Re: draft-asilvas-http-push-assets-00 comments

"Aaron L. Silvas" <asilvas@godaddy.com> Wed, 13 July 2016 19:42 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADC7112D5B6 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Jul 2016 12:42:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.207
X-Spam-Level:
X-Spam-Status: No, score=-8.207 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=secureservernet.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gXVAkmRgYI1m for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Jul 2016 12:42:49 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A697212D54F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 13 Jul 2016 12:42:49 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bNPzD-0006q1-LU for ietf-http-wg-dist@listhub.w3.org; Wed, 13 Jul 2016 19:38:23 +0000
Resent-Date: Wed, 13 Jul 2016 19:38:23 +0000
Resent-Message-Id: <E1bNPzD-0006q1-LU@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <asilvas@godaddy.com>) id 1bNPz7-0006oJ-Se for ietf-http-wg@listhub.w3.org; Wed, 13 Jul 2016 19:38:17 +0000
Received: from mail-sn1nam02on0100.outbound.protection.outlook.com ([104.47.36.100] helo=NAM02-SN1-obe.outbound.protection.outlook.com) by lisa.w3.org with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <asilvas@godaddy.com>) id 1bNPyx-0000Tn-Ox for ietf-http-wg@w3.org; Wed, 13 Jul 2016 19:38:16 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=secureservernet.onmicrosoft.com; s=selector1-godaddy-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RI8xTCC/EpPJJk1yTrqV02z87WVunfNXtfOhf2Zgk30=; b=7NeHA6QnaefJbhl7glLIJe8vmTYbsElDwj3PtHAjY92htS/YXkLUZYQrUjh+mBNLK0+fKdUs78RHbdAkrJXSz65JDGxoKanEPsYdHVnAHMUSIeZQodZWXv9f07cMbP3D7ioZ1yemIvmSPFju/BLdnSxFkcx6ibuxm9f01oLdzcw=
Received: from CY1PR0201MB1594.namprd02.prod.outlook.com (10.163.140.141) by CY1PR0201MB1593.namprd02.prod.outlook.com (10.163.140.140) with Microsoft SMTP Server (TLS) id 15.1.539.14; Wed, 13 Jul 2016 19:37:39 +0000
Received: from CY1PR0201MB1594.namprd02.prod.outlook.com ([10.163.140.141]) by CY1PR0201MB1594.namprd02.prod.outlook.com ([10.163.140.141]) with mapi id 15.01.0534.022; Wed, 13 Jul 2016 19:37:39 +0000
From: "Aaron L. Silvas" <asilvas@godaddy.com>
To: Mike Bishop <Michael.Bishop@microsoft.com>, Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: draft-asilvas-http-push-assets-00 comments
Thread-Index: AQHR3KDjxhjQM3LLQEydKppVrA3W+qAWgjUmgAAaugCAACSHFA==
Date: Wed, 13 Jul 2016 19:37:39 +0000
Message-ID: <CY1PR0201MB159456F8113AAD455142EE95B2310@CY1PR0201MB1594.namprd02.prod.outlook.com>
References: <CABkgnnVVja__isnUTmn3hgbNi8B=6FhYNnzwE+hAdxuS=WOHxw@mail.gmail.com> <CY1PR0201MB1594F2DD3ED98840BC9B9A7EB2310@CY1PR0201MB1594.namprd02.prod.outlook.com>, <BL2PR03MB1905D71E920F456BB949BF4E87310@BL2PR03MB1905.namprd03.prod.outlook.com>
In-Reply-To: <BL2PR03MB1905D71E920F456BB949BF4E87310@BL2PR03MB1905.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=asilvas@godaddy.com;
x-originating-ip: [132.245.59.117]
x-ms-office365-filtering-correlation-id: edb43518-5a46-436f-19b8-08d3ab5526a6
x-microsoft-exchange-diagnostics: 1; CY1PR0201MB1593; 6:bBlniJllS+jtfEEw8Bq/lhWcLDxv+QgkinOvkhHywNWe6XeUJlj+h7l6S5UyIkL5jscpjldApzLf8c2Ab3PX6bwWlW0lWqk0e5SRxjGc5nkJwmppgqdCX3+AJsLoor6L/01nMOVaDfgZRMz+53fO7WUL898+nM4pBslX2ntvo+OJwISdmzqPY0KIUmU0BLT4/EowYtBTYEb+0ZSIaJO/jMN15cO2DMIGdfit7DEQJSMfjruyXAprrOHGIZuSE3Yx51DM+vIMt40ppitCAZGBDW8SjBwJIA5eO7lQZXuuO10pztI4MvAZZl+KKgY2OTg3JZ0vz9wrlgjDFUL27GnX3w==; 5:4Q6eJaUVPn+whCy+DAAZz+kGxkVeR55lTdFG6a7IflUiwYIxnGRTe4eZsb3CILjGSFqYm3DPuIZQf1faykFq5CYQsx5PLLbJTF9pswXkN2b36c4wEdHGb/F4vdnHCRmqlsr13aYR+AR1hemtQTTIQg==; 24:c2qX7yOMfrEc/8KOlzWNB+s0GceTW9iH8eNIWQLxqs6dvYdqNoHs0KWN4qanr1boQZ6bBmLB+QBXoOVITtIl1ygEJNYObrwJ1zCYTf1BJJE=; 7:dhEpN7TDzAwNozmV2Qv9RB8lLqC6CFKxC8X6Pb1hhBVMOdFLV0khNfGj9vX5EHFRUjDOgKj2qZOQHx+uFYBuz2PypHnhx/BjvPXIG5qWcvqbK6p8OvyQRm9jI1UooV2irD4btSSGUvrjU9zjF4T5QoAi2Squibp67RSMr6KypmjdW5VQhDReWheGlcWTyag6SA2vDKzFS99Gu4At4zCuGzYqpzAng406D84Oba7pdAJL+BGAom1LgjqH+O0mFwWK
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0201MB1593;
x-microsoft-antispam-prvs: <CY1PR0201MB1593A3A4AAA6628E4B3E21A5B2310@CY1PR0201MB1593.namprd02.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(246761809553906)(21748063052155)(21532816269658);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:CY1PR0201MB1593; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0201MB1593;
x-forefront-prvs: 000227DA0C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(189002)(51444003)(51914003)(43784003)(377454003)(199003)(81156014)(76576001)(584604001)(86362001)(2421001)(3280700002)(189998001)(9686002)(102836003)(6116002)(790700001)(16236675004)(81166006)(2950100001)(3846002)(97736004)(5001770100001)(230783001)(2906002)(19580395003)(107886002)(2561002)(1511001)(77096005)(122556002)(2900100001)(92566002)(11100500001)(87936001)(586003)(10400500002)(8936002)(74316002)(8666005)(8676002)(19300405004)(33656002)(50986999)(5003600100003)(7846002)(7736002)(7696003)(106116001)(106356001)(54356999)(76176999)(19625215002)(15975445007)(3660700001)(105586002)(101416001)(561944003)(99286002)(66066001)(19627405001)(68736007)(5002640100001)(19580405001)(18121605002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0201MB1593; H:CY1PR0201MB1594.namprd02.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: godaddy.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY1PR0201MB159456F8113AAD455142EE95B2310CY1PR0201MB1594_"
MIME-Version: 1.0
X-OriginatorOrg: godaddy.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jul 2016 19:37:39.6930 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d5f1622b-14a3-45a6-b069-003f8dc4851f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0201MB1593
Received-SPF: pass client-ip=104.47.36.100; envelope-from=asilvas@godaddy.com; helo=NAM02-SN1-obe.outbound.protection.outlook.com
X-W3C-Hub-Spam-Status: No, score=-4.7
X-W3C-Hub-Spam-Report: AWL=-0.750, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1bNPyx-0000Tn-Ox 3b999da41234ba6c114dfd2dcc68f1dd
X-Original-To: ietf-http-wg@w3.org
Subject: Re: draft-asilvas-http-push-assets-00 comments
Archived-At: <http://www.w3.org/mid/CY1PR0201MB159456F8113AAD455142EE95B2310@CY1PR0201MB1594.namprd02.prod.outlook.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31956
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

The intention of the draft is to emulate a similar behavior then if server-push was not utilized, in the way the client will not request "fresh" resources in its cache, or get 304's for unmodified resources that have unchanged. You are correct in pointing out an error in my last email -- you are correct that a 304 is sent for unchanged assets. The only time the server does not resend an a resource, is if the client indicates "no-push" for the value of the push-asset; this mimics the identical behavior of a fresh resource in cache. It's up to the client to instruct the server of what not to send.



-aaron

________________________________
From: Mike Bishop <Michael.Bishop@microsoft.com>
Sent: Wednesday, July 13, 2016 10:22:14 AM
To: Aaron L. Silvas; Martin Thomson; HTTP Working Group
Subject: RE: draft-asilvas-http-push-assets-00 comments

This seems risky (and I’m presuming you mean “if no Server Push is performed”).  The client assumes the resource is fresh if the server doesn’t push it, even if it’s showing as stale in the cache?  I’d prefer some form of positive signal, not only because it reduces the likelihood of implementation mistakes, but also because it lets the client get fresh lifetimes.  Pushing a 304 for the resource in cache seems cleaner, and still relatively cheap.

I think the fundamental new idea here is having the server proactively tag resources that it might push in the future, so the client can include only those resources in the data that it provides.

From: Aaron L. Silvas [mailto:asilvas@godaddy.com]
Sent: Wednesday, July 13, 2016 9:25 AM
To: Martin Thomson <martin.thomson@gmail.com>; HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: draft-asilvas-http-push-assets-00 comments


Thanks for the feedback, Martin. I agree the document needs work to better clarify things.



I'll attempt to address your comments here, in hopes of striking further conversation on the topic.



"Push-Assets" is the only request header; required only if the client wishes to enable the full HTTP/2 Push-Assets flow as outlined in the draft. If the server does not support/understand the header, it is benign. This allows the client to inform the server of its cache state, for push-enabled assets only (unlike Cache Digest HTTP/2 proposal which sends everything). This header includes the exact state of each of these resources, as if they were individually requested, and thus supports existing etag and last-modified headers. Not only will the server know what resources the client does and does not have, but it will also know which resources are simply out of date and must still be pushed. The server won't even need to send a 304 (Server Push) response for unmodified resources, as the server knows the state of the clients push-enabled assets, and the client can assume "no change" if Server Push is performed on the given resources. This effectively means that the server will only ever send what is missing or changed, no more, no less.



Example (requests only to keep length of email to a minimum):



  GET /page1

  Push-Assets: *



  GET /page2
  Push-Assets: md5(shared-resource1.js)=etag(123456)



"Push-Asset-Key" is an optional response header. It allows the server to "name" a resource, allowing it to renamed at a later time without worry of having to refetch unnecessarily. By default, the "key" of every resource is the URI Path, minus any querystring parameters.



"Push-Asset-Key" is also a required PUSH_PROMISE header, which is likely part of the confusion. Being a PUSH_PROMISE is essentially the server delivering a request on its behalf, this header field informs the client that this resource should be tracked as a "Push-Asset" (aka push-enabled). The key itself is what uniquely identifies the resource, and will typically be the URI Path of the resource, minus querystring parameters, but in MD5 form. The client will only ever provide client cache state of resources that have responded with this header field, as they are "push-enabled". This gives the server control of what state it should or should not track for the purpose of Server Push resources.



"Push-Asset-Match" is an optional response header. This effectively allows the server to inform the client that a given resource is only used within specific "buckets" of matching URI's. This is especially useful for large or complex domains, such as CDN's, or other multi-app-per-domain scenarios.





I'll continue to collect feedback, and especially suggestions, and update the next draft accordingly. Thanks again for the interest.







-aaron

________________________________
From: Martin Thomson <martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>>
Sent: Tuesday, July 12, 2016 5:52:49 PM
To: HTTP Working Group; Aaron L. Silvas
Subject: draft-asilvas-http-push-assets-00 comments

First, I think that there is an interesting idea hidden in here.  It
could be that it's complementary to the more generic digests idea.

However, I found it impossible to determine how this document is
claiming to achieve its stated goals.  None of the examples include
header fields, which would have gone a long way to explaining this.
The new header fields don't really say what each is used for.  That
leaves me guessing about how this fits together.

Here's my best guess, though I have to confess that I can't connect
this to what Section 4 says:

On request N.  A server provides a new header field with responses
that create a secondary identifier for resources.  I'm really guessing
here, but I assume that unlike etag, this header field includes a
value that is the same for a group of resources.

On request >N. Clients include a new header field with requests that
controls what is pushed.  If it includes '*', then everything is
pushed.  If it includes 'no-push', then nothing is pushed.  If it
includes a list of these new push-asset-keys, then anything matching
those keys is not pushed.

Based on this, I'm fairly certain that I don't understand the
proposal, because this design doesn't require both Push-Asset-Key and
Push-Asset-Match header fields.  I'm clearly missing something.

I did start to look at the code, but without a better overview of what
it aims to achieve, I'm afraid that I'm not going to get much from it.