Re: HTTP/2 extensibility <draft-ietf-httpbis-http2-17>
Martin Thomson <martin.thomson@gmail.com> Thu, 05 March 2015 18:02 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC2641A1EFD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 5 Mar 2015 10:02:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.012
X-Spam-Level:
X-Spam-Status: No, score=-7.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwsYyoEPu5FB for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 5 Mar 2015 10:02:01 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF9821A1F00 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 5 Mar 2015 10:01:59 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1YTa1s-0002rW-2z for ietf-http-wg-dist@listhub.w3.org; Thu, 05 Mar 2015 17:57:48 +0000
Resent-Date: Thu, 05 Mar 2015 17:57:48 +0000
Resent-Message-Id: <E1YTa1s-0002rW-2z@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1YTa1h-0002ql-KG for ietf-http-wg@listhub.w3.org; Thu, 05 Mar 2015 17:57:37 +0000
Received: from mail-ob0-f181.google.com ([209.85.214.181]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1YTa1g-0000Pe-JO for ietf-http-wg@w3.org; Thu, 05 Mar 2015 17:57:37 +0000
Received: by obcwp4 with SMTP id wp4so8532724obc.4 for <ietf-http-wg@w3.org>; Thu, 05 Mar 2015 09:57:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=j9bUYYxLB1yTwciho29VsbFBp0g4+oEttreNfK+XmiI=; b=JSKhVkCrB3FE8mktf1KKSSoP3h79OJvHSLRv3XAjhOgj8AqOQH+IwTwdHIa43JnqnK udG6ZDdyVZcRJP0Z48tRkthPExIKYyXTEzX0Muubxlv8A1yiKF6OJ4Dw+UjEHKc65okY zynn/4m7FJ05GoRo9KwdTKJl5b83MO+OpfPWdhmrqaQVVaDeM1ElPCdx4hTsUhyb16nE oIvbdq8LncwxCGYb/jUoB/4BqSaHedPBbpkWa2AvoIHUvcmSonH39q1riP0HD1tzJ5Ls FcXQ4YgcA25NhR7bCSbJwYky+60KCeyiSWUAC36TEGjJOLaJZe+0dCPYhnld3ie9GfIN NfzA==
MIME-Version: 1.0
X-Received: by 10.202.7.1 with SMTP id 1mr7407034oih.16.1425578230525; Thu, 05 Mar 2015 09:57:10 -0800 (PST)
Received: by 10.202.225.135 with HTTP; Thu, 5 Mar 2015 09:57:10 -0800 (PST)
In-Reply-To: <201503051255.t25Ct8YK001645@bagheera.jungle.bt.co.uk>
References: <201503051255.t25Ct8YK001645@bagheera.jungle.bt.co.uk>
Date: Thu, 05 Mar 2015 09:57:10 -0800
Message-ID: <CABkgnnVM3hoAMUj6TY0UztPUEa4=NuovEeeDmGgOr_R4JeKv2A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Bob Briscoe <bob.briscoe@bt.com>
Cc: Mike Belshe <mbelshe@chromium.org>, "fenix@google.com" <fenix@google.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.214.181; envelope-from=martin.thomson@gmail.com; helo=mail-ob0-f181.google.com
X-W3C-Hub-Spam-Status: No, score=-3.4
X-W3C-Hub-Spam-Report: AWL=-2.599, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001
X-W3C-Scan-Sig: maggie.w3.org 1YTa1g-0000Pe-JO ef0b8c147b7974973b90c41b5ce8f057
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 extensibility <draft-ietf-httpbis-http2-17>
Archived-At: <http://www.w3.org/mid/CABkgnnVM3hoAMUj6TY0UztPUEa4=NuovEeeDmGgOr_R4JeKv2A@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/28890
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Bob, Thanks for your input. Just two notes, to hopefully provide more context for this decisions on this point. On 5 March 2015 at 04:55, Bob Briscoe <bob.briscoe@bt.com> wrote: > Achieving this milestone on time has been impressive. I understand the > reasons for having to get something standardised. However, I see potential > problems. And that would be fine, but only if there were a more granular > mechanism to extend the protocol to fix it in future. This was the subject of lengthy discussion, a good part of which you won't find on the mailing list unfortunately. However, there was pretty strong consensus for the model you see before you. Basically, there is a tension between the desire to be arbitrarily extensible and the competing desires for both protocol robustness and actually finishing on time. Robustness (or robust interoperability) was considered top priority for HTTP/2, trumping even the concerns you describe, which were debated at some length. However, the general principle driving the design here was to make it very easy to detect when a peer has diverged from the well-defined core protocol. Detecting those errors immediately and failing requests and connections ensures that implementation errors do not persist long term. Instead, they get fixed. Part of the reason HTTP/1.1 is such a pain to work with is the numerous places where flexibility is permitted. Variations in HTTP/1.1 implementations have become entrenched, causing new implementations to be forced into including all the same sort of ugly hacks or risk interoperability failure. An interoperable HTTP/1.1 implementation is MUCH harder to build than it should be. Many of the implementers of HTTP/2 had experience with the pain that causes and so we were very careful to identify places where implementations could deviate (to the extent possible) and aggressively foreclose on those. You might like to think of this from another perspective: Postel's famous statement[1] is not a principle that guides protocol design, it is in fact a fatalistic observation about the effect of entropic decay of a protocol. Finally, designing good extensibility is really, really hard. It takes time. And as the saying goes, shipping is a feature. > For instance, a number of potential issues around DoS are left open. If the > protocol has to be hardened against new attacks, I believe the recommended > extensibility path is to design and implement a completely new protocol > release, then upgraded endpoints negotiate it during the initial handshake. > The timescale for such a process is measured in years, during which the > vulnerability has to be lived with. Surely we need more granular > extensibility; to introduce new frame types and structures, and/or to > deprecate outdated/vulnerable ones. I don't know what others think, but I would expect that a small, necessary change to the protocol could be deployed by those affected in much the same timescale as an extension might be. I do appreciate the fact that calling something HTTP/3 to fix a small DoS bug might *seem* drastic, but the only risk is in avoiding people with an axe to grind trying to get in other changes when you do that. (I'll also note that your concerns are largely only relevant in the presence of intermediaries, for what that is worth.)
- HTTP/2 extensibility <draft-ietf-httpbis-http2-17> Bob Briscoe
- Re: HTTP/2 extensibility <draft-ietf-httpbis-http… Martin Thomson
- RE: HTTP/2 extensibility <draft-ietf-httpbis-http… Mike Bishop
- Re: HTTP/2 extensibility <draft-ietf-httpbis-http… Ben Niven-Jenkins
- RE: HTTP/2 extensibility <draft-ietf-httpbis-http… Bob Briscoe
- Re: HTTP/2 extensibility <draft-ietf-httpbis-http… Bob Briscoe
- Re: HTTP/2 extensibility <draft-ietf-httpbis-http… Poul-Henning Kamp
- RE: HTTP/2 extensibility <draft-ietf-httpbis-http… Bob Briscoe