HTTPS/Websocket transport

[neilalexander]

This should be really quite simple - we would need to be able to act as both a WebSocket client and a WebSocket server so that we can deal with the initial HTTP/HTTPS connection and Upgrade request. After that I suppose we can treat the WebSocket connection almost exactly the same way as we treat TCP connections today.

[iShift]

Very good for censure breaking, also if you plan to use https - add native support of letsencrypt and proxy port. Because it can help to bypass DPI with forward connection technology (China and some other).

DPI works algorithm:

1. You try to connect to A
2. DPI HOLD you connection and make PROBE - try to connect using same protocol and hear for answer
3. If DPI get right answer - connection continues
4. than you connected to A
5. DPI Examine you connection flow (packets patterns)
6. If patterns looks like that he get before - forget about connection
7. You happy using you HTTPS site (or hidden service behind)

So, besides just only transport you also need: valid cert,fake web server or proxy to real one, and magic var/string/some other that can initiate websocket UPGRADE... (if you want to build hidden service)

[cathugger]

Why not just TLS transport (which would look sorta similar to HTTPS I guess)? I could see use for websocket without TLS, but when we wrap stuff in TLS, why bother with HTTP+websocket complexity inside of it?

[cathugger]

Though I guess supporting wss:// wouldn't be that hard either alongside ws:// and tls://, and could be helpful for relaying behind nginx or something like that.

[neilalexander]

FYI, v0.3.11 adds support for tls:// peers and listeners.

[zhoreeq]

This might be useful https://www.pluggabletransports.info/implement/go/

[zhoreeq]

Bump!

nostr (p2p social network) uses websockets as a transport. go-nostr implementation uses https://github.com/gobwas/ws

[basilgello]

Will be available in 0.5.7: #1152 Also availa ble in yggstack trunk builds