with ESMTP id 2A48811E80F3 for <ietf@ietf.org>; Tue, 23 Oct 2012 14:12:18 -0700 (PDT)
Received: from homiemail-a94.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a94.g.dreamhost.com (Postfix) with ESMTP id E706F38A071; Tue, 23 Oct 2012 14:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=hixie.ch; h=date:from:to :cc:subject:in-reply-to:message-id:references:mime-version: content-type; s=hixie.ch; bh=0NsrLlROcFEkBWfYklg0KGHfyDk=; b=I2g rGMCvv2iiUiszIuKa/bmjpddBTxCgpqie5bnrR+4qX3artdwSltsAllVCLdz8O8m mjWghHZVj2wbydqGBle5e664RHW71hsBFNvn9CoiS8FsQQ9UOkTtrywsZ+VInOiu UCLhz8BGn9XiT+KYs+4ZVxrhwqBNYPCxkJMzJL2A=
Received: from ps20323.dreamhostps.com (ps20323.dreamhost.com [69.163.222.251]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: internal@index.hixie.ch) by homiemail-a94.g.dreamhost.com (Postfix) with ESMTPSA id B1D8938A058; Tue, 23 Oct 2012 14:12:17 -0700 (PDT)
Date: Tue, 23 Oct 2012 21:12:17 +0000
From: Ian Hickson <ian@hixie.ch>
To: Julian Reschke <julian.reschke@gmx.de>
Subject: Re: websockets in the IETF, was: [whatwg] New URL Standard from Anne van Kesteren on 2012-09-24 (public-whatwg-archive@w3.org from September 2012)
In-Reply-To: <50869B24.2070109@gmx.de>
Message-ID: <Pine.LNX.4.64.1210232104200.2471@ps20323.dreamhostps.com>
References: <50604C1A.7090901@gmx.de> <5060A964.5060001@stpeter.im> <Pine.LNX.4.64.1210172354500.2478@ps20323.dreamhostps.com> <507F5A7E.6040206@arcanedomain.com> <50856E3C.103@gmail.com> <Pine.LNX.4.64.1210221753010.2471@ps20323.dreamhostps.com> <0DBC8A11-319C-4120-975E-7E40FD5818BF@gbiv.com> <Pine.LNX.4.64.1210222137530.2471@ps20323.dreamhostps.com> <5085C4BA.2030505@gmx.de> <Pine.LNX.4.64.1210222220510.2471@ps20323.dreamhostps.com> <CABP7RbfgQrgduOzWaXcYieV3cw_=UoBaCC5e=XF+Y3PMEZoRMw@mail.gmail.com> <Pine.LNX.4.64.1210222300490.2471@ps20323.dreamhostps.com> <85CC064C-7592-4249-ACC9-7B55AAC0D7E7@mnot.net> <Pine.LNX.4.64.1210222325540.2471@ps20323.dreamhostps.com> <5DF21D1C-3A60-4E68-9BBF-16B5B69CFF5D@mnot.net> <Pine.LNX.4.64.1210222346590.2471@ps20323.dreamhostps.com> <50869B24.2070109@gmx.de>
Content-Language: en-GB-hixie
Content-Style-Type: text/css
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Mailman-Approved-At: Wed, 24 Oct 2012 08:37:09 -0700
Cc: IETF Discussion <ietf@ietf.org>, Noah Mendelsohn <nrm@arcanedomain.com>, "Roy T. Fielding" <fielding@gbiv.com>, Jan Algermissen <jan.algermissen@nordsc.com>, URI <uri@w3.org>, Mark Nottingham <mnot@mnot.net>, James M Snell <jasnell@gmail.com>, Tim Bray <tbray@textuality.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Oct 2012 21:12:19 -0000

On Tue, 23 Oct 2012, Julian Reschke wrote:
> On 2012-10-23 01:59, Ian Hickson wrote:
> > ...
> > Whether WebSockets is a good idea or not is besides the point. The point
> > is that the hybi group was not a pleasant experience for me. If I were to
> > be in a position to do Web Sockets again, I would decline the opportunity
> > to do it through the IETF. Doing it through the IETF made the work take a
> > year longer than it would have, made the protocol less secure (the WG
> > removed a number of defense-in-depth features), and made the spec a mess
> > ...
> 
> And, as far as I can tell, fixed a security problem in the original 
> design (which caused some UA implementers to actually disable what they 
> were shipping at that time): 
> <http://w2spconf.com/2011/papers/websocket.pdf>

The security issue in question was already fixed in the draft by the time 
that paper came out.


> > (it's a mishmash of different editing styles). Plus, the group _still_ 
> > hasn't done multiplexing, which some of the vendors said was a prereq 
> > to implementation, something which, prior to the IETF getting 
> > involved, was only 3 to 6 months out on the roadmap. ...
> 
> Indeed, but then wasn't it you arguing *against* having it in the base 
> spec? (see <http://www.ietf.org/mail-archive/web/hybi/current/msg00239.html>)

I was arguing against having it in the first version, which I had planned 
for Q3 2009 IIRC, and was planning on defining it as an extension protocol 
in early 2010 (I even had a strawman ready). The hybi group argued and 
argued and argued and argued and then decided to not have it in the first 
version, which they ended up doing in Q4 2011, and still haven't done the 
extension. So yeah, I stand by my point above.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

v2.23.0 | Report a Bug | By Email