Re: [apps-discuss] I-D Action: draft-nottingham-http-browser-hints-00.txt
Mark Nottingham <mnot@mnot.net> Tue, 17 May 2011 06:17 UTC
Return-Path: <mnot@mnot.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50651E07AE for <apps-discuss@ietfa.amsl.com>; Mon, 16 May 2011 23:17:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.602
X-Spam-Level:
X-Spam-Status: No, score=-104.602 tagged_above=-999 required=5 tests=[AWL=-2.003, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1cBC2v7yGmUv for <apps-discuss@ietfa.amsl.com>; Mon, 16 May 2011 23:16:59 -0700 (PDT)
Received: from mxout-07.mxes.net (mxout-07.mxes.net [216.86.168.182]) by ietfa.amsl.com (Postfix) with ESMTP id 45AACE0682 for <apps-discuss@ietf.org>; Mon, 16 May 2011 23:16:58 -0700 (PDT)
Received: from chancetrain-lm.mnot.net (unknown [118.209.62.233]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 900DA22E1F4; Tue, 17 May 2011 02:16:51 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20110517053416.GB26443@1wt.eu>
Date: Tue, 17 May 2011 16:16:48 +1000
Content-Transfer-Encoding: quoted-printable
Message-Id: <FC3C8827-D071-4EE8-B7DA-CBA7E26ACF1B@mnot.net>
References: <20110517042149.2176.20778.idtracker@ietfa.amsl.com> <1603FA8A-5BBC-4574-815A-2E13850F1D52@mnot.net> <20110517053416.GB26443@1wt.eu>
To: Willy Tarreau <w@1wt.eu>
X-Mailer: Apple Mail (2.1084)
Cc: HTTP Working Group <ietf-http-wg@w3.org>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] I-D Action: draft-nottingham-http-browser-hints-00.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Apps Discuss <apps-discuss@ietf.org>
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2011 06:17:00 -0000
[ sending replies to apps-discuss ] Hi Willy, On 17/05/2011, at 3:34 PM, Willy Tarreau wrote: > Hi Mark, > > On Tue, May 17, 2011 at 02:23:29PM +1000, Mark Nottingham wrote: >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-nottingham-http-browser-hints-00.txt > > While I have still not replied to your previous mail about the pipelining > draft, I must say that I like this new proposal a lot more than the old one. Thanks, but they're orthogonal. > I think that default values should be indicated for all values there. The defaults are the current behaviours of implementations; anything else would make this mechanism non-optional, and introduce lots of problems. > For > instance, if a site complies with this draft and delivers a browser-hints > file, it means that it's likely to comply with many of the server > requirements, so pipelining should be supported for instance. Pipelining already has to be supported, if it's a HTTP/1.1 server. As has been discussed ad nauseum, a "I support pipelining" or even a "I really support pipelining" flag doesn't do anyone any good. > Thus, we > could reasonably suggest that max-pipeline-depth is non-zero when not > specified. > > For "small-hdrs", we should explicitly indicate what Accept* header values > will be used by the server when they are not sent by the browser. It'll work just like it does when you don't send the Accept-Headers values in HTTP today. Anything else would be introducing incompatible changes to HTTP. > Concerning the no-referer, we're risking that people always ask for a > referer header to be sent because they want to see how they're indexed. > My suggestion would be that we provide the ability not to send a referer > header for requests coming from the same site (eg: fetching images from > a site's page enlarges all requests for nothing). That could probably be > combined with the new Ref header you're proposing with various options : > > - no referer from the same site > - relative referer only without query string > - relative referer only with query string > - full referer I suspect that the referer-related mechanisms are going to be refined, based on feedback I've already received. Also, see Adam Barth's related work on Origin. > I'm seeing a minor issue though : we're mixing there two distinct pieces of > information. We have infrastructure-related information (pipelining, concurrent > persistent connections, etc...) and application informationn (referer, ...). > > Some large hosting infrastructures I know will like the connection related > informations to be directly delivered from outer shared reverse proxies for all > hosted sites, while the application-specific information will be delivered from > hosted applications. Eg: one app will want the referer while another won't care, > however neither knows what to announce for pipelining or persistent conns. IME more complex deployments like this tend to develop back-end practices and tools to manage those issues. > Thus we should probably have two distinct well known files. In order to > reduce the number of requests, we could suggest that if the browser-hints > file does not contain any connection information, then the browser is > invited to get /.well-known/connection-hints too as a complement. I have a pretty strong suspicion that this will end up being too complex, but let's see what others think. > Anyway I don't think that fetching two files is an issue, considering that > the connection-specific one would be cached much longer. > > While we're at it, the same file could be used to announce the configured > keep-alive timeout so that browsers don't try to send requests over > supposedly dead connections. Possibly, but I'm not sure what that achieves, vs. the Keep-Alive header that's already implemented. Some servers also want this to be dynamic. See also Martin Thompson et al's work on timeouts. Cheers, -- Mark Nottingham http://www.mnot.net/
- [apps-discuss] Fwd: I-D Action: draft-nottingham-… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Dzonatas Sol
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Dzonatas Sol
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Brian Pane
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Dzonatas Sol
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Dzonatas Sol
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Mark Nottingham
- Re: [apps-discuss] I-D Action: draft-nottingham-h… Brian Pane