Re: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt
Martin Thomson <martin.thomson@gmail.com> Thu, 21 August 2014 16:59 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27D6E1A069C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 21 Aug 2014 09:59:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.67
X-Spam-Level:
X-Spam-Status: No, score=-7.67 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T17_zE8_sF0O for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 21 Aug 2014 09:59:08 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50C1D1A024C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 21 Aug 2014 09:59:07 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XKVeS-00026I-UA for ietf-http-wg-dist@listhub.w3.org; Thu, 21 Aug 2014 16:55:52 +0000
Resent-Date: Thu, 21 Aug 2014 16:55:52 +0000
Resent-Message-Id: <E1XKVeS-00026I-UA@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XKVe8-00022q-Ah for ietf-http-wg@listhub.w3.org; Thu, 21 Aug 2014 16:55:32 +0000
Received: from mail-we0-f177.google.com ([74.125.82.177]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XKVe7-0002iS-Ge for ietf-http-wg@w3.org; Thu, 21 Aug 2014 16:55:32 +0000
Received: by mail-we0-f177.google.com with SMTP id w62so9610837wes.36 for <ietf-http-wg@w3.org>; Thu, 21 Aug 2014 09:55:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=A0dTs+KuAV7XZ4fEfJenEMWbeRzfY56w4ru3ESpK75o=; b=CPlsoKHEyHeFmMHjtlYQkMeZTV3Rr+MxA89U3EItlbxscr81t6ta1i86ySIJjSxZ3H w/4nlYKfoP9NeCC7QxYfLScWrdRWkadzyNfxXnYwAO2+nNfOxZzM7bUApCK9y1wR9DDh hwFxgXK4Vs0fQmkBCPkOqEmYDOX/eVC17Jj83g2gG2Xs6LDa65XCxi8ibdPobWQEm+NZ wbCURbKzP1vxL6668xfosx+KPdKR0AN5GZ6mwxz9foWpIRX3LdVmYNavu09nc+WSGNqE kpoYh1E8UWRzzEKlvROaA/l85tkwmFY9cDIX+sFWpTWiwoymVwELPOJzniuiWz3Llupq fh/Q==
MIME-Version: 1.0
X-Received: by 10.180.20.71 with SMTP id l7mr5650696wie.64.1408640105127; Thu, 21 Aug 2014 09:55:05 -0700 (PDT)
Received: by 10.194.6.229 with HTTP; Thu, 21 Aug 2014 09:55:05 -0700 (PDT)
In-Reply-To: <CAHixhFqbw00FrGSrCRS1rK_HqEj8osRXtXpj+DtYmU=tqFyBkQ@mail.gmail.com>
References: <20140818233839.23251.81316.idtracker@ietfa.amsl.com> <858FBAA8-F0D5-43A0-A621-7D504AB3327A@mnot.net> <CAH_y2NEekpgDNO+OsDELarcSi3nn72gHb98L9R66TntcD9bUiQ@mail.gmail.com> <3859D490-6B6E-4C7D-A3AF-9F1CF6F69045@mnot.net> <CAH_y2NGivMoS_WSudKKM4A=Jnr6bKneJZ5zuTmWrQm=XESYdYw@mail.gmail.com> <6F9EE13B-1791-4010-8953-3172A57AC172@mnot.net> <CAHixhFqbw00FrGSrCRS1rK_HqEj8osRXtXpj+DtYmU=tqFyBkQ@mail.gmail.com>
Date: Thu, 21 Aug 2014 09:55:05 -0700
Message-ID: <CABkgnnWzerbs=ue3MR++0jqi5xc2Q+rczb3ad_01---LSNVnpQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Adam Rice <ricea@google.com>
Cc: Mark Nottingham <mnot@mnot.net>, Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=74.125.82.177; envelope-from=martin.thomson@gmail.com; helo=mail-we0-f177.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.743, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1XKVe7-0002iS-Ge fc0fc41c4703af2d9c769c8feb72d21a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt
Archived-At: <http://www.w3.org/mid/CABkgnnWzerbs=ue3MR++0jqi5xc2Q+rczb3ad_01---LSNVnpQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26694
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 20 August 2014 21:50, Adam Rice <ricea@google.com> wrote: > As a client, why would I add a header to my request that is going to cause > the proxy to block it? What is the benefit to the user? I'm going to give a different answer to the one Amos gave. You can read the background, including the recorded discussion from the last IETF meeting for more on the subject. In WebRTC, browsers will do this because they want to be good network citizens and sometimes that means asking nicely. Applications don't get that privilege. And this isn't always about a block/don't block binary decision. Sometimes the information can let the proxy make better choices about how it treats the data. Realtime media over these tunnels (the original motivating use case) has somewhat different requirements to other types of traffic. Knowledge about applications can help the proxy make better decisions. As I've said privately to others when the same point was raised, the use of cleartext markers in the context of intermediary blocking is a topic that was discussed at some length when the TLS working group chose ALPN over NPN. We could re-run those arguments, and I'm sure that we'd have a ball in the process, but that's wasteful. This document really doesn't change the dynamic at all. If you choose not to send this, then send ALPN, then that's just forcing the proxy to do extra work to discover what you are doing (i.e., it looks at your TLS ClientHello once the tunnel is active). If you are suppressing ALPN, then you suppress this too. I don't think that's in question.
- I-D Action: draft-ietf-httpbis-tunnel-protocol-00… internet-drafts
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Mark Nottingham
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Greg Wilkins
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Mark Nottingham
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Greg Wilkins
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Mark Nottingham
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Adam Rice
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Amos Jeffries
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Adam Rice
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Amos Jeffries
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Martin Thomson
- RE: I-D Action: draft-ietf-httpbis-tunnel-protoco… Makaraju, Maridi Raju (Raju)
- Re: I-D Action: draft-ietf-httpbis-tunnel-protoco… Julian Reschke