Re: [xmpp] WGLC of draft-ietf-xmpp-websocket-02

Peter Saint-Andre <stpeter@stpeter.im> Tue, 27 May 2014 18:31 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91CA11A05E5 for <xmpp@ietfa.amsl.com>; Tue, 27 May 2014 11:31:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.553
X-Spam-Level:
X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XSBXF61m9996 for <xmpp@ietfa.amsl.com>; Tue, 27 May 2014 11:31:08 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id C6D001A01F6 for <xmpp@ietf.org>; Tue, 27 May 2014 11:31:08 -0700 (PDT)
Received: from aither.local (unknown [24.8.129.242]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id EDFFD40C58; Tue, 27 May 2014 12:31:04 -0600 (MDT)
Message-ID: <5384D9E8.5000601@stpeter.im>
Date: Tue, 27 May 2014 12:31:04 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Ben Campbell <ben@nostrum.com>, Lance Stout <lance@andyet.net>
References: <F8275190-9346-4879-9843-A3DF6C604F8C@nostrum.com> <9372C947-DE5D-4115-B1DD-3E1D216C9D62@nostrum.com> <9D46867E-ADA1-4530-AF23-B43AC6E68B3E@andyet.net> <6322B641-3846-4A62-9BBC-0A8A30F50DE6@nostrum.com>
In-Reply-To: <6322B641-3846-4A62-9BBC-0A8A30F50DE6@nostrum.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/xmpp/KXDLM928MoDFVwXvmoagPx5Jtd4
Cc: XMPP Working Group <xmpp@ietf.org>
Subject: Re: [xmpp] WGLC of draft-ietf-xmpp-websocket-02
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 May 2014 18:31:12 -0000

On 4/23/14, 1:24 PM, Ben Campbell wrote:
>
> On Apr 22, 2014, at 6:29 PM, Lance Stout <lance@andyet.net> wrote:
>
>>
>> On Apr 22, 2014, at 2:49 PM, Ben Campbell <ben@nostrum.com> wrote:
>>>
>>> The WGLC has completed. Authors, please let the list know when
>>> you believe all feedback has been addressed. (Note: "addressed"
>>> does not necessarily mean "accepted".)
>>
>> Draft -06 has been published, which I believe addresses all
>> feedback so far.
>>
>>
>> I note there is a pending question on connection managers, but I
>> don't believe that the use of a connection manager affects any of
>> the actions prescribed in the latest document. CMs should be
>> transparent.
>>
>>
>> We do have Security Considerations listed in XEP-0124 for BOSH
>> connection managers, which amount to 'use TLS from the CM to the
>> backend', and 'use e2e encryption on the client' because
>> guaranteeing anything about a CM's behaviour is beyond scope. I can
>> expand the Security Considerations for this document to do the
>> same, if people deem that necessary.
>
> So here's the basis of all of my connection manager questions. This
> may be based on a completely wrong understanding of connection
> managers on my part, so do not hesitate to tell me I am clueless if
> that's the case. :-)
>
> If an XMPP implementation, especially a server, is behind a
> connection manager, is it aware of that fact?

Connection managers are trusted server components, so the administrators 
of the service are aware that there is a CM in the mix, but the server 
need not be (all it knows is that sessions have been created and that 
some trusted entity did so).

> Is it assumed to
> implement this draft?

The server doesn't really need to implement the websocket aspect of 
things, since that's handled by the CM.

> Are we requiring special behavior of the
> server, without the server knowing it needs to do it?

Not as far as I can see.

BTW, I've updated the shepherd write up:

https://stpeter.im/files/writeup-ietf-xmpp-websocket.txt

Peter