RE: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt

"Makaraju, Maridi Raju (Raju)" <Raju.Makaraju@alcatel-lucent.com> Thu, 21 August 2014 17:11 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B67891A06DD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 21 Aug 2014 10:11:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.57
X-Spam-Level:
X-Spam-Status: No, score=-7.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pf2eWkyfSm-1 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 21 Aug 2014 10:11:35 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B42701A06B6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 21 Aug 2014 10:11:34 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XKVr1-0000CF-Ke for ietf-http-wg-dist@listhub.w3.org; Thu, 21 Aug 2014 17:08:51 +0000
Resent-Date: Thu, 21 Aug 2014 17:08:51 +0000
Resent-Message-Id: <E1XKVr1-0000CF-Ke@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <Raju.Makaraju@alcatel-lucent.com>) id 1XKVqf-0000Am-Fc for ietf-http-wg@listhub.w3.org; Thu, 21 Aug 2014 17:08:29 +0000
Received: from us-hpatc-esg-01.alcatel-lucent.com ([135.245.18.27] helo=smtp-us.alcatel-lucent.com) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <Raju.Makaraju@alcatel-lucent.com>) id 1XKVqe-0003pu-46 for ietf-http-wg@w3.org; Thu, 21 Aug 2014 17:08:28 +0000
Received: from us70uusmtp3.zam.alcatel-lucent.com (unknown [135.5.2.65]) by Websense Email Security Gateway with ESMTPS id 07A68A92E4E83; Thu, 21 Aug 2014 17:07:57 +0000 (GMT)
Received: from US70UWXCHHUB01.zam.alcatel-lucent.com (us70uwxchhub01.zam.alcatel-lucent.com [135.5.2.48]) by us70uusmtp3.zam.alcatel-lucent.com (GMO) with ESMTP id s7LH80ql014276 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 21 Aug 2014 13:08:00 -0400
Received: from US70UWXCHMBA02.zam.alcatel-lucent.com ([169.254.8.175]) by US70UWXCHHUB01.zam.alcatel-lucent.com ([135.5.2.48]) with mapi id 14.02.0247.003; Thu, 21 Aug 2014 13:08:00 -0400
From: "Makaraju, Maridi Raju (Raju)" <Raju.Makaraju@alcatel-lucent.com>
To: Martin Thomson <martin.thomson@gmail.com>, Adam Rice <ricea@google.com>
CC: Mark Nottingham <mnot@mnot.net>, Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt
Thread-Index: AQHPuz4svzkLYChKRkGxK464gGKiy5vXWfGAgAGRTQCAAAFTAIAABuGAgAAAyoCAAc8TgIAAypKA///AX2A=
Date: Thu, 21 Aug 2014 17:08:00 +0000
Message-ID: <E1FE4C082A89A246A11D7F32A95A17828E523970@US70UWXCHMBA02.zam.alcatel-lucent.com>
References: <20140818233839.23251.81316.idtracker@ietfa.amsl.com> <858FBAA8-F0D5-43A0-A621-7D504AB3327A@mnot.net> <CAH_y2NEekpgDNO+OsDELarcSi3nn72gHb98L9R66TntcD9bUiQ@mail.gmail.com> <3859D490-6B6E-4C7D-A3AF-9F1CF6F69045@mnot.net> <CAH_y2NGivMoS_WSudKKM4A=Jnr6bKneJZ5zuTmWrQm=XESYdYw@mail.gmail.com> <6F9EE13B-1791-4010-8953-3172A57AC172@mnot.net> <CAHixhFqbw00FrGSrCRS1rK_HqEj8osRXtXpj+DtYmU=tqFyBkQ@mail.gmail.com> <CABkgnnWzerbs=ue3MR++0jqi5xc2Q+rczb3ad_01---LSNVnpQ@mail.gmail.com>
In-Reply-To: <CABkgnnWzerbs=ue3MR++0jqi5xc2Q+rczb3ad_01---LSNVnpQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.5.27.17]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Received-SPF: none client-ip=135.245.18.27; envelope-from=Raju.Makaraju@alcatel-lucent.com; helo=smtp-us.alcatel-lucent.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.830, RP_MATCHES_RCVD=-0.668
X-W3C-Scan-Sig: lisa.w3.org 1XKVqe-0003pu-46 f32cc277915fe52a166e86b5bc8950c9
X-Original-To: ietf-http-wg@w3.org
Subject: RE: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt
Archived-At: <http://www.w3.org/mid/E1FE4C082A89A246A11D7F32A95A17828E523970@US70UWXCHMBA02.zam.alcatel-lucent.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26695
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

+ 1

> -----Original Message-----
> From: Martin Thomson [mailto:martin.thomson@gmail.com]
> Sent: Thursday, August 21, 2014 11:55 AM
> To: Adam Rice
> Cc: Mark Nottingham; Greg Wilkins; HTTP Working Group
> Subject: Re: I-D Action: draft-ietf-httpbis-tunnel-protocol-00.txt
> 
> On 20 August 2014 21:50, Adam Rice <ricea@google.com> wrote:
> > As a client, why would I add a header to my request that is going to cause
> > the proxy to block it? What is the benefit to the user?
> 
> I'm going to give a different answer to the one Amos gave.  You can
> read the background, including the recorded discussion from the last
> IETF meeting for more on the subject.
> 
> In WebRTC, browsers will do this because they want to be good network
> citizens and sometimes that means asking nicely.  Applications don't
> get that privilege.
> 
> And this isn't always about a block/don't block binary decision.
> Sometimes the information can let the proxy make better choices about
> how it treats the data.  Realtime media over these tunnels (the
> original motivating use case) has somewhat different requirements to
> other types of traffic.  Knowledge about applications can help the
> proxy make better decisions.
> 
> As I've said privately to others when the same point was raised, the
> use of cleartext markers in the context of intermediary blocking is a
> topic that was discussed at some length when the TLS working group
> chose ALPN over NPN.  We could re-run those arguments, and I'm sure
> that we'd have a ball in the process, but that's wasteful.  This
> document really doesn't change the dynamic at all.  If you choose not
> to send this, then send ALPN, then that's just forcing the proxy to do
> extra work to discover what you are doing (i.e., it looks at your TLS
> ClientHello once the tunnel is active).
> 
> If you are suppressing ALPN, then you suppress this too.  I don't
> think that's in question.