Re: Choosing a header compression algorithm
Roberto Peon <grmocg@gmail.com> Thu, 28 March 2013 00:22 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A09E21F933E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 27 Mar 2013 17:22:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.931
X-Spam-Level:
X-Spam-Status: No, score=-9.931 tagged_above=-999 required=5 tests=[AWL=-0.533, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_55=0.6, J_CHICKENPOX_62=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sFtegHkahxuK for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 27 Mar 2013 17:22:23 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 52A1021F93BD for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 27 Mar 2013 17:22:20 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UL0bN-0007SF-U0 for ietf-http-wg-dist@listhub.w3.org; Thu, 28 Mar 2013 00:21:57 +0000
Resent-Date: Thu, 28 Mar 2013 00:21:57 +0000
Resent-Message-Id: <E1UL0bN-0007SF-U0@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UL0bC-0007RR-Mk for ietf-http-wg@listhub.w3.org; Thu, 28 Mar 2013 00:21:46 +0000
Received: from mail-oa0-f41.google.com ([209.85.219.41]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UL0bB-0003B9-Gy for ietf-http-wg@w3.org; Thu, 28 Mar 2013 00:21:46 +0000
Received: by mail-oa0-f41.google.com with SMTP id f4so7015133oah.0 for <ietf-http-wg@w3.org>; Wed, 27 Mar 2013 17:21:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=6PSZ49l4jLBYxel+lAm5QxtrM9v5fkdwBJybzKzDfxE=; b=vHv8C/7IoRxxAD6FlSQW7A8se2VVLKHZK2DZNl8uPR14D0VXGF+06yVkun1ecBaObu pdhOID4nrNJ5H4bYomv0WW0e7Q5mRNnvwpCPNViYMa5HYEhiehCwSaxESJ7lpJ9lNYSc 3fB23UDQBZQ4hZf8CuSKydwUYJgCO2vlgG2qMoeKMcA5HnrFvDw9RqhEvbsTU69dio6q krH0PKCecYtrUPuGShNEP8cSQBP+Z0NlGg9dYKQWW9CRFim4OvD3IRAmDoqZuSjUOlfC vYDgW9Dlt88sJl6TxcwEck1166XfiUup9BsBqYhCAl0vFUDixnh60IlA8nrpBKS99EuT IVLw==
MIME-Version: 1.0
X-Received: by 10.182.23.101 with SMTP id l5mr4677463obf.16.1364430079398; Wed, 27 Mar 2013 17:21:19 -0700 (PDT)
Received: by 10.76.109.72 with HTTP; Wed, 27 Mar 2013 17:21:19 -0700 (PDT)
In-Reply-To: <CAP+FsNfy0ognTBaF7USBcP9dTL5bQsruav30FmGB70m_0JfjyA@mail.gmail.com>
References: <254AABEE-22B9-418E-81B0-2729902C4413@mnot.net> <A14105FB-ED1A-4B70-8840-9648847BCC3A@mnot.net> <6C71876BDCCD01488E70A2399529D5E5163F3C67@ADELE.crf.canon.fr> <CAP+FsNfFohSwrX2DxthNcnn+wDj6T5W7xpcg4yA56Gvt_nP3_Q@mail.gmail.com> <6C71876BDCCD01488E70A2399529D5E5163F3D72@ADELE.crf.canon.fr> <7CA7F3EB-A492-471A-8AC4-23293DD10840@mnot.net> <6C71876BDCCD01488E70A2399529D5E5163F4076@ADELE.crf.canon.fr> <CAP+FsNdztfCJjvP58ryVXDRgGyGSPO-37gRMjAuwikz2eviBiw@mail.gmail.com> <CAP+FsNdQ7mNbsaAiUqEF22Oh8KMaK3UWUWFzWE=K0jQbkM7t1Q@mail.gmail.com> <6C71876BDCCD01488E70A2399529D5E5163F4263@ADELE.crf.canon.fr> <CAP+FsNeXvn6UasR6e56A7pHtrkXg6A0NnrVGmRYNW49Qu2vxqg@mail.gmail.com> <CAP+FsNfy0ognTBaF7USBcP9dTL5bQsruav30FmGB70m_0JfjyA@mail.gmail.com>
Date: Wed, 27 Mar 2013 17:21:19 -0700
Message-ID: <CAP+FsNd8-H2X_DTOn9WDp-DTeGkSg+2Luo5bvEgHaRXx0TNV0Q@mail.gmail.com>
From: Roberto Peon <grmocg@gmail.com>
To: RUELLAN Herve <Herve.Ruellan@crf.canon.fr>
Cc: "agl@google.com" <agl@google.com>, Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="f46d043749e134656304d8f122ed"
Received-SPF: pass client-ip=209.85.219.41; envelope-from=grmocg@gmail.com; helo=mail-oa0-f41.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.664, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UL0bB-0003B9-Gy 5e13eeac9f247efacdc19fae5bcc0b91
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Choosing a header compression algorithm
Archived-At: <http://www.w3.org/mid/CAP+FsNd8-H2X_DTOn9WDp-DTeGkSg+2Luo5bvEgHaRXx0TNV0Q@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17160
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Arg. Sorry, the best provably safe option for HeaderDiff is: *headerdiff (buffer=4096, delta=false, huffman)* * TOTAL: 5949 req messages size time | ratio min max std http1 3,460,925 0.22 | 1.00 1.00 1.00 0.00 headerdiff (buffer=4096, delta=false) 1,250,042 0.64 | 0.36 0.01 0.96 0.22 headerdiff (buffer=4096, delta=false, huffman) 936,003 2.05 | 0.27 0.01 0.79 0.16 * TOTAL: 5948 res messages size time | ratio min max std http1 2,186,162 0.08 | 1.00 1.00 1.00 0.00 headerdiff (buffer=4096, delta=false) 768,387 2.16 | 0.35 0.02 0.92 0.18 headerdiff (buffer=4096, delta=false, huffman) 581,046 3.22 | 0.27 0.02 0.73 0.14 On Wed, Mar 27, 2013 at 5:14 PM, Roberto Peon <grmocg@gmail.com> wrote: > I've checked in some changes to delta2 which expands and documents various > options for delta2 in the README.md. > > After running a number of variations of delta2, The following defaults > look good for small buffer sizes: > > delta2=max_entries=256, small_index=1 > > small_index basically says use a uint8 instead of a uint16 for > representing indices, and is the kind of thing that could be messaged > somewhere (opcode, flag, whatever). > > The best headerdiff option which I believe is safe against CRIME in the > future is: > headerdiff=delta_type=false,huffman > > I removed prefix matching from delta some months ago (~6 I think?) after > cogitating on it for a while and then speaking with security folks.. I just > couldn't come up with a way I could prove was safe, unlike the > atom-matching, which one can prove is no worse than a brute-force attack. > > I've appended runs with these values@4k buffer size for delta2 and > headerdiff below. > -=R > > > > * TOTAL: 5949 req messages > > size time | ratio min max > std > > http1 3,460,925 0.13 | 1.00 1.00 1.00 > 0.00 > delta2 (max_byte_size=4096, max_entries=256, small_index=1, hg_adjust=0, > implicit_hg_add=0, refcnt_vals=0) 664,683 4.16 | 0.19 0.02 0.83 > 0.15 > headerdiff > (buffer=4096, delta_type=false, huffman) 759,783 2.03 | 0.22 0.01 > 0.78 0.18 > > * TOTAL: 5948 res messages > > size time | ratio min max > std > > http1 2,186,162 0.12 | 1.00 1.00 1.00 > 0.00 > delta2 (max_byte_size=4096, max_entries=256, small_index=1, hg_adjust=0, > implicit_hg_add=0, refcnt_vals=0) 585,475 5.32 | 0.27 0.02 1.28 > 0.13 > headerdiff > (buffer=4096, delta_type=false, huffman) 543,047 3.29 | 0.25 0.02 > 0.73 0.14 > > > >
- Re: Choosing a header compression algorithm Stephen Farrell
- Choosing a header compression algorithm Mark Nottingham
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm James M Snell
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Mark Nottingham
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Martin Thomson
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Mark Nottingham
- Re: Choosing a header compression algorithm Mark Nottingham
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm James M Snell
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm James M Snell