Re: [TLS] Request for review: Next Protocol Negotiation Extension

Geoffrey Keating <geoffk@geoffk.org> Tue, 17 August 2010 09:58 UTC

Return-Path: <geoffk@geoffk.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D2E0B3A691B for <tls@core3.amsl.com>; Tue, 17 Aug 2010 02:58:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ruznPQ2hQ2u3 for <tls@core3.amsl.com>; Tue, 17 Aug 2010 02:58:13 -0700 (PDT)
Received: from dragaera.releasedominatrix.com (dragaera.releasedominatrix.com [216.129.118.138]) by core3.amsl.com (Postfix) with ESMTP id 5D50E3A68ED for <tls@ietf.org>; Tue, 17 Aug 2010 02:58:11 -0700 (PDT)
Received: by dragaera.releasedominatrix.com (Postfix, from userid 501) id 9790533D16C; Tue, 17 Aug 2010 09:58:45 +0000 (UTC)
Sender: geoffk@localhost.localdomain
To: Adam Barth <ietf@adambarth.com>
References: <AANLkTi=5H_0hGzxMmfNU0hLS=5psW6J3c2to756OT--7@mail.gmail.com> <4C6978A3.1070404@pobox.com> <001301cb3d71$295b28f0$7c117ad0$@briansmith.org> <AANLkTi=h8extMyA-U42XNdvhV4S0gUJFpnM7Pn5bu35F@mail.gmail.com>
From: Geoffrey Keating <geoffk@geoffk.org>
Date: Tue, 17 Aug 2010 02:58:45 -0700
In-Reply-To: <AANLkTi=h8extMyA-U42XNdvhV4S0gUJFpnM7Pn5bu35F@mail.gmail.com>
Message-ID: <m2fwydlfvu.fsf@localhost.localdomain>
Lines: 6
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: tls@ietf.org
Subject: Re: [TLS] Request for review: Next Protocol Negotiation Extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2010 09:58:13 -0000

This discussion would be much simpler if WebSockets had a port
assigned to it that was not 443.  We could then focus on the questions
of how to verify that a MITM is not switching ports, and how (and
whether) to protect servers on ports that are reserved for another
purpose, rather than the questions involved in multiplexing existing
and new protocols on the same port.