Re: [hybi] Why not just use ssh?

"Shelby Moore" <shelby@coolpage.com> Thu, 02 September 2010 02:00 UTC

Return-Path: <shelby@coolpage.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A7A6B3A68B5 for <hybi@core3.amsl.com>; Wed, 1 Sep 2010 19:00:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.046
X-Spam-Level:
X-Spam-Status: No, score=-1.046 tagged_above=-999 required=5 tests=[AWL=-1.047, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F5kBwSaHdA9p for <hybi@core3.amsl.com>; Wed, 1 Sep 2010 19:00:11 -0700 (PDT)
Received: from www3.webmail.pair.com (www3.webmail.pair.com [66.39.3.34]) by core3.amsl.com (Postfix) with SMTP id 945943A68AE for <hybi@ietf.org>; Wed, 1 Sep 2010 19:00:11 -0700 (PDT)
Received: (qmail 7457 invoked by uid 65534); 2 Sep 2010 02:00:40 -0000
Received: from 121.97.54.174 ([121.97.54.174]) (SquirrelMail authenticated user shelby@coolpage.com) by sm.webmail.pair.com with HTTP; Wed, 1 Sep 2010 22:00:40 -0400
Message-ID: <6d54227421d725429c6e29be4bc29117.squirrel@sm.webmail.pair.com>
Date: Wed, 01 Sep 2010 22:00:40 -0400
From: Shelby Moore <shelby@coolpage.com>
To: hybi@ietf.org
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: Re: [hybi] Why not just use ssh?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: shelby@coolpage.com
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Sep 2010 02:00:12 -0000

Why do we think cross-protocol a security hole, and then we think
WebSocket protocol is not a security hole?

If there exists protocols which enable certain risky features, such as
sending email (SMTP), what absolute assurance do we have there won't be
some poorly programmed WebSocket servers which expose similar risky
features?

Should we block WebSockets too?

I think the logic necessarily follows that if we are compelled to block
cross-protocol, then we are also compelled to block WebSocket. Lets just
block everything, shut down the internet, that would definity be secure.

This is an example of the failure directed castle security model
(insanity) I described:
http://www.ietf.org/mail-archive/web/hybi/current/msg03915.html

Why can't we focus on real security as I described:
http://www.ietf.org/mail-archive/web/http-state/current/msg00939.html


P.S. If same origin policy (SOP) is the protection against vulnerable
WebSocket servers, then it would also be for vulernable protocols.