Re: The use of binary data in any part of HTTP 2.0 is not good

Mark Nottingham <mnot@mnot.net> Mon, 21 January 2013 02:06 UTC

Resent-Date: Mon, 21 Jan 2013 02:05:13 +0000
Resent-Message-Id: <E1Tx6l7-0003Xv-Fn@frink.w3.org>
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CAA4WUYjzG+1CzEo0WJUjoeqZs5bfud3P+V30_+p8pe_MD6bjPQ@mail.gmail.com>
Date: Mon, 21 Jan 2013 13:04:39 +1100
Cc: "Adrien W. de Croy" <adrien@qbik.com>, Pablo <paa.listas@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <8DFA06DD-484F-4740-BD15-629D423CED2A@mnot.net>
References: <em670f0a0f-3c5a-4f99-88cb-03bd4234ce63@bombed> <7F8E363D-6D6E-4FDD-B8EA-24A31383B1A3@mnot.net> <CAA4WUYiPRpm0OWesf5wTGLX--HWtDmgjFr+wSEEVr-beH8J=qw@mail.gmail.com> <3EFE45C2-8147-432C-8D15-7E8C5AEC39DC@mnot.net> <CAA4WUYhxHbFeaw-M=DUdKKKafhdDE4U5==N2QGY2hd_ptxSHiA@mail.gmail.com> <B2A83604-183E-49BF-A962-238AF5F19DA9@mnot.net> <CAA4WUYjzG+1CzEo0WJUjoeqZs5bfud3P+V30_+p8pe_MD6bjPQ@mail.gmail.com>
To: "William Chan (陈智昌)" <willchan@chromium.org>
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
Subject: Re: The use of binary data in any part of HTTP 2.0 is not good
Archived-At: <http://www.w3.org/mid/8DFA06DD-484F-4740-BD15-629D423CED2A@mnot.net>
Resent-From: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list

On 21/01/2013, at 12:42 PM, William Chan (陈智昌) <willchan@chromium.org> wrote:
>> 
>> Again, this isn't negotiation (as currently discussed); it's the sender choosing not to compress.
> 
> Sorry, I either misunderstood or was unclear. In my understanding,
> while A-E is generally a negotiation, if you simply strip A-E, it's
> effectively the same as "the sender choosing not to compress".

Nope; if you want to say that the client doesn't accept compression, you have to do so explicitly;

https://svn.tools.ietf.org/svn/wg/httpbis/draft-ietf-httpbis/latest/p2-semantics.html#header.accept-encoding

"If no Accept-Encoding field is in the request, any content-coding is considered acceptable by the user agent."


>> Even if it were a negotiation, I suspect you'd find that the dynamics that you saw in play with compressing payloads doesn't play out the same way as it does with headers. Intermediaries strip accept-encoding because decompressing and recompressing the response bodies coming through them presents a scalability challenge; if we do our job right with header compression, it shouldn't be nearly as much of a problem for them.
> 
> This is speculation of course, but I suspect that many do it simply
> for simplicity's sake. While I think intermediaries like
> Varnish/HAProxy/Squid may have legitimate scalability concerns if/when
> they disable stuff like compression, I think that many intermediaries,
> like virus scanners and what not, simply disable things like
> compression to make them easier to process.

Lots of virus scanning happens in intermediaries :)


>>> All options are ripe for abuse. We should be very careful to make sure
>>> the option is truly necessary, rather than just potentially useful, in
>>> order to counterbalance the downside of possible abuse.
>> 
>> To counter that -- I'm somewhat wary of approaching protocol design as an exercise in controlling how the result is used; people *will* work around your intent. While we can do some social engineering in this process, it's very soft, and very limited, power.
> 
> Fair enough. I mostly wanted to chime in to provide the "other"
> opinion here, since you stated that the previous reaction had been
> pretty positive. Please take my comments as a contrary opinion for
> people to consider before we draw any conclusions here.


Absolutely. 

Cheers,

--
Mark Nottingham   http://www.mnot.net/

Re: The use of binary data in any part of HTTP 2.… David Morris
Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
The use of binary data in any part of HTTP 2.0 is… Pablo
Re: The use of binary data in any part of HTTP 2.… Willy Tarreau
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Tim Bray
Re: The use of binary data in any part of HTTP 2.… James M Snell
Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… Roberto Peon
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Nico Williams
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
Re: The use of binary data in any part of HTTP 2.… Eliot Lear
Re: The use of binary data in any part of HTTP 2.… Patrick McManus
Re: The use of binary data in any part of HTTP 2.… Patrick McManus
Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
Re: The use of binary data in any part of HTTP 2.… Nico Williams
Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
Re: The use of binary data in any part of HTTP 2.… Roberto Peon