- From: Willy Tarreau <w@1wt.eu>
- Date: Sat, 20 May 2023 14:15:34 +0200
- To: Ilari Liusvaara <ilariliusvaara@welho.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Sat, May 20, 2023 at 12:47:53PM +0300, Ilari Liusvaara wrote: > On Fri, May 19, 2023 at 11:07:16PM +0200, Dragana Damjanovic wrote: > > Hi, > > > > I wrote a draft that proposes adding an extension to WebSockets to > > negotiate "no-masking". The extension should be used only if intermediaries > > cannot see unencrypted traffic. In this case, the masking is not needed, > > and omitting it would reduce needed processing. The proposal has some > > problems, but I would like to hear the opinion of the group and if people > > are interested in such a feature. > > I did write one application using websockets, with its own websockets > code. It always sets masking key to all zeroes on client side, and on > server side skips the unmasking if the key is zero. IMHO this is a clever solution that lets each side optimize as it wants or allow the other side to optimize, without requiring any negotiation nor extension. > And requirement for E2E encrypted connection would be a severe > deployment problem. There are a LOT of reverse proxies out there, > mostly for good reasons. Agreed! Willy
Received on Saturday, 20 May 2023 12:15:43 UTC