Re: [Http-grease] Getting started
David Schinazi <dschinazi.ietf@gmail.com> Wed, 22 July 2020 00:04 UTC
Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: http-grease@ietfa.amsl.com
Delivered-To: http-grease@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0D8D3A084D for <http-grease@ietfa.amsl.com>; Tue, 21 Jul 2020 17:04:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rk0VsgwQn9Ci for <http-grease@ietfa.amsl.com>; Tue, 21 Jul 2020 17:04:50 -0700 (PDT)
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA52B3A084E for <http-grease@ietf.org>; Tue, 21 Jul 2020 17:04:49 -0700 (PDT)
Received: by mail-lj1-x233.google.com with SMTP id z24so547041ljn.8 for <http-grease@ietf.org>; Tue, 21 Jul 2020 17:04:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WOTWTiTbNxi0t06cwqDJTm+eROdhi2clKoKhx79/oFs=; b=u7DLSfOhphNRJ5c6yG12MnVp5scvfJ/vKDWoHoWL6DW0h5R+2nT4PBoC8eH9Tc2Bgz UDSQS/+MDTMnxON9MM7nsWI2BlWs5WUrejzraeAORJgVwkQI4gwALkBDDsMZlpdWbZRK 92qxnWNiR/TQtK04w8d3zUV7Abe+7AHwSQJ2PSw8PNNTNSsBQ+DL4ImTLdN9akQPM8xp kyStVYL9IsnoEdSXm/0O5hAmOsd7EDG6/y9tG8qWHI4ZlWhl3zwHYUerIdADHiMLmDFR tOLqApMb8TBPXc/ZTSqUg7i+YWFlekA577tZCt5sxKVeJQu0O2W8I3fmlWr1L+GoB0KE TnZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WOTWTiTbNxi0t06cwqDJTm+eROdhi2clKoKhx79/oFs=; b=Fbn+sBlzkDj49e5fM/v43H+j0upJvaj3LpHcrBY7VSwOa0KSmjE/WgVaXQ+ZezJZ5L tYZ+M7WzNNKiOgIKOvfe9uEfYZv5IbH5A8bxVgCWLXfUb+/siPUHjtw17slsHW5KRfdJ vqayCJR3LYlUJbfbBlsA/kXmYm4KeSyWMQ7E+z7VeOEiDKC+KntpllA/ucRWiyoQxarM PKIpcz5ZCV2n5/cQmJsDE0IlhuaKhmGMVkvhp0dzTfXXMPx0mSmF/WIddUPjS8Dat9s+ Im4HQ1Tg+GmjaaC1Icw45YtjHGoVp/loPKcIOVf0RDMnG2ChFdzQdEsxRLgRFbi2lUPd 1TLQ==
X-Gm-Message-State: AOAM530tp6Q2+zembw6O0UBXw6ZWKsXFF0xKccNoxCh2ateAGLClQYjC gTZ5JAd0kqX2kOt3TW+RQ8bVSQ+ro3w3pKh0xbU=
X-Google-Smtp-Source: ABdhPJz+9rpl9chRT2p1Ny/3gnj/xWGIJjuLIuq2hngCflQ5+xRuHjtSaF6cwxprqfs7maVLCIucqr6B1lm/nDyVB/Q=
X-Received: by 2002:a2e:161a:: with SMTP id w26mr13797949ljd.216.1595376287814; Tue, 21 Jul 2020 17:04:47 -0700 (PDT)
MIME-Version: 1.0
References: <E0C3E9C3-90BE-4DD1-92D5-DF00EB346D27@mnot.net> <4797A429-7ED6-45E7-ABA3-E9A22E4A24F6@apple.com> <4BA6228E-B8A7-4C6E-B495-12E41BA13E73@mnot.net>
In-Reply-To: <4BA6228E-B8A7-4C6E-B495-12E41BA13E73@mnot.net>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Tue, 21 Jul 2020 17:04:36 -0700
Message-ID: <CAPDSy+5V4=j1M+YE34PC=GxqOBDPoL1c2NaOL3U_tkykOdP6aw@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Tommy Pauly <tpauly@apple.com>, http-grease@ietf.org
Content-Type: multipart/alternative; boundary="000000000000eb173d05aafc7cff"
Archived-At: <https://mailarchive.ietf.org/arch/msg/http-grease/7YtSq2aNMGCCIdidh-iX-Kxg8dU>
Subject: Re: [Http-grease] Getting started
X-BeenThere: http-grease@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion about ensuring flexibility in HTTP extensions \(\"grease'\)" <http-grease.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-grease>, <mailto:http-grease-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-grease/>
List-Post: <mailto:http-grease@ietf.org>
List-Help: <mailto:http-grease-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-grease>, <mailto:http-grease-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 00:04:52 -0000
Hi folks, Adding some thoughts from the Chrome client perspective. First off, I think this is interesting, important, and timely. I'll do what I can to ensure Chrome participates in this effort. As par as deployment process, we would most likely start this off in Chrome Canary, then proceed through Dev, Beta and Stable if the breakage is low enough (though I don't yet know what exact number is "low enough"...). For this to be a success, I think we're going to need to deploy this is stable/prod channels to make it impossible to ignore. We would be able to leverage Chrome's experimentation framework to allow dynamically configuring grease parameters and roll things back if the breakage is way too high. I would argue against any type of fallback, because if the user does not see the failure, they won't report it, and it'll never get fixed. Even something that increases pain by making the request take longer won't be enough to cause change. I think it's important for clients to coordinate, so the breakage and corresponding triaging is spread across all of us. That said, I don't think we need to pick an explicit date like we did for the deprecation of TLS 1.0/1.1. In particular, I think it would be useful to coordinate on the exact scope of the greasing: what characters are part of the random set for example. Similarly, we'll all benefit from sharing results: if the exclamation point character is known to break 42% of the Web, then it's not worth greasing that in our first wave of grease attempts. Hope this helps, David On Fri, Jul 10, 2020 at 12:21 AM Mark Nottingham <mnot@mnot.net> wrote: > > > > On 10 Jul 2020, at 5:43 am, Tommy Pauly <tpauly@apple.com> wrote: > > > > - Deploying on betas (or for us, internal builds) makes this *much* more > palatable in general, so it may be good to start out with clients doing it > on beta deployments, and only move to production-scale later > > This makes me wonder whether we should just try it with as many clients as > can opt in on those channels, with a value that's really simple. As a > bonus, we could use it to get more folks to participate here -- e.g., > > Grease-1: "https://bit.ly/http-grease" > > .... where that link would lead to a document explaining what we're doing, > or it could be an implementation-specific link. After appropriate notice > and discussion, of course. > > Cheers, > > > -- > Mark Nottingham https://www.mnot.net/ > > -- > Http-grease mailing list > Http-grease@ietf.org > https://www.ietf.org/mailman/listinfo/http-grease >
- [Http-grease] Getting started Mark Nottingham
- Re: [Http-grease] Getting started Tommy Pauly
- Re: [Http-grease] Getting started Mark Nottingham
- Re: [Http-grease] Getting started David Schinazi