IETF Logo Mail Archive

Artart last call review of draft-ietf-httpbis-compression-dictionary-16

Darrel Miller via Datatracker <noreply@ietf.org> Sun, 25 August 2024 19:52 UTC

Received: by ietfa.amsl.com (Postfix) id 54C72C14CF18; Sun, 25 Aug 2024 12:52:57 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FC3BC14F74E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 25 Aug 2024 12:52:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.76
X-Spam-Level:
X-Spam-Status: No, score=-2.76 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="n1YGend3"; dkim=pass (2048-bit key) header.d=w3.org header.b="FGXm3QBb"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgxtasHUAHpG for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 25 Aug 2024 12:52:56 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2CB2C14F68D for <httpbisa-archive-bis2Juki@ietf.org>; Sun, 25 Aug 2024 12:52:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Date:Reply-To:Message-ID:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=sLcSTPpCYI+CzDgXWJPMMxRWR1QF9mrZ66Ep84yYteU=; b=n 1YGend3JofrwgGp0TIkHcYAso9xIEEB9zp/bPrf2xNMO7l1wQrVKUiC1+fJmTRoAFmcKiucVc65hG 2Fpu4mRTXOK3ZA6AqDcNVCLpTgk+gZHVMPcPbSi4hefC5CXBpDVvMRJciG9YaQlqQGm5Xj8bZbc25 Lp/w+Tn8f8ksg1RFk7Ddi4D21KjTenx4MBW6kd+Uz50pkwl4MHh/D93DIpJ8r0+TsI4E9vb1O7DLy s4EtouEHROHqIfcaN2BX3BoG2NU2gx1EWIEPjKDg9JZs+1YCgmnI+yzp1ZHbbUhAvSapPh2NgOh+w oi3Y7ODoWthQ5zoIVRbb2EShiKJ0dCXEQ==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1siJHD-00FvVp-12 for ietf-http-wg-dist@listhub.w3.org; Sun, 25 Aug 2024 19:51:51 +0000
Resent-Date: Sun, 25 Aug 2024 19:51:51 +0000
Resent-Message-Id: <E1siJHD-00FvVp-12@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <noreply@ietf.org>) id 1siJHA-00FvUs-39 for ietf-http-wg@listhub.w3.internal; Sun, 25 Aug 2024 19:51:48 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Date:Reply-To:Message-ID:Subject:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=sLcSTPpCYI+CzDgXWJPMMxRWR1QF9mrZ66Ep84yYteU=; t=1724615508; x=1725479508; b=FGXm3QBb3qqGQjlbk2qH4Bv8s+emgzXoLVtPtHyRFTpCNJk 8mukumwvhbNO2RaMe9xcBpZROlf3/zizwH4hQTlVRSrIfn36b5W72+nQMCslZ+rDdCaQUNHFN6ZM5 KDCLpLVgeg8OleveRMxIK4UZaXQH9l6SSuLIcStRRndSSAvAPe6uXHhYX/bUcuv0YD1mNr6xbMOKi chPmXiKuhKNprh6gccATZV5vc8q02F90m17sjBObOhGV7PRbOGWhli8yDYwiMRdNjjU4x9qlsqNZv y8H1TDS3syK8ZWu8K7IgjsdmqeN0KFQEawnxTQnm5GUFczgDHCnByeOuWE/WXi6A==;
Received-SPF: pass (puck.w3.org: domain of ietf.org designates 50.223.129.194 as permitted sender) client-ip=50.223.129.194; envelope-from=noreply@ietf.org; helo=mail.ietf.org;
Received: from mail.ietf.org ([50.223.129.194]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <noreply@ietf.org>) id 1siJHA-00FNxb-1E for ietf-http-wg@w3.org; Sun, 25 Aug 2024 19:51:48 +0000
Received: from [10.244.2.19] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 5D74FC14F69F; Sun, 25 Aug 2024 12:51:44 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Darrel Miller via Datatracker <noreply@ietf.org>
To: art@ietf.org
Cc: draft-ietf-httpbis-compression-dictionary.all@ietf.org, ietf-http-wg@w3.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.22.1
Auto-Submitted: auto-generated
Message-ID: <172461550400.473980.2265812376540454212@dt-datatracker-584cd6c8dd-fvr2f>
Reply-To: Darrel Miller <darrel@tavis.ca>
Date: Sun, 25 Aug 2024 12:51:44 -0700
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DMARC_PASS=-0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1siJHA-00FNxb-1E 5093853e525ef14b64af17490cf17286
X-Original-To: ietf-http-wg@w3.org
Subject: Artart last call review of draft-ietf-httpbis-compression-dictionary-16
Archived-At: <https://www.w3.org/mid/172461550400.473980.2265812376540454212@dt-datatracker-584cd6c8dd-fvr2f>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52237
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Reviewer: Darrel Miller
Review result: Almost Ready

I am the assigned Art-ART reviewer for this draft. The General Area
Review Team (Art-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

In general this document is well written and its value is clear from the use
cases provided. I think capability has the potential to have a significant
impact on the HTTP API ecosystems as well as browser user agents.

I do not see any major issues with the document as written, but there are some
areas that I think could be improved to address a broader audience.

## 1.  Introduction

It states that the document registers media types for content encoding Brotli
and Zstandard, however there are no media type registrations in the document. 
There are however registrations for content encoding values.

### 1.1.2 Common Content

The example suggests that the first request returns app.v1.js which is from the
previous example.

### 2.1.1 match

It is concerning that a feature such as this requires taking a dependency on
the URL Pattern specification which is a living standard. In the HTTP API
space, there are many user agents that are not browsers, that will need to
implement URL Pattern and that specification could change at any time.  It
would be much preferable if this specification could take a snapshot of the
current URL Pattern behavior and define that in this specification.

### 2.1.2 match-dest

It is unclear why match-dest would not be a IANA registry of values that are
seeded with the values from the Fetch specification. This would allow for
values to be added to the registry in order to support the same concept in
different user agents that do not use the Fetch specification.  It seems
strange to only allow this feature to be used if the Fetch specification is
being used to make requests. Is the destination feature not useful to a broader
audience?

### 2.1.4 type

It is not obvious what the value of this property is.  It has only one value
"raw", which is the default value which is described as an "unformatted blob of
bytes". It is stated that if a client receives a dictionary of a type that it
does not understand, it must not use the dictionary. But type has only one
value. How can any other value be returned and be compliant with this
specification? There is no described mechanism of how other values for type
could be introduced.

Said another way, what is lost if we drop this section 2.1.4 completely?

#### 2.1.5.2 versioned directories

The use of the term directory here seems to be making some assumptions about
the implementation. Would the more generic term "segment" be more appropriate?

### 2.2.2 Dictionary URL matching

The first paragraph infers that both "match" and "match-dest" strings are
stored with the dictionary. However, "match-dest" is indicated as optional in
the Use-As-Dictionary header.  Is it required that the client maintain the
match-dest as an empty array of strings if not provided by the server?

Is the provided algorithm normative?  The reason I ask is because the paragraph

> Dictionaries MUST have been served from the same Origin (Section 4.3.1 of
[HTTP]) as the outgoing request to match.

and the following steps seem duplicative.

> Let BASEURL be the URL of the dictionary request.
> Let URL represent the URL of the outbound request being checked.
> If the Origin of BASEURL and the Origin of URL are not the same, return FALSE.

Is it sufficient to read the prose to understand all the constraints, or is it
necessary to read the algorithm as well?

#### 2.2.2 step 7

The instructions suggest to run the "test" method.  Looking at the URL Pattern
specification it is not immediately clear what the behaviour of the "test"
method is. There is a test method defined in some IDL, but it does not
reference any defined behaviour.  Looking at the section "High Level
Operations" it might be reasonable to assume that the "test" method implements
the "match" operation.  It would be helpful to clarify this in the
specification.

## 6

> When a compression dictionary is available for use for a given request,

The wording here suggests that a compression dictionary may be usable for
compressing a request payload. It is my understanding that is not the case. 
Perhaps the wording could be changed to "When a compression dictionary is
available for use compressing the response to a given request,"?

Thanks,

Darrel

v2.38.3 | Report a Bug | By Email | System Status