draft-fielding-http-key-02 obvious shortcoming & failure

Henrik Nordström <henrik@henriknordstrom.net> Thu, 25 July 2013 18:41 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 8A5F621F968B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Jul 2013 11:41:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id AKKwsFaPX16J for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Jul 2013 11:41:18 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org []) by ietfa.amsl.com (Postfix) with ESMTP id 47B4421F8F4F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Jul 2013 11:41:17 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1V2QSm-0003T6-CI for ietf-http-wg-dist@listhub.w3.org; Thu, 25 Jul 2013 18:40:32 +0000
Resent-Date: Thu, 25 Jul 2013 18:40:32 +0000
Resent-Message-Id: <E1V2QSm-0003T6-CI@frink.w3.org>
Received: from lisa.w3.org ([]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <henrik@henriknordstrom.net>) id 1V2QSi-0003Rm-B8 for ietf-http-wg@listhub.w3.org; Thu, 25 Jul 2013 18:40:28 +0000
Received: from vps1.hno.se ([]) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <henrik@henriknordstrom.net>) id 1V2QSg-0005cB-RG for ietf-http-wg@w3.org; Thu, 25 Jul 2013 18:40:28 +0000
Received: from home.hno.se (home.hno.se [IPv6:2001:470:df90::1]) (authenticated bits=128) by vps1.hno.se (8.14.4/8.14.4) with ESMTP id r6PIdtRp027736 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 25 Jul 2013 20:39:57 +0200
Received: from henrik ([]) (authenticated bits=0) by home.hno.se (8.14.5/8.14.5) with ESMTP id r6PIdpgB013967 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 25 Jul 2013 20:39:52 +0200
Message-ID: <1374777546.18069.30.camel@localhost>
From: Henrik Nordström <henrik@henriknordstrom.net>
To: Mark Nottingham <mnot@mnot.net>, "Roy T. Fielding" <fielding@gbiv.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Date: Thu, 25 Jul 2013 20:39:06 +0200
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.8.3 (3.8.3-2.fc19)
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Received-SPF: none client-ip=; envelope-from=henrik@henriknordstrom.net; helo=vps1.hno.se
X-W3C-Hub-Spam-Status: No, score=0.0
X-W3C-Hub-Spam-Report: none
X-W3C-Scan-Sig: lisa.w3.org 1V2QSg-0005cB-RG 061bad3975acb8f187bb9bedadd029be
X-Original-To: ietf-http-wg@w3.org
Subject: draft-fielding-http-key-02 obvious shortcoming & failure
Archived-At: <http://www.w3.org/mid/1374777546.18069.30.camel@localhost>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18928
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Learnt about the Key draft today in another discussion about how to
cache Vary responses, and reading the document I see a noticeble
shortcoming and failure of the proposed algorithm.

In "2.2.4. "p": Parameter Prefix Match Modifier" you have

Key: Accept;p="text/html"

And a seemingly nice looking list of things it matches and do not match.
So far so good. But it will also match

Accept: text/plain;q=0

which is the opposite. Here the client says it do not accept text/plain.

same issue applies to any other header using quality attribute.

It also fails to represent quality selection among different variants in
general. I.e. when there is both text/html and text/plain versions and
one client prefers plain, the other html but both can process both.