Re: HTTP router point-of-view concerns

Sam Pullara <spullara@gmail.com> Thu, 11 July 2013 19:22 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA9EE21F9A83 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 11 Jul 2013 12:22:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CrBrON+BOX1E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 11 Jul 2013 12:22:40 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id D692721F9B5C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 11 Jul 2013 12:22:39 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UxMQM-0000Gu-Ik for ietf-http-wg-dist@listhub.w3.org; Thu, 11 Jul 2013 19:21:06 +0000
Resent-Date: Thu, 11 Jul 2013 19:21:06 +0000
Resent-Message-Id: <E1UxMQM-0000Gu-Ik@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <spullara@gmail.com>) id 1UxMQC-0000Fs-Dr for ietf-http-wg@listhub.w3.org; Thu, 11 Jul 2013 19:20:56 +0000
Received: from mail-pd0-f181.google.com ([209.85.192.181]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <spullara@gmail.com>) id 1UxMQB-00009b-Dr for ietf-http-wg@w3.org; Thu, 11 Jul 2013 19:20:56 +0000
Received: by mail-pd0-f181.google.com with SMTP id 14so7847539pdj.12 for <ietf-http-wg@w3.org>; Thu, 11 Jul 2013 12:20:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; bh=q/ZDf+2bAVtXsDwA3op58R0bCc0+XNL2WGHbjeIoG3A=; b=wCMSNXzCmVtglr9Lt6i3SM6KG2aAK+m9zAWP5BiHdhFgph0ZxckRxjW/Pjl3nqGZHH 2W1/vKS2eiY0uKBcM/LzDBZfOOzRq1eHrygGj129rdxnBCUyIIIQJeTrkULWTOe8oQ3+ 6nnr45JJWFLO3zMrSuP2mTMULHWhbpkkV4T5K5QqyszrnIl6K+TdXx4QACfgX3p4LAL+ LEJyUhYVm4TFCMe21VAsssP0qZx7B0bWs9VvlaIpeEj9vRgPcj/A2YQV6ihpUdOocYsh p6YfXQopX3ZczHuV/o5vUGLwQ8OfgTCLknSMQoYBx/8ALB8ZY8tKXTQR/AlHDZWzR+vl qhbQ==
X-Received: by 10.66.20.129 with SMTP id n1mr39816421pae.93.1373570429000; Thu, 11 Jul 2013 12:20:29 -0700 (PDT)
Received: from samair11.shv.com (mail.shv.com. [209.237.52.250]) by mx.google.com with ESMTPSA id qg10sm11403928pbb.2.2013.07.11.12.20.27 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 11 Jul 2013 12:20:28 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Sam Pullara <spullara@gmail.com>
In-Reply-To: <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com>
Date: Thu, 11 Jul 2013 10:21:00 -0700
Cc: Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com>
References: <CA+qvzFPUpcm6kUtJx+rTw8Dpp4Gtx4Bmr3XPDhjNsjchUfN9_w@mail.gmail.com> <51DE1E32.9010801@treenet.co.nz> <CAP+FsNdcYhA=V5Z+zbt70b5e7WmcmXgjG5M9L3vfXeXfTwmRnw@mail.gmail.com> <51DE327C.7010901@treenet.co.nz> <CABkgnnXeqD6wh0dcJ1Dz=4PLAJNkDeGcCuzMr9ATd_7xS7nbGQ@mail.gmail.com> <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com>
To: James M Snell <jasnell@gmail.com>
X-Mailer: Apple Mail (2.1508)
Received-SPF: pass client-ip=209.85.192.181; envelope-from=spullara@gmail.com; helo=mail-pd0-f181.google.com
X-W3C-Hub-Spam-Status: No, score=-3.2
X-W3C-Hub-Spam-Report: AWL=-3.061, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UxMQB-00009b-Dr 43bacd0ab0bf0c9a576a831bd6b760ba
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18700
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

How sure are we that the entire idea of header compression isn't a bad idea? I implemented something similar in the WebLogic T3 protocol (BubblingAbbrevTable, probably still in there) and it was mostly just a pain. If I were to go back I would just use gzip with some agreed upon seed dictionary. Thought I would bring this up since it seems like it is a very controversial feature to begin with.

Sam

On Jul 11, 2013, at 10:14 AM, James M Snell <jasnell@gmail.com> wrote:

> Yes, the ability to set compression context size to 0 is very useful.
> My fears around this area are:
> 
> 1. In order to achieve maximum throughput, Intermediaries may opt to
> *always* set compression context to 0, forcing the headers to always
> be passed as Literals, killing the utility of having the header
> compression mechanism there in the first place.
> 
> 2. The assumption of a non-zero default compression context size when
> the connection is established opens a race condition that a malicious
> sender could exploit in a denial of service attack. Yes, the receiver
> could opt to terminate the connection once it detects bad behavior,
> but there is still a potential window of time there where the receiver
> could be forced to do significant additional work.
> 
>  (This is particularly bad given that header continuations are unbounded.)
> 
> 3. Setting the compression context size to 0 does not stop the sender
> from sending the Indexed Literal instructions anyway. The receiving
> endpoint would still be required to process those instructions even if
> the data is not actually being indexed, causing CPU cycles to be
> consumed. For any individual block of headers it may not be a
> significant load, but it's something that needs to be addressed.
> 
>  (This can be fixed in the spec by stating that any attempt to Index
> any individual (name,value) whose size is greater than the available
> header table size results in a Compression Error. Making this change
> would mean that when Compression Context size is 0, the only operation
> that would not result in an error is Literal without Indexing. This
> was discussed on the list but as far as I can tell it's not yet
> captured in the spec).
> 
> 4. The fact that header continuations can be unbounded is deeply
> troubling, especially given that the endpoint is required to buffer
> and process the complete header block (well.. that's only half true,
> the encoding does allow for incremental processing of the HEADERS
> frame payloads but the spec requires that the complete header block is
> always processed). Sure, the recipient is free to terminate the
> connection as soon as it detects bad behavior, but the sender could
> end up forcing the recipient to do a significant amount of extra
> processing with a never ending sequence of HEADERS frames. Smart
> implementations will know how to deal with this, yes, but overall it
> adds to the already growing list of "New Complex Things" that an
> HTTP/2 implementer needs to know about.
> 
>  (In the implementation I've done, I provide a configuration
> parameter that allows a developer to cap the number of the
> continuations and the total size of the header block)
> 
> I know that we're in "implementation" phase right now and that
> everyone is busy getting their code ready for testing in August, but
> after updating my implementation to the latest version of the draft,
> my concerns with regards to stateful header compression definitely
> remain.
> 
> On Thu, Jul 11, 2013 at 9:36 AM, Martin Thomson
> <martin.thomson@gmail.com> wrote:
>> On 10 July 2013 21:20, Amos Jeffries <squid3@treenet.co.nz> wrote:
>>> It seems not to be negotiable from the recipients side.
>> 
>> Compression context size = 0 is entirely negotiable from the recipient
>> end, with a small wrinkle, that I know some folks are working on.
>> Which is, a client can start using a default compression context size
>> prior to learning that a server has no space (substitute intermediary
>> as appropriate there).
>> 
>