Re: p1: Via and gateways

Willy Tarreau <w@1wt.eu> Sat, 20 April 2013 08:10 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9B0921F8952 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 20 Apr 2013 01:10:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.988
X-Spam-Level:
X-Spam-Status: No, score=-9.988 tagged_above=-999 required=5 tests=[AWL=0.611, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F7a3xUxYkSxo for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 20 Apr 2013 01:10:06 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 2830E21F86FA for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 20 Apr 2013 01:10:06 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UTSrq-0001UD-Kb for ietf-http-wg-dist@listhub.w3.org; Sat, 20 Apr 2013 08:09:54 +0000
Resent-Date: Sat, 20 Apr 2013 08:09:54 +0000
Resent-Message-Id: <E1UTSrq-0001UD-Kb@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UTSrn-0001TI-Hf for ietf-http-wg@listhub.w3.org; Sat, 20 Apr 2013 08:09:51 +0000
Received: from 1wt.eu ([62.212.114.60]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UTSrm-0007LT-S2 for ietf-http-wg@w3.org; Sat, 20 Apr 2013 08:09:51 +0000
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id r3K89JUV028903; Sat, 20 Apr 2013 10:09:19 +0200
Date: Sat, 20 Apr 2013 10:09:19 +0200
From: Willy Tarreau <w@1wt.eu>
To: Mark Nottingham <mnot@mnot.net>
Cc: ietf@ietf.org, ietf-http-wg@w3.org
Message-ID: <20130420080919.GP26517@1wt.eu>
References: <F7810D5C-45A6-4D01-83ED-2A9AB5856813@mnot.net> <alpine.LRH.2.01.1304200017490.18732@egate.xpasc.com> <37AD85F8-D0E1-4B9D-9BF0-99EBE83ADF8D@mnot.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <37AD85F8-D0E1-4B9D-9BF0-99EBE83ADF8D@mnot.net>
User-Agent: Mutt/1.4.2.3i
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-3.4
X-W3C-Hub-Spam-Report: AWL=-2.667, RP_MATCHES_RCVD=-0.702, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UTSrm-0007LT-S2 5b9ddba2172c6e7513b49e051c8fc5ad
X-Original-To: ietf-http-wg@w3.org
Subject: Re: p1: Via and gateways
Archived-At: <http://www.w3.org/mid/20130420080919.GP26517@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17407
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Sat, Apr 20, 2013 at 05:55:59PM +1000, Mark Nottingham wrote:
> 
> On 20/04/2013, at 5:21 PM, David Morris <dwm@xpasc.com> wrote:
> > 
> > I don't care about MUST, but I think the Via header can be useful for
> > problem determination. A smart content server could also adjust for
> > a detected accelerator and/or transcoder ... perhaps by avoiding
> > optimizations dependant on a direct connection and byte/byte transfer
> > between the client and the server.
> > 
> > So I'm very much in favor of keeping the Via: header.
> 
> 
> Definitely not talking about getting rid of it. The (only, specific) point
> here is whether a gateway that doesn't add Via to responses should be called
> non-conformant.
> 
> Personally, I think it should be a MUST for proxies, in both directions.
> However, for a gateway, it either shouldn't be a requirement at all (for
> responses), or it should be a SHOULD with a get-out clause for reasons of
> security (along with a note that they'll need to accept responsibility for
> any issues caused by omitting Via). Still should probable be a MUST for
> requests from gateways.

But then do we want to declare all gateways non-conformant ? The only gateway
I've seen use the Via header was abusing it to put the client's IP address
into it, and none of the hosted servers behind it were ever confused by this
despite being a few tens of various products!

The only use I see with Via is to convey the original message's HTTP version,
but most (all?) gateways do not change this version because it's already
painful to be a gateway, you generally don't want to add more burden by
changing the protocol version between the two sides!

Willy