Re: HTTP router point-of-view concerns
Christian Parpart <trapni@gmail.com> Fri, 12 July 2013 12:48 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7F2311E8106 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Jul 2013 05:48:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l5qA+zURIdlY for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Jul 2013 05:48:50 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 4F6AF11E80F9 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 12 Jul 2013 05:48:49 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UxclI-0005PX-19 for ietf-http-wg-dist@listhub.w3.org; Fri, 12 Jul 2013 12:47:48 +0000
Resent-Date: Fri, 12 Jul 2013 12:47:48 +0000
Resent-Message-Id: <E1UxclI-0005PX-19@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <trapni@gmail.com>) id 1UxclA-0005Or-AM for ietf-http-wg@listhub.w3.org; Fri, 12 Jul 2013 12:47:40 +0000
Received: from mail-qa0-f42.google.com ([209.85.216.42]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <trapni@gmail.com>) id 1Uxcl5-0008PH-Oa for ietf-http-wg@w3.org; Fri, 12 Jul 2013 12:47:40 +0000
Received: by mail-qa0-f42.google.com with SMTP id hu16so299688qab.15 for <ietf-http-wg@w3.org>; Fri, 12 Jul 2013 05:47:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=iZY/nl2J4rWIY8UtqhTs1lPvl0uCW548wPo428M2BXI=; b=oHADtnzoKNi2I7l+qe7A+T3nYP1n6tmIiRbmXTaQHvJe9OMLcuWpsMmedGZ/L7CIg/ CnebqLn6MItx1eKmwV8ionRoC0Dj9DnrAm29V2vpnneLHM44VlhrPJsnHg9J9Yf/WwY8 EFJzw/W6+S2X+VAwO4ShY70QIXFZrRVsHqTjurdtufGM++bXoxi+spP6xQ+YH+VaiZ2T f9OuzCJUSNfj5OY4t3TN898oyN4qXYvqXL87i00xn8CEw3h0YDSPAzqx6nV1UVOcwSso VBuWDz09lpL74OayyoJMAmS597/k2jRH8V4I4ieawINB1BbhIrUAZW5wlD7mx7wtcfj1 kiyQ==
MIME-Version: 1.0
X-Received: by 10.49.1.74 with SMTP id 10mr34268184qek.20.1373633230082; Fri, 12 Jul 2013 05:47:10 -0700 (PDT)
Received: by 10.49.97.229 with HTTP; Fri, 12 Jul 2013 05:47:09 -0700 (PDT)
In-Reply-To: <C0C65ACC-673E-4E07-B2D0-B84723755E6F@apple.com>
References: <CA+qvzFPUpcm6kUtJx+rTw8Dpp4Gtx4Bmr3XPDhjNsjchUfN9_w@mail.gmail.com> <51DE1E32.9010801@treenet.co.nz> <CAP+FsNdcYhA=V5Z+zbt70b5e7WmcmXgjG5M9L3vfXeXfTwmRnw@mail.gmail.com> <51DE327C.7010901@treenet.co.nz> <CABkgnnXeqD6wh0dcJ1Dz=4PLAJNkDeGcCuzMr9ATd_7xS7nbGQ@mail.gmail.com> <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com> <092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com> <3835.1373612286@critter.freebsd.dk> <CD9E163F-1225-4DA8-9982-8BDBD16B1051@mnot.net> <1772.1373629495@critter.freebsd.dk> <C0C65ACC-673E-4E07-B2D0-B84723755E6F@apple.com>
Date: Fri, 12 Jul 2013 14:47:09 +0200
Message-ID: <CA+qvzFPya3nVZBV2Wes2gWQqgTa34gXb9DK8zhoK1GNx52XCXQ@mail.gmail.com>
From: Christian Parpart <trapni@gmail.com>
To: Michael Sweet <msweet@apple.com>
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, Mark Nottingham <mnot@mnot.net>, Sam Pullara <spullara@gmail.com>, James M Snell <jasnell@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7b6d82febb1c7e04e14fe877"
Received-SPF: pass client-ip=209.85.216.42; envelope-from=trapni@gmail.com; helo=mail-qa0-f42.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.710, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1Uxcl5-0008PH-Oa c91a6cbf7c8a378019b5f4bd24e32147
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/CA+qvzFPya3nVZBV2Wes2gWQqgTa34gXb9DK8zhoK1GNx52XCXQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18723
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On Fri, Jul 12, 2013 at 2:40 PM, Michael Sweet <msweet@apple.com> wrote: > Then just add the User-Agent and Server values to the settings frames the > client and server exchange? > if it would be *that* simple, then dont' forget the cookie and the user-agent. > Sent from my iPad > > On 2013-07-12, at 7:44 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > > > In message <CD9E163F-1225-4DA8-9982-8BDBD16B1051@mnot.net>, Mark > Nottingham wri > > tes: > > > >> This has been brought up a number of times. I think what we need is a = > >> concrete proposal *with* a detailed plan for a workable transition to = > >> the new mechanism -- which seems to be the (or at least one) sticking = > >> point whenever this comes up. > > > > I have given a concrete example multiple times, it's very simple: > > > > The client always sends along a session-identifier of N (128?) > > bits. > > > > If the first bit is zero, this is an anonymous, transient > > session, not (to be) associated with any other session. > > > > If the first bit is one, this is a persistent session > > identifier, which the server can use to look up any relevant > > state or information from previous instances of this > > session, in its local database. > > > > This replaces the Cookie: and Set-Cookie: headers, which > > SHALL NOT be sent in the HTTP/2.0 protocol. > > > > Advantages: > > > > We get a fixed size session-identifier for HTTP routers to > > use for flow-routing. > > > > We get an actual (client controlled) session-concept, rather > > than all sorts of ad-hoc simulations with cookies. > > > > Data with privacy-concerns are stored on the server not on > > random clients the user happens to borrow or use. > > > > The overhead of encrypting and signing the data in cookies > > is avoided, since they are stored on the server side where > > nobody can fudge them. > > > > Backwards compatibility: > > > > It should be obvious that simulating the Cookie concept for > > framework compatibility on the server side is a trivial > > matter of programming: Rather than send set-cookies, write > > them to a database, indexed by the session-id. Rather than > > receive Cookie: headers, look them up in the database. > > > > There, solved. > > > > Again. > > > > -- > > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > > phk@FreeBSD.ORG | TCP/IP since RFC 956 > > FreeBSD committer | BSD since 4.3-tahoe > > Never attribute to malice what can adequately be explained by > incompetence. > > > >
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Michael Sweet
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Patrick McManus
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Mark Nottingham
- Re: HTTP router point-of-view concerns Mike Belshe
- Re: HTTP router point-of-view concerns Gábor Molnár
- Re: HTTP router point-of-view concerns Gábor Molnár
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Michael Sweet
- Re: HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Patrick McManus
- Re: HTTP router point-of-view concerns Jeff Pinner
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Ludin, Stephen
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Mark Delany
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Stephen Farrell
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Martin Nilsson
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Nico Williams