Re: ID for Immutable

Amos Jeffries <squid3@treenet.co.nz> Thu, 27 October 2016 02:28 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A60A1296BC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 26 Oct 2016 19:28:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.352
X-Spam-Level:
X-Spam-Status: No, score=-7.352 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AMF-w3YgYXQM for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 26 Oct 2016 19:28:21 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB2D612969D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 26 Oct 2016 19:28:21 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bzaMQ-0000OL-Nu for ietf-http-wg-dist@listhub.w3.org; Thu, 27 Oct 2016 02:24:06 +0000
Resent-Date: Thu, 27 Oct 2016 02:24:06 +0000
Resent-Message-Id: <E1bzaMQ-0000OL-Nu@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <squid3@treenet.co.nz>) id 1bzaMJ-0000Lk-Fu for ietf-http-wg@listhub.w3.org; Thu, 27 Oct 2016 02:23:59 +0000
Received: from [121.99.228.82] (helo=treenet.co.nz) by mimas.w3.org with esmtp (Exim 4.84_2) (envelope-from <squid3@treenet.co.nz>) id 1bzaMC-0005Mt-Kw for ietf-http-wg@w3.org; Thu, 27 Oct 2016 02:23:54 +0000
Received: from [192.168.20.251] (unknown [121.98.45.78]) by treenet.co.nz (Postfix) with ESMTP id 1D649E6ED1; Thu, 27 Oct 2016 15:23:22 +1300 (NZDT)
To: Patrick McManus <mcmanus@ducksong.com>
References: <CAOdDvNqam930_0eA1p3yHW+xDdOm0AAMKvVKe6xwNwm1itpRpQ@mail.gmail.com> <f5bd0a86-57e2-7d6c-09a7-86d6a8639ce0@treenet.co.nz> <CAOdDvNrua_-RJfNz-+i1gN2tBH8wGXzGGGhL1MeLrsPqnAM0JQ@mail.gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
From: Amos Jeffries <squid3@treenet.co.nz>
Message-ID: <e1255f7b-6c04-576c-0e58-f5288eeeede1@treenet.co.nz>
Date: Thu, 27 Oct 2016 15:23:17 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <CAOdDvNrua_-RJfNz-+i1gN2tBH8wGXzGGGhL1MeLrsPqnAM0JQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=121.99.228.82; envelope-from=squid3@treenet.co.nz; helo=treenet.co.nz
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.271, BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1bzaMC-0005Mt-Kw 2d913a38006312563fb382046b436288
X-Original-To: ietf-http-wg@w3.org
Subject: Re: ID for Immutable
Archived-At: <http://www.w3.org/mid/e1255f7b-6c04-576c-0e58-f5288eeeede1@treenet.co.nz>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32684
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 27/10/2016 2:28 p.m., Patrick McManus wrote:
> hey amos - thanks for the thoughtful reply. Let's work through these and
> I'll incorporate it into a -01
> 
> On Wed, Oct 26, 2016 at 7:36 PM, Amos Jeffries wrote:
> 
>>
>> This control seems like it will also be useful for proxy caches to
>> prevent relaying the same revalidations from older clients that don't
>> support the control.
>>
>> However the draft does not mention any proxy handling.
>>
>> * does it override must-revalidate etc on the stored response?
>>  - what about proxy-revalidate?
>>
> 
> my understanding is that must-revalidate and proxy-revalidate only apply to
> stale responses. immutable only applies to fresh responses - therefore I
> don't think it has any impact on *-revalidate handling.
> 
> 
>>
>> * does it override a client request max-age=0 and/or request no-cache?
>>  - the stated intention implies that it does.
>>
>>
> I think a request with no-cache means don't use the cache - so any
> directives in the cache including immutable are irrelevant. (the draft
> should say this about immutable). I wouldn't think requests bearing
> no-cache are using revalidations anywhere along the chain - this is
> normally the mechanism afaik used to correct corruption.
> 
> max-age=0 is messy, but I think OK, for a proxy cache to apply the
> immutable logic to its stored fresh response. The alternative is really
> just to revalidate it, but the meaning of immutable is that the
> revalidation is going to return 304 during the freshness lifetime.
> 
> You would need to make sure not to send a Age > 0 in the response.
> 

Hmm. Does that mean we need to update the output Date header with the
amount which would otherwise be in Age?

Which makes me wonder if immutable needs to be forbidden on responses
with heuristic freshness. The current wording does not differentiate
between explicit and heuristic freshness.

If we adjust the Date in the absence of a Last-Modified we could be
wrongly extending the freshness period estimated by downstream caches.


> 
>> * assuming immutable overrides those client reload signals; is the proxy
>> supposed to deliver a 200, 304 or 4xx to clients sending max-age=0 ?
>>
>>
> I don't think immutable impacts that much. The proxy has used immutable to
> auto-revalidate its stored response.. whether it returns that to the
> user-agent as a 200 or 304 I would assume would depend on whether the
> user-agent made a conditional request.

Okay.

> 
> 
>> * how does immutable interact with the 'must not send on re-use' headers?
>>  - ie. no-cache="Set-Cookie", private="Set-Cookie" and similar cases ?
>>
> 
> you're going to have to walk me through what you're thinking here because
> I'm not immediately seeing the relevance. Immutable allows a client
> (including a proxy) that is about to make a conditional request for a fresh
> stored response to know that it is going to receive a 304 for that before
> doing so and therefore avoid the transaction if it chooses to. Are you
> suggesting that the resource varies by cookie or somesuch? I would think
> that would be taken into account in the general logic of "do I have a fresh
> resource for this request" logic.
> 
> wdyt?
> 

The main use-case for those controls using lists of header names is to
force a revalidate to get new values per-client for those headers.
Set-Cookie being the one seen most often, though others are possible.

At present we revalidate stored responses with these controls so the 304
from the server can produce any relevant new values for the new client.

Going with the style of immutable meaning as implicit 304 from upstream
we could just drop the headers as if it had produced none. But that is
quite a gotcha situation any applications using immutable will need to
be warned about clearly.

Amos