Design Issue: Must Ignore Rule for Unknown Frame Types

James M Snell <jasnell@gmail.com> Thu, 25 April 2013 23:00 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83A3921F96B3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Apr 2013 16:00:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.3
X-Spam-Level:
X-Spam-Status: No, score=-9.3 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zN5bu-qNFp12 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Apr 2013 16:00:50 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 0216E21F9690 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Apr 2013 16:00:49 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UVV8V-0003gc-FU for ietf-http-wg-dist@listhub.w3.org; Thu, 25 Apr 2013 22:59:31 +0000
Resent-Date: Thu, 25 Apr 2013 22:59:31 +0000
Resent-Message-Id: <E1UVV8V-0003gc-FU@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <jasnell@gmail.com>) id 1UVV8Q-0003fn-GZ for ietf-http-wg@listhub.w3.org; Thu, 25 Apr 2013 22:59:26 +0000
Received: from mail-oa0-f54.google.com ([209.85.219.54]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <jasnell@gmail.com>) id 1UVV8P-0006EO-Rf for ietf-http-wg@w3.org; Thu, 25 Apr 2013 22:59:26 +0000
Received: by mail-oa0-f54.google.com with SMTP id l20so3356725oag.41 for <ietf-http-wg@w3.org>; Thu, 25 Apr 2013 15:59:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:from:date:message-id:subject:to :content-type; bh=TO/KCuNliu93ZUsT0MNY9aEI7ogdrWDiUIJgfb9690o=; b=o4Hdjwwp424h5yTo6okjaYve6EoHDtsPPfBT/70iFj+dK5wWm5r0QxeDFF44ynpnYw wn8W3vCV0RDydNRfgSRGTP3DX2r4NJVve10wg60CVCXNTb2QXl1wrjIVxthiZVVIpg6/ NUWBkYGqQ77ipxvL5KR4Uar+JHvrJHVhZNZOfaQYuZfA2uPGFXh57stKW+LjhQWa284x c7l9hRBxr+UkYz+pMT6m4G5Z1rDNb1LRdvqkhn8heDOeL+6nE8AESjgGH2xGrB3mQetx iwW0F241vXq07LZE2C3G0q4OJNQWE3rlnsoX61Kn2+MyEEE6zsPVYKrGdxiwQWiDgKYw 0yiA==
X-Received: by 10.182.214.38 with SMTP id nx6mr2238490obc.77.1366930739964; Thu, 25 Apr 2013 15:58:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.60.3.137 with HTTP; Thu, 25 Apr 2013 15:58:39 -0700 (PDT)
From: James M Snell <jasnell@gmail.com>
Date: Thu, 25 Apr 2013 15:58:39 -0700
Message-ID: <CABP7Rbe_wEayjZnkMhLpexaKqYUaP7dP-bvAr8PK3bvjueV_rw@mail.gmail.com>
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Type: text/plain; charset=UTF-8
Received-SPF: pass client-ip=209.85.219.54; envelope-from=jasnell@gmail.com; helo=mail-oa0-f54.google.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.738, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UVV8P-0006EO-Rf 3335385db092debfb82fe8fc537fc4ca
X-Original-To: ietf-http-wg@w3.org
Subject: Design Issue: Must Ignore Rule for Unknown Frame Types
Archived-At: <http://www.w3.org/mid/CABP7Rbe_wEayjZnkMhLpexaKqYUaP7dP-bvAr8PK3bvjueV_rw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17578
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

https://github.com/http2/http2-spec/issues/80

In the current draft (-02) we say, "Implementations MUST ignore
unsupported and unrecognized frame types." but we give no guidance
that I can find about handling unknown frames that potentially modify
session state. For example, suppose some extension comes up with a new
frame type that includes a compressed header block. The receiving
endpoint will have no way of interpreting the content, but if it
ignores the frame entirely, it's stored session state can unknowingly
fall out of sync with the sender.

Recommendation: rather than a "MUST IGNORE" rule here, unknown and
unrecognized frame types ought to be a Session Error because the
receiver cannot determine whether and how those frames may have
changed the session state on the sending side. It would not be safe
for the receiver to continue attempting to communicate with the sender
on that session.

This obviously has an impact on the extensibility of the framing
layer. In short, a sender would not be able to use a new frame type
unless it knows the receiver can interpret it. The only solution for
that would be to have some kind of negotiation occur where the sender
effectively ask the recipient if particular extensions are supported
(as part of the session header perhaps?)