Re: draft-ietf-httpbis-client-hints-00 feedback
Ilya Grigorik <igrigorik@gmail.com> Wed, 30 March 2016 02:44 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1444212DC75 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Mar 2016 19:44:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.03
X-Spam-Level:
X-Spam-Status: No, score=-7.03 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y9TCptF_HMcH for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Mar 2016 19:44:40 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CEAC12DC73 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 29 Mar 2016 19:44:40 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1al62K-0006iv-CM for ietf-http-wg-dist@listhub.w3.org; Wed, 30 Mar 2016 02:39:12 +0000
Resent-Date: Wed, 30 Mar 2016 02:39:12 +0000
Resent-Message-Id: <E1al62K-0006iv-CM@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <igrigorik@gmail.com>) id 1al62A-0006hO-Is for ietf-http-wg@listhub.w3.org; Wed, 30 Mar 2016 02:39:02 +0000
Received: from mail-vk0-f46.google.com ([209.85.213.46]) by lisa.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <igrigorik@gmail.com>) id 1al627-0003mZ-6r for ietf-http-wg@w3.org; Wed, 30 Mar 2016 02:39:01 +0000
Received: by mail-vk0-f46.google.com with SMTP id e6so43867068vkh.2 for <ietf-http-wg@w3.org>; Tue, 29 Mar 2016 19:38:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=LBagPnCaWKVTSiqGqI0O4i3KPpJrgYk37EBrUpmK00E=; b=ZEkZCK9y1FLnLSBjJ0antar55TFr4DkzHmIkayjPhQXFDtjp9h4piq6uPg+L0nnW10 nWQJnoGoY/VNtawZJ5mNa6+wAUOuDP8IMGfw7KwYGiCCXBdClljZkL2GuhotxgmclU+u 6Q5Vn1YISrNiClByAlnDB220VSeok6w7vRMXGOQ/JAZ77L41UdOZpqbPUY+hZcOdXlBe HUk29XdQ2DPYKiJUAzwtj2QTgf2u5KbWGlYDRHzQ4kKE4KoxEYWQqFbYhuFGyDX8kf60 pMjcThI3QUR/VJ1q6OfkNffaXLDrptWMNeTP45DmVWwzmBIvUSujTJwukzxlEovvWSEU JgIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=LBagPnCaWKVTSiqGqI0O4i3KPpJrgYk37EBrUpmK00E=; b=UfA4/uU6/SMd2vew0TLCqXfuBk4pphme9MuNo9AUKuD0IkjuFRp4ey2Cz9vJDV2NTw 51WRm9UKvcIZInCK3Y+bI0jI/g7f1f7Dv39UNGOIyTGyk+6gO1+4OGqiSYyD9YUtxzrH Ek1AThVmhub+h6+OgUZsOMawDQPVYpMlvyKGozTswMWVSTesO7+wOSWBzouz1qKEZS7G embFqnOH1S0BRIfhYMORj8cXVzS5sShoe3Zb68JMc8b0TogvYZ7xTxmgUGvomym1tT8j U58NsLknDbaGJWuBGAP4aVkdTiSo1FdIK/Cv58fifCQxC62Zik/XRkI23O5zsRQJjCO7 6WGg==
X-Gm-Message-State: AD7BkJIBGuRqVDoCGZfcILotBAmGFPGsek+pg34dIsHBmH7rjIG21C5gj4Rs8z60rvwE8oixF94ncOpc1jKi6Q==
X-Received: by 10.31.58.193 with SMTP id h184mr3589562vka.111.1459305513126; Tue, 29 Mar 2016 19:38:33 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.32.68 with HTTP; Tue, 29 Mar 2016 19:37:53 -0700 (PDT)
In-Reply-To: <56FACBA5.10805@gmx.de>
References: <56FACBA5.10805@gmx.de>
From: Ilya Grigorik <igrigorik@gmail.com>
Date: Tue, 29 Mar 2016 19:37:53 -0700
Message-ID: <CAKRe7JG+tbZMoQ4bu9y51QzEfMG3dGeFtdz6ZY1yeu_NZpM-gA@mail.gmail.com>
To: Julian Reschke <julian.reschke@gmx.de>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a1143ff70ba9339052f3b0aae"
Received-SPF: pass client-ip=209.85.213.46; envelope-from=igrigorik@gmail.com; helo=mail-vk0-f46.google.com
X-W3C-Hub-Spam-Status: No, score=-6.0
X-W3C-Hub-Spam-Report: AWL=-0.291, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1al627-0003mZ-6r 7db7a1b0b697cd47e7f879b7fdae4df2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: draft-ietf-httpbis-client-hints-00 feedback
Archived-At: <http://www.w3.org/mid/CAKRe7JG+tbZMoQ4bu9y51QzEfMG3dGeFtdz6ZY1yeu_NZpM-gA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31361
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Julian. On Tue, Mar 29, 2016 at 11:38 AM, Julian Reschke <julian.reschke@gmx.de> wrote: > > (I'm happy to provide pull requests for the nits...) > And I'm happy to accept them! :-) I've started a branch with a bunch of fixes, please feel free to update that or make a pull against it: https://github.com/httpwg/http-extensions/pull/163 Once we're happy, we can squash and land it. > Abstract > > An increasing diversity of Web-connected devices and software > capabilities has created a need to deliver optimized content for each > device. > > This specification defines a set of HTTP request header fields, > colloquially known as Client Hints, to address this. They are > intended to be used as input to proactive content negotiation; just > as the Accept header allows clients to indicate what formats they > > NIT: s/header/header field/ (multiple times in document) > Ack. > prefer, Client Hints allow clients to indicate a list of device and > agent specific preferences. > > The spec should be clear whether it's about *clients* or *user agents* (I > believe it is about user agents, right?) > I don't think we want to restrict it to "user agents", even if that's the primary and motivating use case. For examples, apps are another consumer. I guess we should clarify that in the intro, which is currently very UA-focused. > 2. Client Hint Request Header Fields > > This document defines a selection of Client Hint request header > fields, and can be referenced by other specifications wishing to use > the same syntax and processing model. > > NIT: true, but there doesn't seem to be a common syntax after all. A > leftover from earlier versions? > Ack. > > 2.1. Sending Client Hints > > Clients control which Client Hint headers and their respective header > fields are communicated, based on their default settings, user > > That really doesn't parse... > I think we'll address this via: https://github.com/httpwg/http-extensions/issues/156 > configuration and/or preferences. The user may be given the choice > to enable, disable, or override specific hints. > > Please avoid lowercase RFC2119 terms. In this case, "can" seems to be > right. > The client and server, or an intermediate proxy, may use an opt-in > mechanism to negotiate which fields should be reported to allow for > efficient content adaption. > > Same here. > Ack. 2.2. Server Processing of Client Hints > > Servers MAY respond with an optimized response based on one or more > received hints from the client. When doing so, and if the resource > > No need for a MAY here. It's a statement of fact. > Ack. > > Further, depending on the used hint, the server MAY also need to emit > additional response header fields to confirm the property of the > > ...can... > Ack. > response, such that the client can adjust its processing. For > example, this specification defines "Content-DPR" response header > field that MUST be returned by the server when the "DPR" hint is used > to select the response. > > Please have the normative requirement just once (down where DPR is > defined). > Ack. > When a client receives Accept-CH, it SHOULD append the Client Hint > headers that match the advertised field-values. For example, based > on Accept-CH example above, the client would append DPR, Width, > Viewport-Width, and Downlink headers to all subsequent requests. > > Not sure whether really is a SHOULD. Is a client that chooses to implement > only one of the hints in violation of the spec? > No, we should fix that as part of https://github.com/httpwg/http-extensions/issues/156. > 2.2.2. Interaction with Caches > > When selecting an optimized response based on one or more Client > Hints, and if the resource is cacheable, the server MUST also emit a > Vary response header field ([RFC7234]) to indicate which hints were > used and whether the selected response is appropriate for a later > request. > > (see above) > Ack. > > Vary: DPR > > Above example indicates that the cache key should be based on the DPR > header. > > s/should be based/needs to include/ > Ack. > Client Hints MAY be combined with Key ([I-D.ietf-httpbis-key]) to > enable fine-grained control of the cache key for improved cache > efficiency. For example, the server MAY return the following set of > instructions: > > s/MAY/can/ > Ack. > 3. The DPR Client Hint > > The "DPR" header field is a number that, in requests, indicates the > client's current Device Pixel Ratio (DPR), which is the ratio of > physical pixels over CSS px of the layout viewport on the device. > > What does it mean in responses then? It might be simpler to say "request > header field" (this applies to most of the definitions) > Ack. > Also include a reference to "CSS px". > > DPR = 1*DIGIT [ "." 1*DIGIT ] > > If DPR occurs in a message more than once, the last value overrides > all previous occurrences. > > It might be good to state that it's invalid to include it multiple times > (applies to most definitions). > Any suggestions on language for this? > Content-DPR = 1*DIGIT [ "." 1*DIGIT ] > > DPR ratio affects the calculation of intrinsic size of image > resources on the client - i.e. typically, the client automatically > scales the natural size of the image by the DPR ratio to derive its > display dimensions. As a result, the server must explicitly indicate > the DPR of the selected image response whenever the DPR hint is used, > and the client must use the DPR value returned by the server to > perform its calculations. In case the server returned Content-DPR > > These are MUSTs, right? > > value contradicts previous client-side DPR indication, the server > returned value must take precedence. > > Same here... > Ack. > Note that DPR confirmation is only required for image responses, and > the server does not need to confirm the resource width as this value > can be derived from the resource itself once it is decoded by the > client. > > As we have a normative requirement here, we probably need to state what an > "image resource" exactly is. > Image content-type? Do we have this defined anywhere? > 4. The Width Client Hint > > The "Width" header field is a number that, in requests, indicates the > resource width in physical px (i.e. intrinsic size of an image). The > provided physical px value is a number rounded to the largest > smallest following integer (i.e. ceiling value). > > > Width = 1*DIGIT > > If the resource width is not known at the time of the request or the > resource does not have a display width, the Width header field may be > omitted. If Width occurs in a message more than once, the last value > overrides all previous occurrences. > > It took me some time to understand that this is the width the user agent > intends to use to display the resource. Maybe this could be rephrased. > Hmm, no. Physical width != display width. For example, on a "2x" screen a 100 (CSS) px resource has an intrinsic size of 200px. FWIW, this language follows CSS spec, and I'd prefer to keep it aligned. > > 8. Examples > > For example, given the following request headers: > > > DPR: 2.0 > Width: 320 > Viewport-Width: 320 > > The server knows that the device pixel ratio is 2.0, that the > intended display width of requested resource is 160 CSS px (320 > > s/of/of the/ > Ack. > 9. Security Considerations > > Client Hints defined in this specification do not expose any new > information about the user's environment beyond what is already > available to, and may be communicated by, the application at runtime > via JavaScript - e.g. viewport and image display width, device pixel > ratio, and so on. > > However, implementors should consider the privacy implications of > various methods to enable delivery of Client Hints - see "Sending > Client Hints" section. For example, sending Client Hints on all > > Section #... > > requests may make information about the user's environment available > to origins that otherwise did not have access to this data (e.g. > origins hosting non-script resources), which may or not be the > desired outcome. The implementors may want to provide mechanisms to > control such behavior via explicit opt-in, or other mechanisms. > Similarly, the implementors should consider how and whether delivery > of Client Hints is affected when the user is in "incognito" or > similar privacy mode. > > (may, should, etc...) > Ack. > > 10. IANA Considerations > > o Header field name: DPR > o Applicable protocol: HTTP > o Status: standard > o Author/Change controller: IETF > o Specification document(s): [this document] > > ...insert section # (applies to all definitions) > Hmm, does our tooling allow us to auto-generate these? =/ > 11. Normative References > > [I-D.ietf-httpbis-key] > Fielding, R. and m. mnot, "The Key HTTP Response Header > Field", draft-ietf-httpbis-key-00 (work in progress), > October 2015. > > ...the autogenerated ref is broken :-) > @mnot: what should that be? --- Phew. Thanks for the thorough review!
- draft-ietf-httpbis-client-hints-00 feedback Julian Reschke
- Re: draft-ietf-httpbis-client-hints-00 feedback Ilya Grigorik
- Re: draft-ietf-httpbis-client-hints-00 feedback Matthew Kerwin
- Re: draft-ietf-httpbis-client-hints-00 feedback Ilya Grigorik