Upgrade failure and Connection: close request header (Re: Adoption call for draft-schwartz-httpbis-optimistic-upgrade)

Kazuho Oku <kazuhooku@gmail.com> Wed, 31 July 2024 05:14 UTC

Received: by ietfa.amsl.com (Postfix) id 655A3C1840D3; Tue, 30 Jul 2024 22:14:42 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64A66C1840CD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 30 Jul 2024 22:14:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.856
X-Spam-Level:
X-Spam-Status: No, score=-2.856 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="olllQprG"; dkim=pass (2048-bit key) header.d=w3.org header.b="QGydXzq0"; dkim=pass (2048-bit key) header.d=gmail.com header.b="l0jldMA1"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cZGeloPX90Q4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 30 Jul 2024 22:14:41 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DE9CC1840C8 for <httpbisa-archive-bis2Juki@ietf.org>; Tue, 30 Jul 2024 22:14:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=d94wq6H0flG5t8k+Za+6REZDfb0n/6nvEF8l466RmIE=; b=olllQprGEibjm34o5N14kj9NA8 Su8mlSgKs3I9FgnfodFOnAZiGteNXJ6bEEytNc1ZPL8azhA18WQDGRd64LXhoAo75XEGFZnzysFqc szqCL5/wqu5bPjpJT935Y3ycAn3kpuWfk1z94GFhOm4R3vl0kf868ITpEMyW1HkP43jsrcttMGRpJ 8izs5vC0Dn+DFX2heWANMXeAel9M0QY2jeGHxIgvo19/paAdDFZnQgsB3iWmUC4OTji6x3RlT2ATd NEMyqgS0GHBKrd1EATm5guY+bpH+BS0aBc0Xrlcc1gL0OExst/h56uQxp1uruqdmiWok1ObKd3NFY A3NDuaaQ==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sZ1ef-003y6i-2C for ietf-http-wg-dist@listhub.w3.org; Wed, 31 Jul 2024 05:13:41 +0000
Resent-Date: Wed, 31 Jul 2024 05:13:41 +0000
Resent-Message-Id: <E1sZ1ef-003y6i-2C@mab.w3.org>
Received: from ip-10-0-0-144.ec2.internal ([10.0.0.144] helo=pan.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <kazuhooku@gmail.com>) id 1sZ1ec-003y5l-1n for ietf-http-wg@listhub.w3.internal; Wed, 31 Jul 2024 05:13:38 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=d94wq6H0flG5t8k+Za+6REZDfb0n/6nvEF8l466RmIE=; t=1722402818; x=1723266818; b=QGydXzq0Gf0aUJBgdoP/YGA+98t2isCXJJFILqZYNXXNwpV6X1uKTyOupCHfZio8dUQw2J5mHwQ jXo3cJH4ONDV6MPT/brGnLzDaiOdZjEnAjd6AmO81H2CMb6ifYFg8YTsBWBYJE3vS6OBJDbZZgX2z Qx6hn5DhE+d3ougv1VPszBhtUdepV4l7GUUzSPXWKHsu0wG9iG6wKIFI/ooXF6Zky7KM1Ww6iPaM6 OjxlrhyO1nqAkPjcwcpQiDNNM2Ujc8S9GGeIOzoZq+AErdJ24tKU9UPCqxBr5SEz0hyn2QuSvKMaO WlzgaCJElvYU8wewDFynJ/cD0+TEpxi9qOsQ==;
Received-SPF: pass (pan.w3.org: domain of gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) client-ip=2607:f8b0:4864:20::432; envelope-from=kazuhooku@gmail.com; helo=mail-pf1-x432.google.com;
Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <kazuhooku@gmail.com>) id 1sZ1eb-00EyhU-2P for ietf-http-wg@w3.org; Wed, 31 Jul 2024 05:13:38 +0000
Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-70d333d57cdso3742266b3a.3 for <ietf-http-wg@w3.org>; Tue, 30 Jul 2024 22:13:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722402814; x=1723007614; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=d94wq6H0flG5t8k+Za+6REZDfb0n/6nvEF8l466RmIE=; b=l0jldMA164RpQNp0Mx0b6Rjkdxe8KCXK3Zpl9K6Jj5PfTN0FrOvL9zpNeMo14o1Foz 59doH/XHl1yK/EEcjxigCBdrxtyD8layF8fbBmtnmb5orKeaHt2b7okn+7JCxrJSO5SG DTbLPQzygtO9oR4+LuVBZj/TDKCbhfLZazTk7QgN4DOd47Jz3kWNKM9N/HDpvFiJxQlc fCVOp1hxxiamEWBeHc9/Pz1sY2RmlM4mQdUYcGTSr+ays2Xd1qskixaNGKoHmAehl9Jg aaXyV3yN/T29WZwP6FlKawIScnNgdWrW0XUrxuD0/O3AiGShDgWuFQR6NRpcpYYYGcyl CpMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722402814; x=1723007614; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=d94wq6H0flG5t8k+Za+6REZDfb0n/6nvEF8l466RmIE=; b=luSQUQxN8dVof4Aw/J71Cwt/3BwTXRsSF/JmmmI+4N/EbDE8r/weaeIFwxZOowomTV V/vljLQXAVN7tZLd7Gfgefbujj5GVq50pCupEVq2TW7OHICVs5UgLT8tfYKRSdUFq2Ak JVi4NQSJtizlUIx9lNuoQJvWEPdEaL2p1UFIGBG9wPAJMGbB8IU1tvsEr2L/cxeeVzNa 2uGgfCnLzTIEX0xm7mwmlmnEGn/b53uyMvOfragF48GrF0mjqKYacudu1DQ85mZgHM0d K6gMBNQlYAmb6HC8+a+OnpKEip383EzUp8gYu8zUkGIshWf/WmAR3hLOGt/5bpFDerzf Yuvw==
X-Gm-Message-State: AOJu0YzICbzI/rvDstnCEMPFzG42YPmjeaFtYUoncpvK3FC5b4XT7qBO DSwh/zb9P8jxAobLSAP8nJroPR43ENEIoyv2+aPxRvY2Jdu3xE3/1aLTTpDqNv274ZzNx6GiJsV FvqqPM/iYSKcqHWB3kDG5gm0El7owGpBW
X-Google-Smtp-Source: AGHT+IEvgYdYBS+6i+bolVUKiaPaAE4WtYpuvRkN5Ig8g+wqTceGJNy77mfW3ZcJIO5tN3J4r+AiZEkAVAPMD2+crak=
X-Received: by 2002:a05:6a21:99a2:b0:1c3:b102:bdfb with SMTP id adf61e73a8af0-1c4a14d9210mr12362456637.43.1722402813477; Tue, 30 Jul 2024 22:13:33 -0700 (PDT)
MIME-Version: 1.0
References: <DC01619C-3B1C-4AE8-B331-56B1CE3E7120@apple.com>
In-Reply-To: <DC01619C-3B1C-4AE8-B331-56B1CE3E7120@apple.com>
From: Kazuho Oku <kazuhooku@gmail.com>
Date: Wed, 31 Jul 2024 14:13:21 +0900
Message-ID: <CANatvzy5H6BCjAzPvGWitMvi96PG_q3Es5eqRm1rMGDr94XZCw@mail.gmail.com>
To: Ben Schwartz <bemasc@meta.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000db89c6061e842770"
X-W3C-Hub-DKIM-Status: validation passed: (address=kazuhooku@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1sZ1eb-00EyhU-2P b908ddb5e38aab4761d7b63e0e70f688
X-Original-To: ietf-http-wg@w3.org
Subject: Upgrade failure and Connection: close request header (Re: Adoption call for draft-schwartz-httpbis-optimistic-upgrade)
Archived-At: <https://www.w3.org/mid/CANatvzy5H6BCjAzPvGWitMvi96PG_q3Es5eqRm1rMGDr94XZCw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52169
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi folks,

This might be a dumb question, but I have one thing to ask regarding the
concerns and the mitigations that we have laid out in
draft-ietf-httpbis-optimistic-upgrade.

IIUC, so far, we have assumed that "a client cannot necessarily begin using
an upgraded protocol merely because it has finished sending the upgrade
request message" on HTTP/1.1, under the rationale that if the server
rejects an upgrade the payload of the upgraded protocol will be considered
the next HTTP request.

Is that true even if the client sent "Connection: close, upgrade",
indicating that the upgrade request is the last request being sent on the
connection?

I'm asking this because if "Connection: close, upgrade" is parsed as such,
clients can retain the opportunity to optimistically start sending the
bytes of the upgrade protocol.

If that does not work (or if it is deemed too risky), I think it might be
worth pointing out in the draft that it is so.

PS. Regardless of how the question turns out, I think the draft is
important and that it is becoming in good shape. Thank you to Ben and
others for all the efforts.

2024年1月24日(水) 2:43 Tommy Pauly <tpauly@apple.com>:

> Hello HTTP,
>
> This email starts a working group adoption call for "Security
> Considerations for Optimistic Use of HTTP
> Upgrade”, draft-schwartz-httpbis-optimistic-upgrade. Notably, this
> updates RFC 9298 (connect-udp, which was produced by the MASQUE WG) on how
> to handle HTTP Upgrade, including to disallow optimistic data sending for
> HTTP/1.1.
>
> The document can be found here:
>
> https://datatracker.ietf.org/doc/draft-schwartz-httpbis-optimistic-upgrade/
>
> https://www.ietf.org/archive/id/draft-schwartz-httpbis-optimistic-upgrade-00.html
>
> This adoption call will last for 3 weeks, until *Tuesday, February 13*.
> Please reply to this email with your reviews and comments, and whether or
> not you think HTTPBIS should adopt this draft.
>
> Thanks,
> Tommy
>


-- 
Kazuho Oku