[hybi] Straw Poll: is Upgrade with client->sever XOR mask acceptable?
"Pat McManus @Mozilla" <mcmanus@ducksong.com> Wed, 22 December 2010 17:24 UTC
Return-Path: <mcmanus@ducksong.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5CDBD3A68C8 for <hybi@core3.amsl.com>; Wed, 22 Dec 2010 09:24:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.199
X-Spam-Level:
X-Spam-Status: No, score=-2.199 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, J_CHICKENPOX_37=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wc8cmmnjwhi for <hybi@core3.amsl.com>; Wed, 22 Dec 2010 09:24:00 -0800 (PST)
Received: from linode.ducksong.com (linode.ducksong.com [64.22.125.164]) by core3.amsl.com (Postfix) with ESMTP id 1A8A13A67E5 for <hybi@ietf.org>; Wed, 22 Dec 2010 09:24:00 -0800 (PST)
Received: by linode.ducksong.com (Postfix, from userid 1000) id 4EDD310307; Wed, 22 Dec 2010 12:25:57 -0500 (EST)
Received: from [192.168.16.226] (cpe-67-253-92-25.maine.res.rr.com [67.253.92.25]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by linode.ducksong.com (Postfix) with ESMTPSA id CDF08102A8 for <hybi@ietf.org>; Wed, 22 Dec 2010 12:25:53 -0500 (EST)
From: "Pat McManus @Mozilla" <mcmanus@ducksong.com>
To: hybi <hybi@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Date: Wed, 22 Dec 2010 12:25:52 -0500
Message-ID: <1293038752.2369.155.camel@ds9.ducksong.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3
Content-Transfer-Encoding: 7bit
Subject: [hybi] Straw Poll: is Upgrade with client->sever XOR mask acceptable?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2010 17:24:01 -0000
Hi all, Like everyone else I am looking for a way forward that gives us a good protocol with wide acceptance soon. It doesn't have to be the best protocol and if "wide acceptance" is our goal it is unlikely a wide group would agree on the definition of "best" anyhow. It should go without saying that wide != universal. With that in mind I want to ask everyone if they think an approach based on Get+Upgrade containing mandatory client->server XOR masking meets the bar of an acceptable and good web sockets protocol. Maybe you think that a CONNECT based approach is marginally better (I personally do, btw), or an all TLS-NPN approach is best, or using a different port and abandoning HTTP semantics is the best way to go.. but that's not my question here - all of those things have pretty severe objections lodged against them that weigh them down. We already know unofficially from just reading the archives that there isn't consensus around their suitability at this time and I don't see a lot of minds being changed as a result of all the email. So my question is does the upgrade-with-unidirectional-xor-mask meet your bar for "I could live with that". Saying yes doesn't mean that you will be called a hypocrite for supporting something else with a higher preference. I have just reread the last month's worth of archives and I am aware of one point of view that thinks the mask is just too expensive to be worthwhile and I was (surprisingly to me) unable to find any other fundamental objections although several folks did note there are costs involved. I am not claiming I found a lot of explicit support either, just that the path seems to clear to ask this question. Let me make the pitch: * The approach is HTTP spec friendly and routable. * It is intermediary friendly in the sense that it is a plaintext equivalent and interacts with HTTP upgrade in the expected manner. Obviously changes need to be made in the way Upgrade envisioned. * It acknowledges that any known handshake might still have issues with intermediaries inspecting the data path and being exposed to poison/spoofing attacks but it secures the data path against that with a relatively low cost masking. * it does not have dependencies on other specs, deployments, etc * it does not have potential issues with regulatory compliance whether those issues are externally (licenses, etc..) or internally (legal review) imposed. * It accomplishes this at reasonable cost + masking is unidirectional and favors the server end. I've worked on servers in the past and right now I'm working on a browser and I really do believe that is the right trade off. A browser is much more interested in latency than in overall load scaling, while a server has real concerns about the latter. making sendfile() useless to the browser is no big deal - it doesn't help with latency when compared to IP time scales and the client is less likely to have the kind of data that would be zero copied anyhow. + XOR in place for something that is already sitting in memory is a trivial cost in terms of CPU and essentially a zero cost in terms of memory, so it is suitable for low level embedded clients. I want to acknowledge that I think the biggest downside here is actually the expanded framing cost of including the key on every frame - especially in the case of mobile agents sending frames using the 0-125 byte payloads in order to save transmission power. This will be a significant tax on that use case, but given the overall situation, the benefits of this proposal, and the relative nicheness of that requirement I can swallow that tax and live with it in good conscience. The other thing worth noting is that that I went the XOR route instead of AES here. We've had a number of objections to AES based on compliance, bundling, and to a lesser degree performance. The explanation on list for favoring AES deals with an attacker being able to control the relationship between bytes in the data stream but not their actual values - no one has suggested a vector by which this is a problem for our non-cryptographic goal. But if your objection to get-upgrade-with-unidirectional-xor is that it requires AES to meet a level of "that's acceptable to me" (not just better), please do state that explicitly and as a favor to me help explain what the exposure is. -Patrick (I haven't mentioned hello - greg points out that it has value independent of the handshake/mask and I therefore simply want to treat it independently.) -- http://www.getfirefox.com/
- [hybi] Straw Poll: is Upgrade with client->sever … Pat McManus @Mozilla
- Re: [hybi] Straw Poll: is Upgrade with client->se… Greg Wilkins
- Re: [hybi] Straw Poll: is Upgrade with client->se… Brian McKelvey
- Re: [hybi] Straw Poll: is Upgrade with client->se… Gabriel Montenegro
- Re: [hybi] Straw Poll: is Upgrade with client->se… Roberto Peon
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Patrick McManus
- Re: [hybi] Straw Poll: is Upgrade with client->se… Salvatore Loreto
- Re: [hybi] Straw Poll: is Upgrade with client->se… Gabriel Montenegro
- Re: [hybi] Straw Poll: is Upgrade with client->se… Willy Tarreau
- Re: [hybi] Straw Poll: is Upgrade with client->se… Salvatore Loreto
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Scott Ferguson
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Eric Rescorla
- Re: [hybi] Straw Poll: is Upgrade with client->se… Adam Barth
- Re: [hybi] Straw Poll: is Upgrade with client->se… Willy Tarreau
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Salvatore Loreto
- Re: [hybi] Straw Poll: is Upgrade with client->se… Scott Ferguson
- Re: [hybi] Straw Poll: is Upgrade with client->se… Willy Tarreau
- Re: [hybi] Straw Poll: is Upgrade with client->se… Paul Colomiets
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Gabriel Montenegro
- Re: [hybi] Straw Poll: is Upgrade with client->se… Adam Barth
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Adam Barth
- Re: [hybi] Straw Poll: is Upgrade with client->se… Mark Nottingham
- Re: [hybi] Straw Poll: is Upgrade with client->se… Maciej Stachowiak
- Re: [hybi] Straw Poll: is Upgrade with client->se… Daniel Stenberg
- Re: [hybi] Straw Poll: is Upgrade with client->se… Zhong Yu
- Re: [hybi] Straw Poll: is Upgrade with client->se… Greg Wilkins
- Re: [hybi] Straw Poll: is Upgrade with client->se… Dave Cridland
- Re: [hybi] Straw Poll: is Upgrade with client->se… Eric Rescorla
- Re: [hybi] Straw Poll: is Upgrade with client->se… Ian Fette (イアンフェッティ)
- Re: [hybi] Straw Poll: is Upgrade with client->se… John Tamplin
- Re: [hybi] Straw Poll: is Upgrade with client->se… Salvatore Loreto
- Re: [hybi] Straw Poll: is Upgrade with client->se… Maciej Stachowiak
- Re: [hybi] Straw Poll: is Upgrade with client->se… Maciej Stachowiak
- Re: [hybi] Straw Poll: is Upgrade with client->se… Martin J. Dürst
- Re: [hybi] Straw Poll: is Upgrade with client->se… Ian Fette (イアンフェッティ)
- [hybi] CONNECT talisman (was: Re: Straw Poll: is … Bjoern Hoehrmann
- Re: [hybi] Straw Poll: is Upgrade with client->se… Bjoern Hoehrmann
- Re: [hybi] CONNECT talisman (was: Re: Straw Poll:… Maciej Stachowiak
- Re: [hybi] CONNECT talisman (was: Re: Straw Poll:… John Tamplin
- Re: [hybi] CONNECT talisman (was: Re: Straw Poll:… Gabriel Montenegro
- Re: [hybi] Can Websockets be used peer to peer? W… John Tamplin
- [hybi] Can Websockets be used peer to peer? Was S… Bruce Atherton
- Re: [hybi] Can Websockets be used peer to peer? W… Jerod Venema
- Re: [hybi] Can Websockets be used peer to peer? W… Eric Rescorla
- Re: [hybi] Can Websockets be used peer to peer? W… Scott Ferguson
- Re: [hybi] Can Websockets be used peer to peer? W… Bruce Atherton
- Re: [hybi] Can Websockets be used peer to peer? W… John Tamplin
- Re: [hybi] Can Websockets be used peer to peer? W… Bruce Atherton
- Re: [hybi] Can Websockets be used peer to peer? W… Greg Wilkins
- Re: [hybi] Can Websockets be used peer to peer? W… Brodie Thiesfield
- Re: [hybi] Can Websockets be used peer to peer? W… Toni Ruottu