IETF Logo Mail Archive

Re: [art] Revising BCP56: On the use of HTTP as a Substrate

Dave Thaler <dthaler@microsoft.com> Sun, 16 July 2017 08:11 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: art@ietfa.amsl.com
Delivered-To: art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C248C12785F for <art@ietfa.amsl.com>; Sun, 16 Jul 2017 01:11:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.012
X-Spam-Level:
X-Spam-Status: No, score=-3.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AL_lU4kxXCSa for <art@ietfa.amsl.com>; Sun, 16 Jul 2017 01:11:55 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0126.outbound.protection.outlook.com [104.47.33.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C671127180 for <art@ietf.org>; Sun, 16 Jul 2017 01:11:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=cm33gtuE2+kWio0ewEQ8HEIyaCdxcTk+pugctitO+5I=; b=Ujt6jvilW+3k+SNS0hSON7vFAuBII1Si6Q0C6xhfOfx0cxi2X0oN3/QbaZQT3EmrA9nC0Na4IW+UHRcNOT2HHVkKRnzyepTUnREy6lmBws6cgUzw4i9eFCfR2JfEo3wW0XKaoiHruJzVvOxBxtX0t0+VHVkgdFkIrH/hpZyqCsg=
Received: from MWHPR21MB0125.namprd21.prod.outlook.com (10.173.52.7) by MWHPR21MB0175.namprd21.prod.outlook.com (10.173.52.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.5; Sun, 16 Jul 2017 08:11:53 +0000
Received: from MWHPR21MB0125.namprd21.prod.outlook.com ([10.173.52.7]) by MWHPR21MB0125.namprd21.prod.outlook.com ([10.173.52.7]) with mapi id 15.01.1282.008; Sun, 16 Jul 2017 08:11:53 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Mark Nottingham <mnot@mnot.net>, Adam Roach <adam@nostrum.com>
CC: Alexey Melnikov <alexey.melnikov@isode.com>, "art@ietf.org" <art@ietf.org>, Patrick McManus <mcmanus@ducksong.com>
Thread-Topic: [art] Revising BCP56: On the use of HTTP as a Substrate
Thread-Index: AQHS+fwvBa2rF+wzTE+ph2KDNcIt26JUo0gAgABQlgCAAShFMA==
Date: Sun, 16 Jul 2017 08:11:52 +0000
Message-ID: <MWHPR21MB0125968A70D48B275C8EC08CA3A30@MWHPR21MB0125.namprd21.prod.outlook.com>
References: <83273F06-63D3-41C1-BC3C-9ECE401C2279@mnot.net> <ebabe106-d914-f21b-30c2-f91f583f4de5@nostrum.com> <DE1772EA-E54A-4FC5-AF5B-6958477B0F44@mnot.net>
In-Reply-To: <DE1772EA-E54A-4FC5-AF5B-6958477B0F44@mnot.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: mnot.net; dkim=none (message not signed) header.d=none;mnot.net; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:67c:1232:144:b4f4:e5be:e89a:b40e]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR21MB0175; 7:jSsIKSAYFOvXPgSr3smdQyPnahNPTmxponz5CB6T3HNYnDkV6xkKRo/eJqrvcjUwC0zzADeNgqrUn78RUsq56tlEsWcpBCS97qUOV+Gynyk7U/wXYHLgstq1Uco0CGUZm8k05Lw57Z5lPd0zaEjQBiepWmeEM0LLAx0NpCDnEEpPje/gHBGNs/LUhlSkIZt9OuhLWwfI9Ac0oqt9NWsrwrkqkfc0yxPyKLCNgPq3YS1+bA7FC5d0wbQKNtjMVEpPp/M58fAcLlgFp2kGfPNY9YpVGKryndK0DyED+2UlbuWZYNN7DFHrTZfirpFiaKHRLv95k4Ti7yngRwb4V0fKIBKtTLJBiHehT1BecQbt1QFQASazGMGW9gJVN+KAJB7WY3JGJdRs+LNwh6UXU1T2fpmQ/8DvMCdgDtH2y3yaO6WYrVpGyxvFzUQJ72pudS9d0n3eIICCIwCAUy7XBFOLq1892FnqBBVF6PD/mEuTevNpC/SBkAV1oYzItd8rbMWjA4IY2vO0yWIIf34CukGataXeJUQ8Wz5D/d1ybnMMSudbYsxvj/pG7yhfQo3eAJvmGDFiYgUwE//X2Rh6fLJ/HFSHWsIbrJcdXaXoKnYXOoJ8NFG90xf17HlxzzgrQ8LtCRDsrvtQF0X7Rp4RUweStq6EKMloi/TTawJ49XuGiv+0BUHbvHD4f1/lZPexfpE7Hg+CgcgvdT3PTuCosEX7NDFWB3jB7nyS7nGQw+K9sHsSYrgGTT/TpGbncmfdh1vYEyaZCe0M1UQw83OkzSqgcza7lvCDVUtlHpoZp4TQfnWg8Blg81xFS+XB2Uc5D/L/
x-ms-office365-filtering-correlation-id: 454c5245-7b1b-4420-5de8-08d4cc225147
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:MWHPR21MB0175;
x-ms-traffictypediagnostic: MWHPR21MB0175:
x-exchange-antispam-report-test: UriScan:(278178393323532)(236129657087228)(189930954265078)(48057245064654)(100405760836317)(219752817060721)(247924648384137);
x-microsoft-antispam-prvs: <MWHPR21MB0175FF53D173AFE88F41A166A3A30@MWHPR21MB0175.namprd21.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(2017060910075)(5005006)(8121501046)(3002001)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123564025)(20161123560025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:MWHPR21MB0175; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:MWHPR21MB0175;
x-forefront-prvs: 03706074BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39850400002)(39410400002)(39450400003)(39860400002)(39840400002)(39400400002)(377454003)(13464003)(24454002)(51444003)(305945005)(9686003)(5005710100001)(54906002)(55016002)(6246003)(7736002)(6306002)(99286003)(2906002)(53936002)(3660700001)(33656002)(3280700002)(38730400002)(189998001)(7696004)(74316002)(6436002)(2950100002)(5660300001)(8936002)(8676002)(10090500001)(6506006)(77096006)(2900100001)(229853002)(76176999)(81166006)(54356999)(478600001)(6116002)(50986999)(14454004)(4326008)(25786009)(53546010)(575784001)(86362001)(966005)(102836003)(10290500003); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0175; H:MWHPR21MB0125.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jul 2017 08:11:52.8012 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0175
Archived-At: <https://mailarchive.ietf.org/arch/msg/art/EQ2Rwzfy_GhVh96xa5HDWu-Y8jo>
Subject: Re: [art] Revising BCP56: On the use of HTTP as a Substrate
X-BeenThere: art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Applications and Real-Time Area Discussion <art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/art>, <mailto:art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/art/>
List-Post: <mailto:art@ietf.org>
List-Help: <mailto:art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/art>, <mailto:art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jul 2017 08:11:58 -0000

I think 4.3.2 is problematic as currently worded.  For example,
> Using other schemes to denote an application using HTTP makes it more
>  difficult to use with existing implementations (e.g., Web browsers),
>   and is likely to fail to meet the requirements of [RFC7595].

The "URI Schemes and Web Protocols" document Henry pointed to argues for separate URI schemes
for different protocols (ftp, http, coap, etc.), e.g. "G4. Serve using the protocol associated with the URI scheme".

I think the "HTTP as a Substrate" document is worded as if the only protocol an app supports is HTTP,
which is not the case.   If an application defines higher layer semantics where HTTP and something else
can both be used as transports (the topic of draft-thaler-appsawg-multi-transport-uris discussion),
than 4.3.2 would imply that one must use multiple URIs for the same transport, rather than having
one higher-layer URI for the application-layer protocol or semantics.

http://www.w3.org/TR/webarch/#uri-aliases discusses multiple URIs for the same resource and has recommendations like
"A URI owner SHOULD NOT associate arbitrarily different URIs with the same resource."

Thus that would argue that apps should have higher-layer URIs for concepts that are not specific to HTTP,
since there may be different URIs that differ by existing protocol (and URI scheme).  As such, 4.3.2
seems problematic since it seems to be saying that that's bad and apps should use different URIs with
the same resource.

Dave

-----Original Message-----
From: art [mailto:art-bounces@ietf.org] On Behalf Of Mark Nottingham
Sent: Saturday, July 15, 2017 4:09 PM
To: Adam Roach <adam@nostrum.com>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>; art@ietf.org; Patrick McManus <mcmanus@ducksong.com>
Subject: Re: [art] Revising BCP56: On the use of HTTP as a Substrate


> On 15 Jul 2017, at 11:20 am, Adam Roach <adam@nostrum.com> wrote:
> 
> I found 4.3.2 particularly interesting, as there doesn't seem to have been consensus in this space in the past. For example, the ws(s) and ipp(s) schemes made a different decision. I presume your assertion is that, were we defining these protocols today, they would be using http(s) instead?

AFAICT IPP doesn't use the HTTP port, scheme nor HTTP's registries, so as per section 2, it's not "using" HTTP.

WS(S) uses port 80/443 to bootstrap into another protocol (using Upgrade). There probably needs to be a carve-out for that.

> I don't see anything wrong with that; I just want to probe the edges of this advice by seeing how it would have applied to decisions we made in the past, since that's a pretty good predictor for how it might apply in the future.
> 
> The advice in 4.3.3 seems a bit strong, in that it will require whatever process listens on port 443 to take on an ever-increasing role. If we're going to keep this advice, I think the document needs some treatment of the software architecture implications: functionally, whatever listens to port 443 will need to be able to delegate sub-trees of the URL space to other processes. I know that some web servers have mechanisms to handle this kind of thing today; but we're effectively saying that this will become required base functionality for web servers moving forward.
> 
> I wonder, in that context, whether the current advice strikes the right balance.

I think that's a great conversation to have.

Cheers,

> 
> /a
> 
> On 7/11/17 06:14, Mark Nottingham wrote:
>> A number of folks have recently noted that BCP56 addresses the problems of using HTTP for protocols in the early 2000's, but we've moved on considerably since then.
>> 
>> Given the number of IETF protocols being build upon HTTP these days, it seems timely to reconsider it. I've been working on a candidate for replacing it for a little while; see:
>>   https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-nottingham-bcp56bis&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=SXTi6jowkOjw%2FcueFIzjv8pgO6xr2CWNs03T%2FmjC5%2Bo%3D&reserved=0
>>   https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmnot.github.io%2FI-D%2Fbcp56bis%2F&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=dfU3abFGiVGy5GoWjP3%2Fqs%2Bz9GA5mDTpkOahKaYHGz0%3D&reserved=0
>> 
>> I have a small-ish slot in the HTTP WG session on Wednesday to discuss this.
>> 
>> Cheers,
>> 
>> --
>> Mark Nottingham   https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mnot.net%2F&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=aKla74j9QLO02JvWmdd%2BG8ie9U0R9MFKdO1UCDFOOsU%3D&reserved=0
>> 
>> _______________________________________________
>> art mailing list
>> art@ietf.org
>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fart&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=E7%2F7g5BJkM6FgK0HHSxmflR0oN7zWPfqQRybZ55Eq0Y%3D&reserved=0
> 
> 
> _______________________________________________
> art mailing list
> art@ietf.org
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fart&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=E7%2F7g5BJkM6FgK0HHSxmflR0oN7zWPfqQRybZ55Eq0Y%3D&reserved=0

--
Mark Nottingham   https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mnot.net%2F&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=aKla74j9QLO02JvWmdd%2BG8ie9U0R9MFKdO1UCDFOOsU%3D&reserved=0


_______________________________________________
art mailing list
art@ietf.org
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fart&data=02%7C01%7Cdthaler%40microsoft.com%7Ca6ddee6841bc45cc22fd08d4cb8b15ae%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636357245624370624&sdata=E7%2F7g5BJkM6FgK0HHSxmflR0oN7zWPfqQRybZ55Eq0Y%3D&reserved=0

v2.23.0 | Report a Bug | By Email