IETF Logo Mail Archive

Re: #496: Feedback on Fallback

Eliot Lear <lear@cisco.com> Tue, 07 October 2014 06:59 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 411C41A913C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 6 Oct 2014 23:59:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.774
X-Spam-Level:
X-Spam-Status: No, score=-13.774 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_RHS_DOB=1.514, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KnjWqx783RVP for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 6 Oct 2014 23:59:04 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 534331A9137 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 6 Oct 2014 23:59:04 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XbOhL-00027T-N7 for ietf-http-wg-dist@listhub.w3.org; Tue, 07 Oct 2014 06:56:39 +0000
Resent-Date: Tue, 07 Oct 2014 06:56:39 +0000
Resent-Message-Id: <E1XbOhL-00027T-N7@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <lear@cisco.com>) id 1XbOhH-00026e-VZ for ietf-http-wg@listhub.w3.org; Tue, 07 Oct 2014 06:56:35 +0000
Received: from aer-iport-3.cisco.com ([173.38.203.53]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <lear@cisco.com>) id 1XbOhG-0007Nr-MV for ietf-http-wg@w3.org; Tue, 07 Oct 2014 06:56:35 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6395; q=dns/txt; s=iport; t=1412664995; x=1413874595; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=24qnWa9fcHZEyQbTpF6kF6lo3xyqThxHTYVdrmaTrFc=; b=WraZqFyUf4qoEjl7sgKWAZXv6CJa4h3bKCS4Y/hF3sSxsWgM3fMEHVbO lIuOGhEUpF6Jz0ctUFukDJaB7g90YJWo/WCXLhUtnjin31cQ0nenrX9Ro EsoOIKq6aHzjl8CQ3hyG5NoZ6wFsuYMRG54oBL+7qkrXQLEomVGn5F3hE s=;
X-Files: signature.asc : 486
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ArAEANeNM1StJssW/2dsb2JhbABXCINhWIMCux2ONQyHDT4CgSABe4QDAQEBBAECIFUBEAsOAwQBAQEJFgsCAgkDAgECARYnCAYBDAEFAgEBiDoNrCWVCAEXikmFJlYHgneBVAEEhRWOaoFMZVSDNoMEgS07hXaHEYMSg3+DZTsvAQSCRQEBAQ
X-IronPort-AV: E=Sophos;i="5.04,668,1406592000"; d="asc'?scan'208";a="198340051"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-3.cisco.com with ESMTP; 07 Oct 2014 06:56:07 +0000
Received: from [10.61.104.94] (dhcp-10-61-104-94.cisco.com [10.61.104.94]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id s976u630013171; Tue, 7 Oct 2014 06:56:06 GMT
Message-ID: <54338E85.5080008@cisco.com>
Date: Tue, 07 Oct 2014 08:56:05 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
CC: Mike Bishop <Michael.Bishop@microsoft.com>
References: <152c2ec3edb04e048252116634915828@BL2PR03MB132.namprd03.prod.outlook.com> <1F6A63C8-B003-403D-BD16-36747655C94D@mnot.net>
In-Reply-To: <1F6A63C8-B003-403D-BD16-36747655C94D@mnot.net>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="Ba4EV1cJV28e1aqlVlHhEccrxt6sjMkM7"
Received-SPF: none client-ip=173.38.203.53; envelope-from=lear@cisco.com; helo=aer-iport-3.cisco.com
X-W3C-Hub-Spam-Status: No, score=-13.5
X-W3C-Hub-Spam-Report: AWL=-0.531, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01, URIBL_RHS_DOB=1.514, USER_IN_DEF_DKIM_WL=-7.5
X-W3C-Scan-Sig: lisa.w3.org 1XbOhG-0007Nr-MV 0ca71770fdad3ee5a12a9cc93766e5f7
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #496: Feedback on Fallback
Archived-At: <http://www.w3.org/mid/54338E85.5080008@cisco.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27479
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Just a question:

Why not offer the developer the choice to go to 1.1, especially if using
raw interfaces?  You could even update your API so that the call
requires an HTTP version #.

Eliot


On 10/7/14, 8:30 AM, Mark Nottingham wrote:
> There hasn't been much feedback on this. 
>
> Any more comments on Mike's proposal (specifically, <https://github.com/MikeBishop/http2-spec/commit/cebb0385f188ddcaf75ec3a7811b836c770e7fdb>)?
>
> Regards,
>
>
> On 23 Sep 2014, at 5:24 am, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
>
>> Just to recap this suggestion, we’re not suggesting that any class of traffic should be bulk-relegated to HTTP/1.1 – we’re suggesting the addition of a widely-recognized error code to smooth transitions.  Burning a round-trip isn’t ideal, but it’s a mitigation strategy for limitations on either the client or the server.  In particular, a later thread (http://lists.w3.org/Archives/Public/ietf-http-wg/2014JulSep/1894.html) raised the use of such an error code in a GOAWAY as a good hard-coded response to a client that attempts to connect with prior knowledge and gets it wrong.  A server that’s aware of HTTP/2 but doesn’t support it can generate an appropriate GOAWAY and close the connection.
>>  
>> I submitted a pull request adding the error code at https://github.com/http2/http2-spec/pull/599 -- are there any comments on this change or is this editor-ready?
>>  
>> From: Mike Bishop 
>> Sent: Thursday, August 14, 2014 3:56 PM
>> To: HTTP Working Group
>> Subject: Feedback on Fallback
>>  
>> Going into WGLC, we committed to implementations and taking changes based solely on implementation experience and real-world data.  Based on our experience so far, Microsoft’s first piece of WGLC feedback is to replace Mark’s Over-Version draft with an error code in the spec.  Our reasoning follows.
>>  
>> As we continue to work on HTTP/2, one item that has come up repeatedly is the need to force clients back to HTTP/1.1 for various reasons.  We’ve all pushed hard against bulk-relegating any class of HTTP usage into the “They should just use 1.1” bucket, but it’s becoming clear that there will occasionally be situations where a server needs a client to fall back.
>>  
>> Some apps we support depend on the ability to emit raw HTTP protocol text.  Others require client certs as a matter of local law and we don’t have a way to retrieve the client cert without renegotiation.  Others are strictly situational, features that require adaptation work we haven’t gotten to yet.
>>  
>> These assorted situations motivated the Over-Version draft which Mark published after the NYC Interim.  505 was already defined as meaning the server was unable/unwilling to use the current HTTP version to serve the request the client made; Mark’s draft added semantics to inform a client what version would be acceptable, if any, so that an intelligent client could transparently retry over the correct HTTP version (be it 1.1 or 3.5).
>>  
>> We’ve found a couple limitations with this approach:
>> ·         As Jeff pointed out in NYC, returning a 5XX looks bad in server logs.  This isn’t actually a server “failure” per se, we just used it because the status code already exists in the 5XX range.  Not a technical issue, but definitely an operational one.  (Jeff noted in NYC that there are other 5XX status codes that Twitter non-standardly recasts in other ranges for this reason.  New 4XX and 3XX codes were proposed as part of this discussion, demonstrating that the concept doesn’t bucket well as a status code.)
>> ·         Once the HEADERS frame with :status is sent, we’re locked in to that response.  You can’t subsequently change the :status to 505.  Some of these situations can occur when the response is partially-generated, which leaves us stuck unless we buffer all responses until they’re complete (unacceptable for perf).
>> ·         Because Over-Version is optional, clients are not guaranteed to support it.  An unsupporting client will just retry the same request over HTTP/2 again and never be able to obtain an actual response from the server.  Including a response body with the 505 telling clients to turn off HTTP/2 in their browser is definitely not a direction we want to go in these situations, and I don’t expect clients to have a “turn off HTTP/2 for this request only” button.
>>  
>> On the other hand, a new error code doesn’t suffer from these issues.  A RST_STREAM can be sent at any point and doesn’t necessarily confuse existing heuristics.  A GOAWAY with the same error code provides a clean way for the server to transition a client to HTTP/1.1 entirely, if necessary.  If it’s in the base spec, we can be assured that any client will be able to understand it and respond appropriately.
>>  
>> Thus, we think an “HTTP/1.1 Required” error code will be a better option than proceeding with the Over-Version draft.
> --
> Mark Nottingham   https://www.mnot.net/
>
>
>
>

v2.37.1 | Report a Bug | By Email | System Status