Re: New Version Notification for draft-nottingham-site-wide-headers-01.txt

Martin Thomson <martin.thomson@gmail.com> Fri, 25 November 2016 00:59 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D8C0129CB0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 24 Nov 2016 16:59:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.998
X-Spam-Level:
X-Spam-Status: No, score=-7.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QFokl7XJZXF6 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 24 Nov 2016 16:59:39 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDA1412A0F6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 24 Nov 2016 16:57:07 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cA4mE-0001uC-3s for ietf-http-wg-dist@listhub.w3.org; Fri, 25 Nov 2016 00:54:06 +0000
Resent-Date: Fri, 25 Nov 2016 00:54:06 +0000
Resent-Message-Id: <E1cA4mE-0001uC-3s@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1cA4m7-0001sn-QP for ietf-http-wg@listhub.w3.org; Fri, 25 Nov 2016 00:53:59 +0000
Received: from mail-qt0-f175.google.com ([209.85.216.175]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <martin.thomson@gmail.com>) id 1cA4m1-0005gQ-Ot for ietf-http-wg@w3.org; Fri, 25 Nov 2016 00:53:54 +0000
Received: by mail-qt0-f175.google.com with SMTP id p16so52971936qta.0 for <ietf-http-wg@w3.org>; Thu, 24 Nov 2016 16:53:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cAPogxQ9SdkgRseH1I7WLsD0kV389Dztymnz79alqdA=; b=sHX2cbkBzTyrP7g9ynpuloiFLv9/QZzIyOBPL4zdJs8yRJGBhum099vM8IkbpW3Q+L rpVqDSwPdUpXT0OrWtxU7aVxH3ww7hsHG8vBISUFtR6pi2/QRaJhiY1ey/H6auzUqXFf YBTlr+s0xrxjZoXgP7WLpfnXfSdIscdq1PGalrql5N2mLzff69x59Mk7Swprgp9BSrFM 27HG9QmYFToc0WjYO7i7ZxAYgRWAd+Zbr6WVxW5sVLJAmfOP/CxHeuD5JicOb6I1BdOr vPQFcp0lM7RKxP0P2r7P2TdOpWoVeIQkH23I8VIWkfi+dYrZtgMW4IE9rv+18MCRI6Ej a74Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=cAPogxQ9SdkgRseH1I7WLsD0kV389Dztymnz79alqdA=; b=CPWhb1BZupsacs9tlqkwXeK2a7sicildyilYaRDr91laPMotyX9EzEC7SjDDnRWanx LhOlVrDZdNzJEJIFRGy7cMvp2evUbgCzQC8ce3wncQo/ylO/1E6jYe8Isf+mH087VFXK 5FcQkHCmeqfPU6qubByYKDcMCET+zZGvUXAE9kUj2fKncqeSfBiUVBY7J2+Iz3WpM25H J7lj5W0pXD4+f8E7hwZ9rZ1YUv5rVbojSc4+ufNm5flSSyN66Ae63XRv8FYjQVR+nrrg nV2lOnIC1raj/rZIO0N6rbx32jwrtY34mTzHSt6JIp5Roan8vd29AXsyqtBjpUiQS65v bvjg==
X-Gm-Message-State: AKaTC02nCt5cR2cHL2pvRco7E6NUaZdL6YnCvnMg4CjwmZ/fTWrMLUtO0sE5zXBMsgwWffM3jRHR4we29zNXbw==
X-Received: by 10.200.44.27 with SMTP id d27mr4888542qta.278.1480035207340; Thu, 24 Nov 2016 16:53:27 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.85.101 with HTTP; Thu, 24 Nov 2016 16:53:26 -0800 (PST)
In-Reply-To: <CAKXHy=d18Zy-khibw78iC5i=8iOu2v_M2VS_aKV2jOexp8=gBg@mail.gmail.com>
References: <147995400666.32746.15867339667353417986.idtracker@ietfa.amsl.com> <FCDFC352-5D68-456F-AFF4-39E9E1697AF2@mnot.net> <CAKXHy=d18Zy-khibw78iC5i=8iOu2v_M2VS_aKV2jOexp8=gBg@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 25 Nov 2016 11:53:26 +1100
Message-ID: <CABkgnnW2+ewi=YViiNqJgne2WFApEEasje3wwU5RsvEBmNPMjg@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, "Emily Stark (Dunn)" <estark@google.com>
Content-Type: text/plain; charset=UTF-8
Received-SPF: pass client-ip=209.85.216.175; envelope-from=martin.thomson@gmail.com; helo=mail-qt0-f175.google.com
X-W3C-Hub-Spam-Status: No, score=-6.1
X-W3C-Hub-Spam-Report: AWL=0.102, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cA4m1-0005gQ-Ot 2676c089f152c380ed318015ac9ac18d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-site-wide-headers-01.txt
Archived-At: <http://www.w3.org/mid/CABkgnnW2+ewi=YViiNqJgne2WFApEEasje3wwU5RsvEBmNPMjg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33003
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 24 November 2016 at 20:33, Mike West <mkwst@google.com> wrote:
>> Prettier (and latest) version available at:
>>   https://mnot.github.io/I-D/site-wide-headers/
>
>
> Thanks for the update, Mark! It seems like we agree on broad strokes: a
> well-known resource defines a set of things for an origin. Clients can
> preemptively grab that resource, or a server can push it down. I'm confident
> in that model, and I expect we'll be able to work out the details. :)

I think that setting these two proposals against each other is
creating fun where no fun is really needed.

I'm of the opinion that a well-known global resource (or set of
resources, because we're already there) that contained specific and
precise policies about an origin is valuable.  As Mike points out,
there are things that you can say more clearly when you aren't
constrained by saying something about a specific HTTP response.
That's a principled position that I can respect.

At the same time, we need to deal with the fact that we've got a bunch
of per-response header fields that are gradually proliferating.  At
some level, we're basically just looking for some better compression
(as Mark's draft points out, HPACK is pretty close to good enough for
this purpose).

The HTTP header fields stuff in Mike's draft is abominable.  I think
that Mark is much closer to an approach that will deploy successfully
for stuff that we currently have - at least in the short term.

Where the tension seems to come from is that all the existing stuff is
basically stuck in header fields for the foreseeable future.  That's
unpleasant, because even if we were to define principled equivalents
in terms of Mike's draft, then we're still stuck supporting header
fields indefinitely.  It makes the work to define the principled thing
much less appealing, because now you have two mechanisms to do the
same thing with all the duplication and conflicts that come from that.

(And hey, sorry for making this all personal by using names to
identify drafts, I'll try harder next time.)