IETF Logo Mail Archive

Re: [art] Revising BCP56: On the use of HTTP as a Substrate

Ted Hardie <ted.ietf@gmail.com> Sat, 15 July 2017 14:26 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: art@ietfa.amsl.com
Delivered-To: art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E20AE1318C4 for <art@ietfa.amsl.com>; Sat, 15 Jul 2017 07:26:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jql_qm9yT-ed for <art@ietfa.amsl.com>; Sat, 15 Jul 2017 07:26:14 -0700 (PDT)
Received: from mail-qt0-x236.google.com (mail-qt0-x236.google.com [IPv6:2607:f8b0:400d:c0d::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96641126CC7 for <art@ietf.org>; Sat, 15 Jul 2017 07:26:14 -0700 (PDT)
Received: by mail-qt0-x236.google.com with SMTP id r30so80638559qtc.0 for <art@ietf.org>; Sat, 15 Jul 2017 07:26:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=BAJm5dmEGnRWCm7cs3kW8UVLLvGg7/XwXBeLDTucAxg=; b=fHUUXPZgewLbrPhRXuP4vTgC3JMbGqxtKUzOT0YoirA9RDi30Y0TFJpF6QRNMTc6Wz FSqYMd2hk/tIBVuZb7GQTlPa449GbZcCQstZoNCJrar7fpdeG04OIwAIfYlUlmS2kGzF VS8EvHyDUPt7/bDfNeuJ7ikCxOxB5Odc4GWny0EzDXEbN2T73YMEJ5gve6f1AExVuBNn sdxA5hARiR+jAz3zIcMA3Q3/Pa8hgPA+STN7KODEHyLx7mti7H15ZHKJ2KgKh2cJD7xK vNb11YK3N+ca++oEfDQlVOQUQHzwbetvYcjpv8uUWnI1K6NHoOyfhKvJ9hfqbDNzLwNz LkUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=BAJm5dmEGnRWCm7cs3kW8UVLLvGg7/XwXBeLDTucAxg=; b=faON0hM2OjZQnfMJQXqmIz9G+psN/TQTjux3mLVC7PxxEYkdRxW9Z04FSh9oyy08zX 7yUpnYIGDHMynnnerLq213dg2Uc4caTBo7SaRXiw67F3QoDBWLnn3fcJQ+f8e/9/F7FQ lmQx+qRu8wZFOd0sZ4TqcwG+zkPpv12rleBV9o0+SgkAdUh9Zr4dxlKOUA+GQ8caMdQ8 6q2ahfxnGFDOD3HIzpmc61nS+NjhobFcqkOAwZ2NI4tCIfgkygzdnaerUkf0iUzfR5E0 munXXCHqAXscl0nriR30jjCXaecozxppfKxqOLio+SBrRAz7tWCuTJYzNA70R5EpNlAB KpQg==
X-Gm-Message-State: AIVw110X2McPGm0yyw1kTj0SgW3Wv6QsJbrwiCsh4/sNLTDMDd7YhU8f xxFuBJgFYWrYvOpnYxTGrXy+uZnkSyO3
X-Received: by 10.200.32.146 with SMTP id 18mr18814881qtd.146.1500128773546; Sat, 15 Jul 2017 07:26:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.4.21 with HTTP; Sat, 15 Jul 2017 07:25:43 -0700 (PDT)
In-Reply-To: <DE1772EA-E54A-4FC5-AF5B-6958477B0F44@mnot.net>
References: <83273F06-63D3-41C1-BC3C-9ECE401C2279@mnot.net> <ebabe106-d914-f21b-30c2-f91f583f4de5@nostrum.com> <DE1772EA-E54A-4FC5-AF5B-6958477B0F44@mnot.net>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Sat, 15 Jul 2017 16:25:43 +0200
Message-ID: <CA+9kkMCaSqH=RwQgKJaLdRWA8mYnGL2Lw=cb20Szx4O__mg_Hw@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Adam Roach <adam@nostrum.com>, Alexey Melnikov <alexey.melnikov@isode.com>, art@ietf.org, Patrick McManus <mcmanus@ducksong.com>
Content-Type: multipart/alternative; boundary="f403045ee6a6aa275905545bf2b4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/art/7j3v5lZ4zxIWWOJCNkuIVBkNLtI>
Subject: Re: [art] Revising BCP56: On the use of HTTP as a Substrate
X-BeenThere: art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Applications and Real-Time Area Discussion <art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/art>, <mailto:art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/art/>
List-Post: <mailto:art@ietf.org>
List-Help: <mailto:art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/art>, <mailto:art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jul 2017 14:26:17 -0000

On Sat, Jul 15, 2017 at 4:09 PM, Mark Nottingham <mnot@mnot.net> wrote:

>
> > On 15 Jul 2017, at 11:20 am, Adam Roach <adam@nostrum.com> wrote:
> >
> > I found 4.3.2 particularly interesting, as there doesn't seem to have
> been consensus in this space in the past. For example, the ws(s) and ipp(s)
> schemes made a different decision. I presume your assertion is that, were
> we defining these protocols today, they would be using http(s) instead?
>
> AFAICT IPP doesn't use the HTTP port, scheme nor HTTP's registries, so as
> per section 2, it's not "using" HTTP.
>
>
RFC 7472 describes the  HTTPS tranport binding and its relationship to the
ipps scheme (it's a successor to some previous work doing similar things
for HTTP).  It notes:

The IPP Client converts the 'ipps' URI to an 'https' URI [RFC7230
<https://tools.ietf.org/html/rfc7230>]
      (replacing 'ipps' with 'https' and inserting the port number from
      the URI or port 631 if the URI doesn't include an explicit port
      number);

While the default isn't the existing HTTPS port, it's my understanding that
in some deployments the ipps scheme uses the HTTPS port and so ends up with
an HTTPS scheme message over the standard HTTPS port.

regards,

Ted


> WS(S) uses port 80/443 to bootstrap into another protocol (using Upgrade).
> There probably needs to be a carve-out for that.
>
> > I don't see anything wrong with that; I just want to probe the edges of
> this advice by seeing how it would have applied to decisions we made in the
> past, since that's a pretty good predictor for how it might apply in the
> future.
> >
> > The advice in 4.3.3 seems a bit strong, in that it will require whatever
> process listens on port 443 to take on an ever-increasing role. If we're
> going to keep this advice, I think the document needs some treatment of the
> software architecture implications: functionally, whatever listens to port
> 443 will need to be able to delegate sub-trees of the URL space to other
> processes. I know that some web servers have mechanisms to handle this kind
> of thing today; but we're effectively saying that this will become required
> base functionality for web servers moving forward.
> >
> > I wonder, in that context, whether the current advice strikes the right
> balance.
>
> I think that's a great conversation to have.
>
> Cheers,
>
> >
> > /a
> >
> > On 7/11/17 06:14, Mark Nottingham wrote:
> >> A number of folks have recently noted that BCP56 addresses the problems
> of using HTTP for protocols in the early 2000's, but we've moved on
> considerably since then.
> >>
> >> Given the number of IETF protocols being build upon HTTP these days, it
> seems timely to reconsider it. I've been working on a candidate for
> replacing it for a little while; see:
> >>   https://tools.ietf.org/html/draft-nottingham-bcp56bis
> >>   https://mnot.github.io/I-D/bcp56bis/
> >>
> >> I have a small-ish slot in the HTTP WG session on Wednesday to discuss
> this.
> >>
> >> Cheers,
> >>
> >> --
> >> Mark Nottingham   https://www.mnot.net/
> >>
> >> _______________________________________________
> >> art mailing list
> >> art@ietf.org
> >> https://www.ietf.org/mailman/listinfo/art
> >
> >
> > _______________________________________________
> > art mailing list
> > art@ietf.org
> > https://www.ietf.org/mailman/listinfo/art
>
> --
> Mark Nottingham   https://www.mnot.net/
>
>
> _______________________________________________
> art mailing list
> art@ietf.org
> https://www.ietf.org/mailman/listinfo/art
>

v2.23.0 | Report a Bug | By Email