IETF Logo Mail Archive

Re: HTTP router point-of-view concerns

Willy Tarreau <w@1wt.eu> Sat, 13 July 2013 19:15 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 612A521F9E40 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 12:15:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9HE8xyeB50zH for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 12:14:59 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 2C78721F9E73 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 12:14:59 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Uy5Gi-0003D0-9y for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Jul 2013 19:14:08 +0000
Resent-Date: Sat, 13 Jul 2013 19:14:08 +0000
Resent-Message-Id: <E1Uy5Gi-0003D0-9y@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1Uy5Ga-00039e-Fu for ietf-http-wg@listhub.w3.org; Sat, 13 Jul 2013 19:14:00 +0000
Received: from 1wt.eu ([62.212.114.60]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1Uy5GZ-0001kT-Il for ietf-http-wg@w3.org; Sat, 13 Jul 2013 19:14:00 +0000
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id r6DJC248002839; Sat, 13 Jul 2013 21:12:02 +0200
Date: Sat, 13 Jul 2013 21:12:02 +0200
From: Willy Tarreau <w@1wt.eu>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Sam Pullara <spullara@gmail.com>, Mark Nottingham <mnot@mnot.net>, James M Snell <jasnell@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20130713191202.GN32054@1wt.eu>
References: <CABkgnnXeqD6wh0dcJ1Dz=4PLAJNkDeGcCuzMr9ATd_7xS7nbGQ@mail.gmail.com> <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com> <092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com> <3835.1373612286@critter.freebsd.dk> <CD9E163F-1225-4DA8-9982-8BDBD16B1051@mnot.net> <1772.1373629495@critter.freebsd.dk> <20130712125628.GC28893@1wt.eu> <881777F8-86A7-4943-9BBD-8EB2DC306834@gmail.com> <20130713173222.GM32054@1wt.eu> <6782.1373741000@critter.freebsd.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <6782.1373741000@critter.freebsd.dk>
User-Agent: Mutt/1.4.2.3i
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-3.1
X-W3C-Hub-Spam-Report: AWL=-3.055, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01
X-W3C-Scan-Sig: lisa.w3.org 1Uy5GZ-0001kT-Il dbfb24432991112c6e811d8d49cfd55f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/20130713191202.GN32054@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18749
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Sat, Jul 13, 2013 at 06:43:20PM +0000, Poul-Henning Kamp wrote:
> In message <20130713173222.GM32054@1wt.eu>, Willy Tarreau writes:
> >On Sat, Jul 13, 2013 at 09:49:42AM -0700, Sam Pullara wrote:
> 
> >I'm sorry, but cookies are *not* evil. 
> 
> Cookies are not evil, but they cause problems which HTTP/2.0 does not
> need to cause.
> 
> "Automatic EU Cookie directive compliance" would be a really great
> selling point.
> 
> >We could possibly support very short cookies (eg: 16 bit). That should be
> >enough for most large deployments, and clearly not enough to track users.
> 
> I think it is smarter to both solve the cookie and session problems with
> a single field.

No problem but we really need the server side to be able to adjust
part of this field. If we have a 128-bit session ID whose 16 first
bits are preset to zero by the client and may be changed by the
server, we can most likely replace the existing cookie system (it
will also permit servers to handle some of the duplicates that
clients would inevitably cause).

Willy

v2.23.0 | Report a Bug | By Email