Re: [Acme] idempotent requests (various issues with the spec)

Stefan Bühler <acme@stbuehler.de> Sun, 14 June 2015 06:19 UTC

Return-Path: <acme@stbuehler.de>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 079691B2A01 for <acme@ietfa.amsl.com>; Sat, 13 Jun 2015 23:19:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.339
X-Spam-Level: *
X-Spam-Status: No, score=1.339 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vLoIujjVo9Wj for <acme@ietfa.amsl.com>; Sat, 13 Jun 2015 23:19:07 -0700 (PDT)
Received: from mail.stbuehler.de (stbuehler.de [IPv6:2a01:4f8:a0:2276::2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D0221B29DB for <acme@ietf.org>; Sat, 13 Jun 2015 23:19:07 -0700 (PDT)
Received: from chromobil.localdomain (unknown [IPv6:2a02:8070:a18c:cc00:baca:3aff:fed7:a10a]) by mail.stbuehler.de (Postfix) with ESMTPSA id 914C4B8039A for <acme@ietf.org>; Sun, 14 Jun 2015 06:19:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=stbuehler.de; s=stbuehler1; t=1434262745; bh=bjskG9ubrbt7bPTgp6FzTL0/8maUHeFYIfUmKl0XOts=; h=Date:From:To:Subject:In-Reply-To:References:From; b=Z2DGuZTFCDR5MriyFIDVRQaqfIpY/LsWYdPNR9X1ThLUvsoTe97zY83ohjC4LQ5wk X1GMO+VNknFLTU/xeEEsU1SnvZagtNLHMsJ0oGQZoAbLaf/r5jsYwHbwE5/RJUHWL8 +9FO5K93ILbKIQ9YTYmppEVO7IECuRZChjUCSrKo=
Date: Sun, 14 Jun 2015 08:19:04 +0200
From: Stefan =?UTF-8?B?QsO8aGxlcg==?= <acme@stbuehler.de>
To: acme@ietf.org
Message-ID: <20150614081904.5efd84de@chromobil.localdomain>
In-Reply-To: <D000BE32-6C69-4F0D-A472-BF843555E341@gmail.com>
References: <20150609221325.63935a29@chromobil.localdomain> <20150613232121.51f292af@chromobil.localdomain> <7ed545b29d5149ebba5582dfec9777f5@ustx2ex-dag1mb2.msg.corp.akamai.com> <20150614002432.58be28e7@chromobil.localdomain> <D000BE32-6C69-4F0D-A472-BF843555E341@gmail.com>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/uz8KG3unSn7nacmlabsft5Nd-o8>
Subject: Re: [Acme] idempotent requests (various issues with the spec)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jun 2015 06:19:09 -0000

On Sat, 13 Jun 2015 19:04:02 -0400
hallam@gmail.com wrote:

> Updates should be idempotent????
> 
> They are not by definition. 
> 
> In general, just use http features as little as possible. Caching is
> not at all helpful. Uri encoding is inferior to JSON structures.

Well, given there is a replay token, every action is actually
idempotent - repeating the request will not change the state further in
any way (after a request actually reached the server).

My argument is more about the underlying HTTP protocol. When you are in
the middle of a keep-alive connection, and send a POST, but the server
decided in just this moment to close the connection (yes, all fixed
with HTTP/2, at least they got this one right), the client does not know
whether the server actually received and processed the request.

With an idempotent request the client can just repeat it on a new
connection without asking for user feedback.

I think some proxies (and perhaps client implementations too) will
actually open a new connection for each POST request (although I just
found mails claiming squid does it for POST/PUT/DELETE).

regards,
Stefan