Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
 with ESMTP id 523B321F8501 for
 <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>;
 Sat, 11 May 2013 22:00:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.475
X-Spam-Level: 
X-Spam-Status: No, score=-10.475 tagged_above=-999 required=5 tests=[AWL=0.124,
 BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EGIlipS2KpRD for
 <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>;
 Sat, 11 May 2013 22:00:52 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com
 (Postfix) with ESMTP id ACD3E21F850B for
 <httpbisa-archive-bis2Juki@lists.ietf.org>;
 Sat, 11 May 2013 22:00:51 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from
 <ietf-http-wg-request@listhub.w3.org>) id 1UbON1-0001sT-6x for
 ietf-http-wg-dist@listhub.w3.org; Sun, 12 May 2013 04:58:51 +0000
Resent-Date: Sun, 12 May 2013 04:58:51 +0000
Resent-Message-Id: <E1UbON1-0001sT-6x@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim
 4.72) (envelope-from <ynir@checkpoint.com>) id 1UbOMk-0001rf-Al for
 ietf-http-wg@listhub.w3.org; Sun, 12 May 2013 04:58:34 +0000
Received: from smtp.checkpoint.com ([194.29.34.68]) by lisa.w3.org with esmtp
 (Exim 4.72) (envelope-from <ynir@checkpoint.com>) id 1UbOMi-0003G3-B7 for
 ietf-http-wg@w3.org; Sun, 12 May 2013 04:58:34 +0000
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by
 smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r4C4w3vu010457;
 Sun, 12 May 2013 07:58:03 +0300
X-CheckPoint: {518F1F94-0-1B221DC2-1FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.54]) by
 DAG-EX10.ad.checkpoint.com ([169.254.3.48]) with mapi id 14.02.0342.003;
 Sun, 12 May 2013 07:58:03 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: James M Snell <jasnell@gmail.com>
CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Thread-Topic: Design: Ignored Unknown Frame Types and Intermediaries
Thread-Index: AQHOTlx/8z1i47QzLki5Jx/qYX4EwpkAy5cA
Date: Sun, 12 May 2013 04:58:02 +0000
Message-ID: <09C78900-966B-46B0-AB97-1394FD05849A@checkpoint.com>
References: <CABP7Rbfko48A0yAceDeHfQKR7S6aW7AAAqCZroaZzTScTooOvw@mail.gmail.com>
In-Reply-To: <CABP7Rbfko48A0yAceDeHfQKR7S6aW7AAAqCZroaZzTScTooOvw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [172.31.20.52]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
x-cpdlp: 110bc87e31c8d4a8c92fba93fa0144af7abefaf5e1
Content-Type: text/plain; charset="us-ascii"
Content-ID: <B680A68CC1B77E4F892152B6EE34EC00@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Received-SPF: permerror client-ip=194.29.34.68;
 envelope-from=ynir@checkpoint.com; helo=smtp.checkpoint.com
X-W3C-Hub-Spam-Status: No, score=-6.6
X-W3C-Hub-Spam-Report: AWL=-0.122, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.45
X-W3C-Scan-Sig: lisa.w3.org 1UbOMi-0003G3-B7 05b0e5852b9491fc7daed9c38da93ebf
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Design: Ignored Unknown Frame Types and Intermediaries
Archived-At: <http://www.w3.org/mid/09C78900-966B-46B0-AB97-1394FD05849A@checkpoint.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17952
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On May 11, 2013, at 6:27 PM, James M Snell <jasnell@gmail.com> wrote:

> In the current draft, endpoints are required to "ignore" unknown and
> unsupported frame types. What's not yet clear, however, is whether
> such frames are required to be forwarded on by intermediaries that do
> not support them.
>=20
> In other words, A talks to C via reverse proxy B. A sends a stream
> that includes EXTENSION_FRAME_TYPE that is unknown to B. Is B...
>=20
> A) Required to drop the frame silently without forwarding it on to C
> B) Required to always forward the frame on to C
> C) Neither, B can do whatever it wants
>=20
> There is an obvious impact here on the future deployment of new
> extension frame types. If the answer is A or C, we'll have to wait on
> infrastructure support to use new frame types, which would be
> unfortunate.
>=20
> - James

I think (C) is the only answer. Consider two types of proxies: an SSL accel=
erator and a firewall. The SSL accelerator doesn't want to break anything, =
so it will forward everything (B), while a firewall doesn't let things pass=
 which it doesn't understand (A). I think this will be the behavior for the=
se two kinds of proxy regardless of what we specify.=20

Since the UA can never know in advance what the server will support, there =
has to be some "extension support discovery" anyways. Perhaps if we had tha=
t in the SETTINGS frame, the proxy could filter out.  For example, add a SE=
TTINGS_SUPPORTED_EXTENSION, which will hold an extension supported by the s=
ender. You will need multiple settings values for multiple extensions. The =
server would send the same list as the client, filtered down to the list of=
 extensions that it supports. A proxy could trim the list further to remove=
 things it's going to drop.

Yoav=