Re: [apps-discuss] Spencer Dawkins' Discuss on draft-ietf-appsawg-http-problem-02: (with DISCUSS and COMMENT)
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Thu, 07 January 2016 13:58 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAEAB1A8A3F; Thu, 7 Jan 2016 05:58:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_LETTER=-2, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KmGjd6_mharD; Thu, 7 Jan 2016 05:58:12 -0800 (PST)
Received: from mail-vk0-x233.google.com (mail-vk0-x233.google.com [IPv6:2607:f8b0:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77FFE1A8A09; Thu, 7 Jan 2016 05:58:12 -0800 (PST)
Received: by mail-vk0-x233.google.com with SMTP id k1so174092629vkb.2; Thu, 07 Jan 2016 05:58:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=UarKi31P3B6bMnEQ7f6vA/WRYgMXGuaAha6+XcBoE5Q=; b=ATXHKOALl2TgprWAm7QB26HtsN7RQEq7Z/2lU2c8DNfZvFwRoLS/rjF8fLqiCeeg+Y BD45DvoDpIRINe4ik9MMNPy7XEYlPt4JjnnqMIietQ6EZogcU1HOL8KpUoaWO/ucG7T/ ozSVUOS+7INVedGXyuTnCmHC6yYLC9TeoJ2Rt/SvCmo32Si0Vsh554pRnG3FzA9VMZsi 0g0GjJBXcba8PrUhVA/XxP/fnoSwcp9d7o4/xnD8LCYf9bS/5xZ1qJazkPxnbfkiMCMU Opbyzb9OAia/JIlKsT0ndyWop0ATCVpgR+A3Aw7BtAczNRxjm7S5RNNoj0LNAzOCwRRZ tbKQ==
MIME-Version: 1.0
X-Received: by 10.31.165.71 with SMTP id o68mr66687188vke.67.1452175091586; Thu, 07 Jan 2016 05:58:11 -0800 (PST)
Received: by 10.31.182.75 with HTTP; Thu, 7 Jan 2016 05:58:11 -0800 (PST)
In-Reply-To: <E5E44DF7-6358-4702-9D96-921780CDC6A7@mnot.net>
References: <20151217143841.8732.14093.idtracker@ietfa.amsl.com> <E5E44DF7-6358-4702-9D96-921780CDC6A7@mnot.net>
Date: Thu, 07 Jan 2016 07:58:11 -0600
Message-ID: <CAKKJt-ebQQO4-DT9Y+X9u-55ZhRjPJc=nyXKwxgpJtqUQFFGcg@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Content-Type: multipart/alternative; boundary="001a1141600a7c5da90528bedc45"
Archived-At: <http://mailarchive.ietf.org/arch/msg/apps-discuss/aC1NqU4O3_2hyshb_BPFEWLnBd4>
Cc: appsawg-chairs@ietf.org, draft-ietf-appsawg-http-problem@ietf.org, The IESG <iesg@ietf.org>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] Spencer Dawkins' Discuss on draft-ietf-appsawg-http-problem-02: (with DISCUSS and COMMENT)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2016 13:58:15 -0000
Hi, Mark, On Thu, Dec 17, 2015 at 6:05 PM, Mark Nottingham <mnot@mnot.net> wrote: > Hi Spencer, > > On 18 Dec 2015, at 1:38 am, Spencer Dawkins <spencerdawkins.ietf@gmail.com> > wrote: > > > I'm elevating this to a (late) Discuss, because I haven't heard anything > > back, and didn't want the document approved without having a (short) > > discussion. I'll be back to Yes after that. > > > > In this text, > > > > The "status" member duplicates the information available in the HTTP > > status code itself, thereby bringing the possibility of disagreement > > between the two. Their relative precedence is not clear, since a > > disagreement might indicate that (for example) an intermediary has > > modified the HTTP status code in transit. As such, those defining > > problem types as well as generators and consumers of problems need to > > be aware that generic software (such as proxies, load balancers, > > firewalls, virus scanners) are unlikely to know of or respect the > > status code conveyed in this member. > > > > I understand what you're saying about a mismatch being possible, and some > > of the possible reasons why that might happen, but isn't this saying that > > anyone who can understand the "status" member should prefer its value > > when there's a mismatch (because it's less likely to have been dorked > > with by an intermediary - or is that even true)? > > It really depends on what their purpose is. The HTTP status might be > updated because of legitimate HTTP machinery -- e.g., by a cache (304), or > a proxy (various things like proxy auth, disconnected operation). The > status member is there to preserve the original intent of the author, and > also for convenience (e.g., when a message is persisted, often the status > is lost). > > > > So, the situation looks to me, like there's a MUST > > > > The status member, if present, is only advisory; it conveys the HTTP > > status code used for the convenience of the consumer. Generators > > MUST use the same status code in the actual HTTP response, to assure > > that generic HTTP software that does not understand this format still > > behaves correctly. > > > > that some intermediary can dork with, so the result violates the MUST, > > and we really can't tell the receiver what you should do at that point. > > "Gee, I guess you're gonna have to flip a coin to decide who to believe" > > would be sad, but it would be more guidance than the document has now :-) > > If you're implementing generic HTTP software, you're going to be using the > HTTP status. If you're interpreting the HTTP problem itself, you're > probably going to pay attention to the one in-document, IF you pay > attention to it at all. Thanks for the explanations. I'll clear this Discuss, but would love it if you could say something like what you've told me in the document. > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > I've wished this mechanism was available, a few times already. > > > > In this text, > > > > If such additional members are defined, their names SHOULD start with > > a letter (ALPHA, as per [RFC5234], Appendix B.1) and SHOULD consist > > of characters from ALPHA, DIGIT (Ibid.), and "_" (so that it can be > > serialized in formats other than JSON), and SHOULD be three > > characters or longer. > > > > are there any benefits to not conforming to these SHOULDs? For example, > > would you really need to have a two-character member name, and you'd fail > > if the member name was three characters long? ("Why are these not > > MUSTs?") > > Those requirements are to make it compatible with the XML mapping. They're > SHOULDs because someone might be really, really sure that their problems > will never be used in XML. > > Cheers, > > > > -- > Mark Nottingham https://www.mnot.net/ > >
- [apps-discuss] Spencer Dawkins' Discuss on draft-… Spencer Dawkins
- Re: [apps-discuss] Spencer Dawkins' Discuss on dr… Mark Nottingham
- Re: [apps-discuss] Spencer Dawkins' Discuss on dr… Spencer Dawkins at IETF
- Re: [apps-discuss] Spencer Dawkins' Discuss on dr… Mark Nottingham