• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket

SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket






Total Views
Views on SlideShare
Embed Views



3 Embeds 235

http://www.process-one.net 138
http://blog.process-one.net 96
http://translate.googleusercontent.com 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket Presentation Transcript

    • XMPP over WebSocket Eric Cestari ecestari@process-one.net @cstarjeudi 3 février 2011
    • WebSocket = Web + Socket = recipe for AWESOME ?jeudi 3 février 2011
    • WebSocket Message oriented Two way connection between browser and server No more Comet, long-polling, Ajax push, BOSH, hidden iframes Pros: Less load on server better latency less effort for the client (battery life increases) Cons: not ubiquitous security issuesjeudi 3 février 2011
    • A simple Javascript API new Websocket(url) ws.send() ws.close() and callbacks ws.onopen ws.onclose ws.onmessagejeudi 3 février 2011
    • Normalized by IETF ... ... since forever (first mail on the hybi mailing list: 30 March 2009) Three drafts implemented : draft-hixie -68 by Chrome (Dec 2009) draft-hixie -75 by Chrome and Safari (Feb 2010) draft-hixie -76 (May 10) by Safari 5.0.4, Chrome 6, Opera 10.70 and early Firefox 4 betasjeudi 3 février 2011
    • Current issues Fear of cross-protocol attacks. Possible transparent proxy cache poisoning discovered by A. Barth and E. Rescorla with currently implemented draft. WebSocket support disabled in Opera and latest Firefox betas by defaultjeudi 3 février 2011
    • WS support everywhere ! Flash to the rescue web-socket-js opensource project https://github.com/gimite/web-socket-js But: slower than native implementation with TLS support, file weighs 180Kb (20Kb without) It’s Flash, dammit!jeudi 3 février 2011
    • Handshakes and messages Handshake: Make sure server understands websocket Messages: bi-directional frames Current state (-04) Handshake is GET + Upgrade headers with Nonce Messages are masked from client to serverjeudi 3 février 2011
    • XMPP sub-protocol IETF draft by Jack Moffit and Eric Cestari One message = one stanza = one XML document With exceptions for stream start and stream end. No TLS socket upgrade for encryption TLS negociation is done on socket opening (wss://host:port/)jeudi 3 février 2011
    • Client and server support Support in ejabberd 2.2.x Support StropheJS websocket support and prototype code for JSJaC Not released ... yet!jeudi 3 février 2011
    • New product: GitLive! Visualize GitHub pushes in realtime from Github repositories http://gitlive.com/ http://gitlive.com/demo.html Already used on the ejabberd and Tsung homepage Use it on your own project!jeudi 3 février 2011
    • References Hybi WG mailing list https://www.ietf.org/mailman/listinfo/hybi Transparent proxies: Threat or menaces ? http://www.adambarth.com/experimental/websocket.pdf An XMPP sub-protocol for Websockets http://tools.ietf.org/html/draft-moffitt-xmpp-over-websocket-00jeudi 3 février 2011