Re: [whatwg] HttpOnly cookie for WebSocket?
Hi Ian, first I think it would be better have and maintain both whatwg and hybi mailing list in any conversation related to WebSocket at the BoF in Hiroshima there was a clear consensus from all the participants (both the one physically present and the one remotely attending via streaming and chat) to move the WebSocket standardization work within IETF community. To be clear, the IETF community is not a closed community, all the people involved in the discussion (especially in the mail discussion) are the one forming the IETF community. the fact that there are already implementation of WebSocket (based on the current draft) already or ready to be shipped in browsers and servers is a good news, that highlight even more the need to have a clear standard document; so just to say one of the HyBi wg intention is to gather all the experiences from people that have implemented WebSocket so to eventually improve (if and only if necessary) the current draft. having said that, the work on HTTPState is also done within IETF community, so discuss about the possible usage of HTTPState in WebWocket in the same community can give the possibility to people involved in HTTPState to express their opinion and provide their comments /Sal On 01/28/2010 11:07 AM, Ian Hickson wrote: On Thu, 28 Jan 2010, Salvatore Loreto wrote: a new IETF wg has been formed to take care of WebSocket protocol HyBi: http://tools.ietf.org/wg/hybi/charters So, this issue is something it should be discussed there (btw I am forwdard it to the HyBi ml) N.B. to subscribe to the HyBi ml: https://www.ietf.org/mailman/listinfo/hybi The WHATWG is still actively working on the WebSocket protocol, as we are with all of the specifications listed in the FAQ: http://wiki.whatwg.org/wiki/FAQ#What_are_the_various_versions_of_the_spec.3F ...and feedback on the WebSocket protocol is therefore very welcome on this mailing list. (Indeed, I continue to track all e-mails sent to this list and will reply to all substantial feedback sent to it.) As a side note, it's unclear exactly what the HyBi group is actually going to be working on. The timetable listed on the charter linked above is clearly at odds with reality; WebSocket is already shipping in Chrome and is ready to be shipped in two other browsers, and multiple servers are already available, so clearly March 2011 for a last call isn't really workable (especially since the spec reached last call at the WHATWG in 2009 -- the main thing missing now is test cases). However, I encourage anyone interested in Web Sockets to participate in the HyBi group, and indeed discussion of their timetable is probably best had there.
Re: [whatwg] HttpOnly cookie for WebSocket?
Hi, a new IETF wg has been formed to take care of WebSocket protocol HyBi: http://tools.ietf.org/wg/hybi/charters So, this issue is something it should be discussed there (btw I am forwdard it to the HyBi ml) N.B. to subscribe to the HyBi ml: https://www.ietf.org/mailman/listinfo/hybi /Sal A new IETF working group has been formed in the Applications Area. For additional information, please contact the Area Directors or the WG Chairs. BiDirectional or Server-Initiated HTTP (hybi) On 01/28/2010 10:12 AM, Fumitoshi Ukai (鵜飼文敏) wrote: May/Should WebSocket use HttpOnly cookie while Handshaking? I think it would be useful to use HttpOnly cookie on WebSocket so that we could authenticate the WebSocket connection by the auth token cookie which might be HttpOnly for security reason. http://www.ietf.org/id/draft-ietf-httpstate-cookie-02.txt -- ukai
[whatwg] HyBi BoF: on Tuesday, November 10
Hi there, accordingly to the provisional IETF 76 agenda in Hiroshima (https://datatracker.ietf.org/meeting/76/agenda.html) the HyBi BoF will be on TUESDAY, November 10, 2009 at 1300-1500 during the Afternoon Session I We are now working on a clean version of the Charter Proposal that will be posted during the next days and on the Agenda so all the proposal and comments are welcome! cheers Salvatore Loreto www.sloreto.com * *
[whatwg] HyBi BoF at next IETF approved
The HyBi BoF during the next IETF meeting in Hiroshima (November 8-13, 2009) has been approved by IAB/IESG last Friday. We are still working on a clean version of the Charter Proposal and on the Agenda so all the proposal and comments are welcome! best regards Salvatore Loreto www.sloreto.com
[whatwg] [Fwd: [hybi] Proposed charter for HyBi BoF in Hiroshima]
please provide comments on the HyBi mailing list ( https://www.ietf.org/mailman/listinfo/hybi ). cheers Salvatore Loreto www.sloreto.com Original Message Subject:[hybi] Proposed charter for HyBi BoF in Hiroshima Date: Tue, 22 Sep 2009 00:15:46 -0600 From: Joe Hildebrand To: Please suggest changes, this is just a first draft that tries to capture several conversations that we've had, including the bar BoF in Stockholm. -- Joe Hildebrand Chairs: * TBD * TBD Applications Area Director(s): * Lisa Dusseault * Alexey Melnikov Applications Area Advisor: * Lisa Dusseault Mailing Lists: General Discussion: h...@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/hybi Archive: http://www.ietf.org/mail-archive/web/hybi/current/maillist.html Description of Working Group: HTTP has in the past been used as a request/response protocol most often, leading to clients polling for new data or users hitting the refresh button in their browsers. Newer web applications are finding ways to push data from the server to the client as soon as it is available, through a variety of mechanisms. The Hypertext-Bidirectional (HyBi) working group will seek standardization of approaches that HTTP clients, servers, and intermediate boxes can use to communicate with one another in both directions. Since any modification of the web infrastructure may take a good amount of time to be deployed, outputs of the working group will include both short and long term solutions. The existing web being much more complicated than it seems, the working group will prioritize the characterization of the design space, including the web clients, intermediaries, firewalls, NATs, web servers, etc. into which both solutions will need to be deployed. For both short and long term, the amount of semantic encoded at the HyBi layer will be minimized, allowing multiple higher-level protocols to take advantage of the basic eventing mechanism. These higher-level protocols are out of scope for the working group, although liaison with other working groups will be encouraged. The short term approach will be deployable on today's Internet, across whichever current or historical web browsers the working group decides upon. Although wide browser support is a goal, lack of support on any single browser version will not be a sufficient cause to block consensus. The short term approach may also define hints to allow newer intermediaries to optimize traffic. In the long term, new features will be required of clients, servers, or intermediaries allowing a more scalable and robust end-to-end experience. Although multiple protocols exist as starting points for both the short and long term, backward compatibility with these protocols is not a requirement. In particular, the working group will liaison with the HTML5 working group of the W3C around the websockets protocol; if agreed by both parties, the HyBi working group may take over the development of the websockets protocol. The Working Group should consider: * Implementer experience * Impact on existing implementations and deployments * Ability to achieve broad implementation * Ability to address broader use cases than may be contemplated by the original authors The Working Group will produce one or more documents suitable for consideration as Proposed Standard that will: * Define requirements for short- and long-term solutions, including characterization of the design space * Define a short-term solution for the bi-directional web, deployable on today's Internet * Define a long-term solution for the bi-directional web, which will likely require modifications to the web infrastructure ___ hybi mailing list h...@ietf.org https://www.ietf.org/mailman/listinfo/hybi
[whatwg] HyBi BOF announcement
Hi, Peter Saint-Andre, Joe Hildebrand and I are organizing an HyBi BOF in Hiroshima. If you would like to participate, please join the h...@ietf.org <mailto:h...@ietf.org> mailing list ( https://www.ietf.org/mailman/listinfo/hybi ). There is also a wiki page that will be update to keep all the information: http://trac.tools.ietf.org/bof/trac/wiki/HyBi We are still working on the Charter Proposal and on the Agenda so all the proposal and comments are welcome! The purpose of this BoF and eventual WG is to work on "HTTP bidirectional" communication and both its improvement and evolution in new a protocol(s) Here are the topics we are thinking to include in the charter proposal: * Characterize and describe the design space for long-poll applications * list the Requirements for new browser protocol * New browser protocol. WebSockets as a possible starting point. * at the same time, while waiting for new eventual protocol to be deployed, we envision the need to continue to improve the long-poll approach: o a suggested long-poll approach o how to improve or optimize middle-box (e.g. proxy) interoperability o Protocol bindings into the long-poll approach best regards Salvatore Loreto www.sloreto.com