Re: The use of binary data in any part of HTTP 2.0 is not good
William Chan (陈智昌) <willchan@chromium.org> Mon, 21 January 2013 00:42 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 256AC21F8700 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 20 Jan 2013 16:42:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.078
X-Spam-Level:
X-Spam-Status: No, score=-7.078 tagged_above=-999 required=5 tests=[FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QYT8HRj2jYBu for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 20 Jan 2013 16:42:54 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 182C321F86FC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 20 Jan 2013 16:42:54 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Tx5SN-0003X7-5k for ietf-http-wg-dist@listhub.w3.org; Mon, 21 Jan 2013 00:41:47 +0000
Resent-Date: Mon, 21 Jan 2013 00:41:47 +0000
Resent-Message-Id: <E1Tx5SN-0003X7-5k@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <willchan@google.com>) id 1Tx5SH-0003WG-Np for ietf-http-wg@listhub.w3.org; Mon, 21 Jan 2013 00:41:41 +0000
Received: from mail-qa0-f43.google.com ([209.85.216.43]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <willchan@google.com>) id 1Tx5SG-0002FS-RC for ietf-http-wg@w3.org; Mon, 21 Jan 2013 00:41:41 +0000
Received: by mail-qa0-f43.google.com with SMTP id cr7so6442497qab.16 for <ietf-http-wg@w3.org>; Sun, 20 Jan 2013 16:41:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=9YCM407SH+/MMvXGl4rmzi86GfZcDvqAf6Ev5q5mnpQ=; b=PHTcQoohS9zlZgH+lKbTZzMI7oNhH8yit8VkMp9dvaKKbpq3r/46r3/qSSGsDeWqUn V+nZTeLkCOe3S9WqEsujVI8DE13aP7Ud6IcAVkKnbKipWNOE+fI0cq9yoGIUJIsU1gcA 7Qx/+vo/RHcH2U7pCV5kvNIcsg4q1dexvRgRfUk0S/Z2rIhWJefOTX+vW5LMWRVF5CrG NZEWyTf5cE3KIl61GDyRDVUw2RCwg1HZXxdUhuCRAe3OW9jwR4XeEQSJ5G1QMJsLsKtb 1qIVfsIY/GjF9H1Ck5rxruixGkdqupos5SUz8rEZDAE8VABo1HaFB+H8YBlIKDz2HM82 7SkQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=9YCM407SH+/MMvXGl4rmzi86GfZcDvqAf6Ev5q5mnpQ=; b=g5Gd+gA07I+mYXGBl0/bnww/gmrgIYv2TmC7lJRv5Dex9q3NUSy3quEJWOK4oMBA+C t8ECEq37YYqU1beQqxJQabFsDob79FaJ5TX+xDNEcGYvJtypDLSfW2cx9RWcTfAkR9w9 +bH+7TAzyfPV5wgcu10mXZtg9O8qLVSoZzM+Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding:x-gm-message-state; bh=9YCM407SH+/MMvXGl4rmzi86GfZcDvqAf6Ev5q5mnpQ=; b=GjgFTuTG64M3ElIO3N61fiCJaFb20zR7ljUr0V76xK78yeDrlsmXDlSfMPQUe6c+cq CCrbzQURgyxHPT8xlgrBwRwn3T34muyJRGSP0seWkGO6R5Cv98J9Ox/UgMXIIgYbXIdd C/aeAO9QfWLJ1pYzQduyRbLUe0BUlMtmqTe1woCQA0e3SPd6L8YzirV/VVCSmFoJ4o71 jc7j3VNcRDdYNs/Mjbz+Z6mK0Xza0vxF4i3pHowPLwF4GDES6uLOzGvNEhwQgYCq0x1A TVyXxwH7KG9kqZJYCeW5WfaugH77EGcTDeDqYe8hYEFONspKFjpHJTPb+XwRbc7LFfLN tsdA==
MIME-Version: 1.0
X-Received: by 10.229.78.7 with SMTP id i7mr3873581qck.119.1358728874561; Sun, 20 Jan 2013 16:41:14 -0800 (PST)
Sender: willchan@google.com
Received: by 10.229.57.163 with HTTP; Sun, 20 Jan 2013 16:41:14 -0800 (PST)
In-Reply-To: <3EFE45C2-8147-432C-8D15-7E8C5AEC39DC@mnot.net>
References: <em670f0a0f-3c5a-4f99-88cb-03bd4234ce63@bombed> <7F8E363D-6D6E-4FDD-B8EA-24A31383B1A3@mnot.net> <CAA4WUYiPRpm0OWesf5wTGLX--HWtDmgjFr+wSEEVr-beH8J=qw@mail.gmail.com> <3EFE45C2-8147-432C-8D15-7E8C5AEC39DC@mnot.net>
Date: Sun, 20 Jan 2013 16:41:14 -0800
X-Google-Sender-Auth: 26RmRaTD2C4mT3UT6S4EUB23Pm8
Message-ID: <CAA4WUYhxHbFeaw-M=DUdKKKafhdDE4U5==N2QGY2hd_ptxSHiA@mail.gmail.com>
From: "William Chan (陈智昌)" <willchan@chromium.org>
To: Mark Nottingham <mnot@mnot.net>
Cc: "Adrien W. de Croy" <adrien@qbik.com>, Pablo <paa.listas@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnA7TzXuNMYCsxEbIaAP4DveKrUuMrjS9vI1DJ/4JjkjUVaSrg+pdN44zEThW2ji5BY5iEqqMJCC9sozbfuFxLucS6/C+x5+BxElsgFl+tsqQWRN+Z483AkFhmEVcu/pMsA+i9n3Pxt9xwfIaKNm7HSmEOc94LFx+m8mjXwUuGqd2AXCjtHJqwyZei5nVaHF4BCl30U
Received-SPF: pass client-ip=209.85.216.43; envelope-from=willchan@google.com; helo=mail-qa0-f43.google.com
X-W3C-Hub-Spam-Status: No, score=-4.0
X-W3C-Hub-Spam-Report: AWL=-1.277, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1Tx5SG-0002FS-RC 9d21306f1e3b9a4d958f806250ad955e
X-Original-To: ietf-http-wg@w3.org
Subject: Re: The use of binary data in any part of HTTP 2.0 is not good
Archived-At: <http://www.w3.org/mid/CAA4WUYhxHbFeaw-M=DUdKKKafhdDE4U5==N2QGY2hd_ptxSHiA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16068
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
I need to consider it longer, since I still have some concerns - namely, client-side intermediaries / 3rd-party software. Note that it's common nowadays for 3rd party software to interact with browser software at a very intimate level. Maybe do it in the form of Winsock LSPs (see https://code.google.com/p/chromium/issues/detail?id=27870 for an example of how we've had to work around bugs here), (oft-times malicious) extensions (https://code.google.com/p/chromium/issues/detail?id=128748#c15), or external applications directly mucking with browser specific data (here are links to examples of Samsung Support Center directly mucking with the browser cache: https://bugzilla.mozilla.org/show_bug.cgi?id=825665 & https://code.google.com/p/chromium/issues/detail?id=167578#c11). Many times these intermediaries / 3rd party software are trying to do "legitimate" things like sniffing headers so they can do filtering based on that. If we add a sender-configured option to enable disabling header encoding/compression at the client, it's very likely that 3rd party software will take advantage of that option for popular client software (popular browsers). Thus, even if such an option existed in the spec, I would be nervous about exposing it within Chromium in such a way that 3rd party software could force it on. And if such a mechanism existed sender-side, I still don't see what (beyond a secured transport like TLS) prevents an ISP or corporate network administrator who has filtering software he/she wants to run from adding a hop that enables this debug option to make it easier to pass through to 3rd party authored filtering software running within the ISP / corporate network. My concerns are admittedly erring on the side of paranoia, but it is definitely advised by our (Google Chrome) previous experience in this area. Please see https://developers.google.com/speed/articles/use-compression where we provide data on the prevalence of the aforementioned Accept-Encoding stripping issue. "There are a handful of ISPs, where the percentage of uncompressed content is over 95%. One likely hypothesis is that either an ISP or a corporate proxy removes or mangles the Accept-Encoding header." Accept-Encoding is a sender-side controlled header, so unless the proposed option is protected somehow via TLS or something, I would imagine that it likewise would expose us to the issue we've seen with Accept-Encoding stripping. All options are ripe for abuse. We should be very careful to make sure the option is truly necessary, rather than just potentially useful, in order to counterbalance the downside of possible abuse. On Sun, Jan 20, 2013 at 4:05 PM, Mark Nottingham <mnot@mnot.net> wrote: > It was discussed in terms of disabling it at the sender, not through negotiation, so I don't think the case you're talking about is going to be a problem. > > > On 21/01/2013, at 10:55 AM, William Chan (陈智昌) <willchan@chromium.org> wrote: > >> Maybe it falls upon me to be the voice of concern here :) Depending on >> what a "debug" option entails, I'm worried about it being used to >> disable a performance feature. As an example of how options can be >> dangerous, we've seen intermediaries that strip out Accept-Encoding >> headers in order to force responses to be uncompressed (probably so >> they can inspect the payloads more easily/cheaply), which is an issue >> from a web performance perspective. >> >> Back to the use case, if you're in a position to use the debug option, >> is it likely that you would not also be in a position to capture >> enough to decode? I'd like to understand the use case so I can >> properly weigh the benefit of such an option, in contrast to the cost >> that I highlighted above. >> >> On Sun, Jan 20, 2013 at 3:48 PM, Mark Nottingham <mnot@mnot.net> wrote: >>> >>> On 21/01/2013, at 10:38 AM, "Adrien W. de Croy" <adrien@qbik.com> wrote: >>> >>>> >>>> the thing that will make debugging harder won't be binary vs text, but the inter-dependence of messages. Especially when it comes to looking through debug logs for issues. >>>> >>>> On-the-wire, you already need to piece together a TCP stream to see what's going on, so having http messages effectively split over multiple frames (e.g. delta encoding, or compression) only becomes a problem when you don't capture enough to decode. >>>> >>>> I think it might be worth-while specifying a requirement for a "debug" option for senders of binary messages which turns off all other optimisations, such as caching unchanged headers etc (so they are sent every time). Just an idea. >>> >>> That's been brought up a few times, and the reaction has been pretty positive. >>> >>> Cheers, >>> >>> >>> -- >>> Mark Nottingham http://www.mnot.net/ >>> >>> >>> >> > > -- > Mark Nottingham http://www.mnot.net/ > > >
- Re: The use of binary data in any part of HTTP 2.… David Morris
- Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
- The use of binary data in any part of HTTP 2.0 is… Pablo
- Re: The use of binary data in any part of HTTP 2.… Willy Tarreau
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Tim Bray
- Re: The use of binary data in any part of HTTP 2.… James M Snell
- Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
- Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… Roberto Peon
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Nico Williams
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Mark Nottingham
- Re: The use of binary data in any part of HTTP 2.… William Chan (陈智昌)
- Re: The use of binary data in any part of HTTP 2.… Eliot Lear
- Re: The use of binary data in any part of HTTP 2.… Patrick McManus
- Re: The use of binary data in any part of HTTP 2.… Patrick McManus
- Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
- Re: The use of binary data in any part of HTTP 2.… Nico Williams
- Re: The use of binary data in any part of HTTP 2.… Adrien W. de Croy
- Re: The use of binary data in any part of HTTP 2.… Amos Jeffries
- Re: The use of binary data in any part of HTTP 2.… Roberto Peon