Compression Dictionary follow-up from IETF 119
Patrick Meenan <patmeenan@gmail.com> Sun, 24 March 2024 18:57 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 465CEC151075 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Mar 2024 11:57:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.858
X-Spam-Level:
X-Spam-Status: No, score=-2.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="EWmiA2rJ"; dkim=pass (2048-bit key) header.d=w3.org header.b="K+Jw19Zi"; dkim=pass (2048-bit key) header.d=gmail.com header.b="dK8p4Fr6"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PsMpNDFYwu-W for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Mar 2024 11:57:44 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07A11C151072 for <httpbisa-archive-bis2Juki@ietf.org>; Sun, 24 Mar 2024 11:57:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:To:Message-ID:Date:From:MIME-Version:Cc:Reply-To :In-Reply-To:References; bh=jVrKPxGBm9uH/+79WvUb+4omaJ/s9vdGkRdGCx0RwE4=; b=E WmiA2rJNb7xfYp0BaEz0/8jWa1rLGobB1eRl8q6NFoOrBGCobNl8foueiy7zqF6QiNnPCGKbkOs8Y LeUNjijtQb9iLgqWdGfUST3bIWB5S4ik/z7mt8VJV+3Rbq5EuXFVCthFbxf95iN1/HNZAY7Z81t2y DQqRklB9iXzNIliZqQbAqRUHMugm3c2Ujb0hxTPkQRYQtBmbhFIefr3ajLE6cc0tmv4KauUyV1Ws8 nI8ec/NaJxYR+gAz6OdDXPIcdxcgGaW5uhmkxoYnKvh9PGD0wC4xXy8SeAO7u587SytBlz6Wyg6mf 0Nr/v7wHu8jO9LStu66o+QAu9E6oDGydQ==;
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1roT2A-00EkKx-G8 for ietf-http-wg-dist@listhub.w3.org; Sun, 24 Mar 2024 18:57:30 +0000
Resent-Date: Sun, 24 Mar 2024 18:57:30 +0000
Resent-Message-Id: <E1roT2A-00EkKx-G8@lyra.w3.org>
Received: from puck.w3.org ([34.196.82.207]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <patmeenan@gmail.com>) id 1roT28-00EkJq-Gy for ietf-http-wg@listhub.w3.org; Sun, 24 Mar 2024 18:57:28 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:To:Subject:Message-ID:Date:From:MIME-Version:Cc:Reply-To :In-Reply-To:References; bh=jVrKPxGBm9uH/+79WvUb+4omaJ/s9vdGkRdGCx0RwE4=; t=1711306648; x=1712170648; b=K+Jw19ZiTHGKbUzsHUdtRN3aaFI/02ewuwceJ59elblyd2c iMMZ0r5ek8EA2x32++4Mzd6O3ZlcderZH3xjzxLi6sRXpe+3SdmJ5c6SimdcdlmNW+rGxfRI6k/t0 64neTwb/pyBT89ZWOnZzNi5SC8xi3yeCs8Pr7kYtzUldzdj15ia+BO/61bwYxhtsx/Z4hO2Ge1sCq ObNX+BlCcgKF59TGz+ISQvyGiictT4WohZ6KT9H/QJ4VRnft4IZtHbUd4+kgDcivRlrdvG/sqMPYW ywNt4vhz9gtKQ4pRdpAA/Yu9ZdPvIj/xi2AasZDXwS9NkOM7GNSaTESu2TGuspvA==;
Received-SPF: pass (puck.w3.org: domain of gmail.com designates 2a00:1450:4864:20::22f as permitted sender) client-ip=2a00:1450:4864:20::22f; envelope-from=patmeenan@gmail.com; helo=mail-lj1-x22f.google.com;
Received: from mail-lj1-x22f.google.com ([2a00:1450:4864:20::22f]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <patmeenan@gmail.com>) id 1roT27-00BP27-2j for ietf-http-wg@w3.org; Sun, 24 Mar 2024 18:57:28 +0000
Received: by mail-lj1-x22f.google.com with SMTP id 38308e7fff4ca-2d24a727f78so41541771fa.0 for <ietf-http-wg@w3.org>; Sun, 24 Mar 2024 11:57:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711306643; x=1711911443; darn=w3.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=jVrKPxGBm9uH/+79WvUb+4omaJ/s9vdGkRdGCx0RwE4=; b=dK8p4Fr6t0uwx11saqwE46ADx0s/mlccoZW82QVluQxPFFe1Vp3pp4fSH+2jOhR0Yp 4XIO6lTHsEOePjezY+8cth73vBdatG3MlyLTOa0+2Fy+Vqs8fH3xw7Jy7CKUsDEOgoXy vZmVRy6oWJ4OSqVbIN2bWeNv+skYvDPBZ7Jzb+h2mxheQtlbV7jJJlnMp7WaZrDN4S3L P6WGgElIOiTuWymdMXOcwxa4Hs0A1F9l7P2nHLvl3hCqt6GGKtXMeSt9OGIuomytif4y 39BXZgwcUYu/fjIEJG38J87anVm4tHsolFa5t76WN9NV4ghbrTJBHQBiuz2dy8tdWJ6r 3O2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711306643; x=1711911443; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=jVrKPxGBm9uH/+79WvUb+4omaJ/s9vdGkRdGCx0RwE4=; b=V63f83f22zB2WKUC2D4iv0skrcJZg8Zs+5Z/6Jc6vR8uQPdllz/7lW6XyFoYM0lvBi SCgcUx460cIYV69aRbRL1pBUeRJQZ1rdNbjL+JUXYgJ83VHXOPPtuRQluKO29p689Usr kKgfulz6py+UcmhSVoC51+Oi8OFxfp/rfgBT3dJD05uXRpWbVTdZocKS0q5O+vOO2YeA lrJcd38sGMPS2JwKgSGqVMxS+63gNiWMx54tbz1slX7OmM+sX47fY5lM0ZW2MaGWEr8F 58E2cGF/PhavuG6r7fvCP2FoUIrGg1U4KHMjB0z7K7+clcHW8enY/dgyFhyM+FhBQJNr 2MLA==
X-Gm-Message-State: AOJu0YyuU7gtl8xWkd/b3DuLYBPVul2k/Gcbj83XNKr2sayXD5wtYaDj kYO4qZqDBY0EOkKhnteVElnYitL+ZFGKvL3rxlhLVg7j/tt6WX8eMEwXe0L2oywybLNdXyRHs6m 6onKNriFTDwp/N4Xfjfv1E8etFWx6yJC/
X-Google-Smtp-Source: AGHT+IG24ISTU58UgmclJ6lMKgx6ZSpPBs7/ZNrNEWm+S/SJ6k4Q0X+FlIzoFkYe4LmspGpTHPCeJAhim9oB5MZKlZo=
X-Received: by 2002:a19:3804:0:b0:515:9c73:e2a4 with SMTP id f4-20020a193804000000b005159c73e2a4mr2873295lfa.56.1711306642978; Sun, 24 Mar 2024 11:57:22 -0700 (PDT)
MIME-Version: 1.0
From: Patrick Meenan <patmeenan@gmail.com>
Date: Sun, 24 Mar 2024 14:57:11 -0400
Message-ID: <CAJV+MGzO5XLMkRJFXBGzmJHQtHq-MBQfOPNFRyPfX8D0uzJV-Q@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000008e82f606146ca0ed"
X-W3C-Hub-DKIM-Status: validation passed: (address=patmeenan@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1roT27-00BP27-2j f813746c68416f27a10ae2e82e4e10b0
X-Original-To: ietf-http-wg@w3.org
Subject: Compression Dictionary follow-up from IETF 119
Archived-At: <https://www.w3.org/mid/CAJV+MGzO5XLMkRJFXBGzmJHQtHq-MBQfOPNFRyPfX8D0uzJV-Q@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51905
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Thanks for the great discussion. There were two points of discussion that were left a bit open that I wanted to follow up on: 1 - Potential for "match" to be a client DOS vector All of the match patterns for a given origin (partitioned by page origin) need to be evaluated before a decision can be made and there was a concern that a lot of dictionaries could DOS the client (or be a footgun). Not matching is a graceful fallback so things are entirely within the client control (much as the HTTP cache is). Chrome currently has a limit of 1000 dictionaries per partition so if a site sets more than that, some will be evicted. We may tune that number if we start to see impact on the request times from running the matches. 2 - Questions about the use case for hex-encoded dictionary hashes. There was some question about the cases where developers are using the hex-encoded hash values where sf-binary was causing extra friction. The main flow where that has been an issue is when delta-encoding static assets (e.g. javascript bundles). At build time, the current version of a bundle is compressed using a previous version as a dictionary and is stored with the hex dictionary hash as part of the file name (then published to wherever they are served from). Hex encoding is easy to use at build time since that is the output from cli tooling and is filesystem-safe during the build. At serving time, the Available-Dictionary header value is appended to the URL and the file is checked, falling back to the unmodified URL. Most that I have talked to are keeping the hex encoding and adding processing to the serving path to convert the sf-binary to hex (e.g. hexencode(base64decode(strip(AvailableDictionary, ':'))) ). We'll keep an eye on feedback from the updated Chrome origin trial to get a sense for how common it is and if there are any situations where it isn't easy to work with. Thanks, -Pat
- Compression Dictionary follow-up from IETF 119 Patrick Meenan
- Re: Compression Dictionary follow-up from IETF 119 Noam Helfman
- Re: Compression Dictionary follow-up from IETF 119 Lucas Pardue
- Re: Compression Dictionary follow-up from IETF 119 Patrick Meenan