Re: Design: Ignored Unknown Frame Types and Intermediaries

Yoav Nir <ynir@checkpoint.com> Sun, 12 May 2013 05:00 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 523B321F8501 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 11 May 2013 22:00:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.475
X-Spam-Level:
X-Spam-Status: No, score=-10.475 tagged_above=-999 required=5 tests=[AWL=0.124, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EGIlipS2KpRD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 11 May 2013 22:00:52 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id ACD3E21F850B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 11 May 2013 22:00:51 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UbON1-0001sT-6x for ietf-http-wg-dist@listhub.w3.org; Sun, 12 May 2013 04:58:51 +0000
Resent-Date: Sun, 12 May 2013 04:58:51 +0000
Resent-Message-Id: <E1UbON1-0001sT-6x@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <ynir@checkpoint.com>) id 1UbOMk-0001rf-Al for ietf-http-wg@listhub.w3.org; Sun, 12 May 2013 04:58:34 +0000
Received: from smtp.checkpoint.com ([194.29.34.68]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <ynir@checkpoint.com>) id 1UbOMi-0003G3-B7 for ietf-http-wg@w3.org; Sun, 12 May 2013 04:58:34 +0000
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r4C4w3vu010457; Sun, 12 May 2013 07:58:03 +0300
X-CheckPoint: {518F1F94-0-1B221DC2-1FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.54]) by DAG-EX10.ad.checkpoint.com ([169.254.3.48]) with mapi id 14.02.0342.003; Sun, 12 May 2013 07:58:03 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: James M Snell <jasnell@gmail.com>
CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Thread-Topic: Design: Ignored Unknown Frame Types and Intermediaries
Thread-Index: AQHOTlx/8z1i47QzLki5Jx/qYX4EwpkAy5cA
Date: Sun, 12 May 2013 04:58:02 +0000
Message-ID: <09C78900-966B-46B0-AB97-1394FD05849A@checkpoint.com>
References: <CABP7Rbfko48A0yAceDeHfQKR7S6aW7AAAqCZroaZzTScTooOvw@mail.gmail.com>
In-Reply-To: <CABP7Rbfko48A0yAceDeHfQKR7S6aW7AAAqCZroaZzTScTooOvw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.20.52]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
x-cpdlp: 110bc87e31c8d4a8c92fba93fa0144af7abefaf5e1
Content-Type: text/plain; charset="us-ascii"
Content-ID: <B680A68CC1B77E4F892152B6EE34EC00@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Received-SPF: permerror client-ip=194.29.34.68; envelope-from=ynir@checkpoint.com; helo=smtp.checkpoint.com
X-W3C-Hub-Spam-Status: No, score=-6.6
X-W3C-Hub-Spam-Report: AWL=-0.122, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.45
X-W3C-Scan-Sig: lisa.w3.org 1UbOMi-0003G3-B7 05b0e5852b9491fc7daed9c38da93ebf
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Design: Ignored Unknown Frame Types and Intermediaries
Archived-At: <http://www.w3.org/mid/09C78900-966B-46B0-AB97-1394FD05849A@checkpoint.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17952
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On May 11, 2013, at 6:27 PM, James M Snell <jasnell@gmail.com> wrote:

> In the current draft, endpoints are required to "ignore" unknown and
> unsupported frame types. What's not yet clear, however, is whether
> such frames are required to be forwarded on by intermediaries that do
> not support them.
> 
> In other words, A talks to C via reverse proxy B. A sends a stream
> that includes EXTENSION_FRAME_TYPE that is unknown to B. Is B...
> 
> A) Required to drop the frame silently without forwarding it on to C
> B) Required to always forward the frame on to C
> C) Neither, B can do whatever it wants
> 
> There is an obvious impact here on the future deployment of new
> extension frame types. If the answer is A or C, we'll have to wait on
> infrastructure support to use new frame types, which would be
> unfortunate.
> 
> - James

I think (C) is the only answer. Consider two types of proxies: an SSL accelerator and a firewall. The SSL accelerator doesn't want to break anything, so it will forward everything (B), while a firewall doesn't let things pass which it doesn't understand (A). I think this will be the behavior for these two kinds of proxy regardless of what we specify. 

Since the UA can never know in advance what the server will support, there has to be some "extension support discovery" anyways. Perhaps if we had that in the SETTINGS frame, the proxy could filter out.  For example, add a SETTINGS_SUPPORTED_EXTENSION, which will hold an extension supported by the sender. You will need multiple settings values for multiple extensions. The server would send the same list as the client, filtered down to the list of extensions that it supports. A proxy could trim the list further to remove things it's going to drop.

Yoav