IETF Logo Mail Archive

Re: If not JSON, what then ?

Mark Nottingham <mnot@mnot.net> Tue, 02 August 2016 12:45 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4350812D596 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 2 Aug 2016 05:45:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.208
X-Spam-Level:
X-Spam-Status: No, score=-8.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p102D4C14qmR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 2 Aug 2016 05:45:45 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B69F12D597 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 2 Aug 2016 05:45:44 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bUZ18-0005eo-0r for ietf-http-wg-dist@listhub.w3.org; Tue, 02 Aug 2016 12:41:54 +0000
Resent-Date: Tue, 02 Aug 2016 12:41:54 +0000
Resent-Message-Id: <E1bUZ18-0005eo-0r@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1bUZ12-0005e3-Od for ietf-http-wg@listhub.w3.org; Tue, 02 Aug 2016 12:41:48 +0000
Received: from mxout-08.mxes.net ([216.86.168.183]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1bUZ10-0002Ne-PT for ietf-http-wg@w3.org; Tue, 02 Aug 2016 12:41:48 +0000
Received: from [192.168.98.220] (unknown [62.154.197.60]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 13B7350A84; Tue, 2 Aug 2016 08:41:21 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20160802115355.GD32124@1wt.eu>
Date: Tue, 02 Aug 2016 14:41:19 +0200
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <ECE83331-ACDD-42E7-B99C-3E4E4C66DD13@mnot.net>
References: <77778.1470037414@critter.freebsd.dk> <12ED69B4-C924-475E-9432-B8FEB4B9DF80@mnot.net> <20160802115355.GD32124@1wt.eu>
To: Willy Tarreau <w@1wt.eu>
X-Mailer: Apple Mail (2.3124)
Received-SPF: pass client-ip=216.86.168.183; envelope-from=mnot@mnot.net; helo=mxout-08.mxes.net
X-W3C-Hub-Spam-Status: No, score=-9.6
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1bUZ10-0002Ne-PT 30f6d5c1884a06aeecf78f4934df9691
X-Original-To: ietf-http-wg@w3.org
Subject: Re: If not JSON, what then ?
Archived-At: <http://www.w3.org/mid/ECE83331-ACDD-42E7-B99C-3E4E4C66DD13@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32136
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 2 Aug 2016, at 1:53 PM, Willy Tarreau <w@1wt.eu> wrote:
> 
> Hi Mark,
> 
> On Tue, Aug 02, 2016 at 01:33:39PM +0200, Mark Nottingham wrote:
>> 1) Using the first character of the field-value as a signal that the encoding
>> is in use is interesting. I was thinking of indicating it with a suffix on
>> the header field name (e.g., Date-J). Either is viable, but I don't think
>> it's a good idea to reuse existing header field names and rely on that signal
>> to differentiate the value type; that seems like it would cause a lot of
>> interop problems to me. Defining a new header field (whether it's Date-J or
>> Date2 or whatever) seems much safer to me.
> 
> I had the same feeling initially but I retracted. I fear that having two
> header fields will result in inconsistencies between the two (possibly
> intentional when that may be used to benefit an attacker). We'd rather
> avoid reproducing the Proxy-Connection vs Connection mess we've been seeing
> for a decade, where both were sent "just in case".

I know, I don't like it either. I'm just concerned that if we keep the name the same, it's much more likely it's going to not be properly converted, and that could enable attacks too.

Stepping back, I think we're talking about a set of rules something like this;

A. For a newly defined header field that explicitly uses the new format, send it in the new format
B. For existing header fields, if their expression in the new format is defined:
  1. If you have evidence that your peer can accept the new header format, send them in the new format
  2. Otherwise, send them in the original format.
C. All other fields are always sent in the original, HTTP/1 format.

I.e., having both versions of a single header's semantics the wire at the same time is an error.

This means that the format of those headers is effectively a hop-by-hop attribute; you might have a situation where a non-format-aware node forces the hops surrounding it back to the original format (for headers with two different ways to express those semantics).

This gives me pause. Converting from new to old and back to new is very likely to tickle a lot of bugs and cause a lot of interop problems. So, we could say that conversion only happens as a downgrade; i.e., if the next hop doesn't support the encoding, you can downgrade, but you never upgrade it again to the new encoding.

Presumably, the last "hop" might be inside the origin server, when it converts those header fields into the old format for backwards compatibility with existing applications that aren't aware of the new format.

Applications that *are* aware of the new format will still need to handle the original format, because there will be clients / hops generating it for the foreseeable future. 

This kind of seems like a mess to me, and leads me to think that the only time we should attempt this is during a major protocol revision (i.e., h3), and even then, with great trepidation.

If we get that far, deciding how to signal which headers are encoded seems more manageable :)


> However if we enumerate certain header fields that would deserve being
> encoded differently and find a way to group them, we may think about
> sending a composite, compact header field for transport/routing, another
> one for the entity where available information are grouped when relevant.
> Then maybe it could be decided that when one agent consumes such a field,
> before passing the message it must delete occurences of the other ones,
> and/or rebuild them from the composite one, in order to avoid inconsistency
> issues.
> 
> We have more or less this regarding Transfer-Encoding which voids
> Content-Length, and the Host header field which must always match the
> authority part of the URI if present.
> 
> These are just thoughts, maybe they are stupid.

Not stupid at all, but I am concerned about adding too much "magic"; if implementations are doing too much on your behalf, issues will arise (see above).

Cheers,



--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email