Re: Measurement of H2 ORIGIN Frames, revisiting CERTIFICATE Frames?
Peter Lepeska <bizzbyster@gmail.com> Thu, 29 September 2022 12:59 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95D0AC14CE3B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 29 Sep 2022 05:59:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.059
X-Spam-Level:
X-Spam-Status: No, score=-5.059 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0a-Nzs6jwbUC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 29 Sep 2022 05:59:30 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BC88C1524B9 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 29 Sep 2022 05:59:29 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1odt5b-00FSLv-C8 for ietf-http-wg-dist@listhub.w3.org; Thu, 29 Sep 2022 12:56:31 +0000
Resent-Date: Thu, 29 Sep 2022 12:56:31 +0000
Resent-Message-Id: <E1odt5b-00FSLv-C8@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <bizzbyster@gmail.com>) id 1odt5Z-00FSL0-MS for ietf-http-wg@listhub.w3.org; Thu, 29 Sep 2022 12:56:29 +0000
Received: from mail-lf1-x12d.google.com ([2a00:1450:4864:20::12d]) by titan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <bizzbyster@gmail.com>) id 1odt5X-005soI-PQ for ietf-http-wg@w3.org; Thu, 29 Sep 2022 12:56:29 +0000
Received: by mail-lf1-x12d.google.com with SMTP id a3so2088859lfk.9 for <ietf-http-wg@w3.org>; Thu, 29 Sep 2022 05:56:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=cpqNTFPU+VOJAgV7UvaRgf2Qate12mkx04z78Glhakg=; b=XLzg2nxI+XbMGChaPVlx8shhVSvRsiW3wAND17kRr9oQ6wkciKw9Woqkcu55WDhUdZ sH+8vF9McyPNn19hz/wlEELtVwFvDL4i3shHXShi8/5QxyZrUcG7f9ioFAqARzXrY6tn qL7vtLM9V/XrVOSW5Ee30g0BIN01EuyGji5rAH1CXLBkiLzGLh2/nbFM+mv0U8a1VNCd UUF15n9cdcY2B9FtirDldZKZv4i3CzDzdkBAa4jgMGkH90H6LpaWU9Xh2dEgz+fucHku ezveiWw8hr7/gSElyKG2+MRPts6ILcus2yeIiUN1UQHmgKopB38LaPmYqmTa4ZH7VnPG 5dmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=cpqNTFPU+VOJAgV7UvaRgf2Qate12mkx04z78Glhakg=; b=6JO6xLvpakz19ghQITiDXn7URB+4HFYfSfm82vuLbS11TneMKwBzU37QfqQ24necO0 bIp6+3/uU5svxEl1zkuvu2imWyMY+wuR3QGFdpBK+KTTpU/a8X1yLoLFj/sQW9bE62r3 YLWiCKEgQIvgrwMXqwlpAwlJtLPnvXUKiToB6sFZx5PUEWE2M3MTR9UHduJxcXDyutXg VUoM3RrreHx+8+l/9CTezhpbwfRpYSFkZG4aq88PeRdczbjFY3GnufBG33MN39L/PlO0 mbR6Ry0ixLyfwyUkjIuZeL/bnE2Y3l5/8HknM5Xq17nOGYY0OOJJMxxHelZeGorjuNke 0ZvA==
X-Gm-Message-State: ACrzQf1qOZgulO97ijP6f+U4cqkUNzSZWttAyMHBgBWEMIogRuR6KF/5 /5h5Xi/xp9PrYSG4Ie+bFHWr48361dkwJoVmd0o=
X-Google-Smtp-Source: AMsMyM5uSqvy9Mp0CWBE0vAjsoKz/AgcX8MnMo6EnYyPwePzqQoiKx8xbBA+iPEHqXA/J2Izk2dqldBcMEN6JO21lK4=
X-Received: by 2002:ac2:4bc1:0:b0:4a1:c4ad:fed5 with SMTP id o1-20020ac24bc1000000b004a1c4adfed5mr1241714lfq.253.1664456176063; Thu, 29 Sep 2022 05:56:16 -0700 (PDT)
MIME-Version: 1.0
References: <CADyOdHsC-dbDJ8GUnxGF8G55eEg=wi7PruYbnTcNNU3cH4j8Og@mail.gmail.com>
In-Reply-To: <CADyOdHsC-dbDJ8GUnxGF8G55eEg=wi7PruYbnTcNNU3cH4j8Og@mail.gmail.com>
From: Peter Lepeska <bizzbyster@gmail.com>
Date: Thu, 29 Sep 2022 08:56:04 -0400
Message-ID: <CANmPAYGhJL5xLRO-nfigmry4Rs=pKtoidSSFNngPOgrbyJ2arw@mail.gmail.com>
To: Sudheesh Singanamalla <sudheesh@cs.washington.edu>
Cc: ietf-http-wg@w3.org, Marwan Fayed <marwan@cloudflare.com>, Jonathan Hoyland <jhoyland@cloudflare.com>, Kurtis Heimerl <kheimerl@cs.washington.edu>, Chris Wood <chriswood@cloudflare.com>, suleman@cloudflare.com
Content-Type: multipart/alternative; boundary="0000000000001e5ed605e9d06733"
Received-SPF: pass client-ip=2a00:1450:4864:20::12d; envelope-from=bizzbyster@gmail.com; helo=mail-lf1-x12d.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=bizzbyster@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1odt5X-005soI-PQ 768db10e30d1e3d632624fad29963b47
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Measurement of H2 ORIGIN Frames, revisiting CERTIFICATE Frames?
Archived-At: <https://www.w3.org/mid/CANmPAYGhJL5xLRO-nfigmry4Rs=pKtoidSSFNngPOgrbyJ2arw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40416
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Sudheesh, You may not care to go further back in time in your intro but old timers like me will remember earlier pre HTTP/2 reasons that web performance gurus used to advocate for domain sharding, which you mention here: "... The gains were themselves bottlenecked by head-of-line blocking [35, 39]. This led to a practice of domain sharding, in which browsers are ‘tricked’ into initiating new and parallel connections to multiple subdomains [30]. As a result, the burden of managing multiple connections, scheduling requests, and optimizing rendering pipelines shifted to browsers. Including overcoming TCP slow start and increasing concurrency. Totally understand if you don't want to go down those memory lanes but it is interesting to watch as the web performance community seems to oscillate between advocating for more concurrent connections and advocating for coalescing resource requests on to fewer connections. QUIC promises to put this back-and-forth to bed but of course it comes with its own bandwidth limitations for high latency / bandwidth product networks that might make a future web acceleration guru to yet again advocate against coalescing. It's almost like that Marc Andreessen quote but applied to web performance optimization: “Only two ways to make money in business: One is to bundle; the other is unbundle.” :) Thanks, Peter On Mon, Sep 26, 2022 at 9:06 AM Sudheesh Singanamalla < sudheesh@cs.washington.edu> wrote: > Hello everyone, > > I would like to share some work from Cloudflare that may help inform > ORIGIN Frame (and by extension, CERTIFICATE Frame) and, if there is > interest, also present at the upcoming IETF 115. > > Cloudflare has been experimenting with H2 ORIGIN Frames > <https://httpwg.org/specs/rfc8336.html> and recently published findings, > experience, and insights in a paper to appear at the upcoming ACM > Internet Measurement Conference > <https://conferences.sigcomm.org/imc/2022/>. Here's a link to the preprint > of the paper > <https://files.research.cloudflare.com/publication/Singanamalla2022.pdf> > in case you're all interested. > > Overall, the key observations from our work are: > 1. Large-scale measurements indicate the current ecosystem has lots of > opportunity to coalesce connections with ORIGIN, with only small (1 to 5) > additions to certificate SANs. > 2. The immediate motivation to support ORIGIN frames should be privacy, > followed by opening opportunities for resource scheduling at the endpoints > (e.g. prioritizations and early hints) that is not violated by competing > connections for those resources. > 3. Perhaps counter-intuitive, performance should not be assumed to improve > but results suggest no worse is appropriate. Servers, of course, may > benefit from fewer sockets and connection state. > 4. Non-compliant network stacks do exist in the wild which might not drop > unknown frames and result in tear-down of the connections. > > All told, we feel these results might bring attention to ORIGIN in H3 > <https://httpwg.org/http-extensions/draft-ietf-httpbis-origin-h3.html>, > and maybe, too, revisit the CERTIFICATE frames > <https://datatracker..ietf.org/doc/html/draft-ietf-httpbis-http2-secondary-certs-06> > draft. > > Thanks, > Sudheesh >
- Measurement of H2 ORIGIN Frames, revisiting CERTI… Sudheesh Singanamalla
- Re: Measurement of H2 ORIGIN Frames, revisiting C… Peter Lepeska