IETF Logo Mail Archive

Re: Submitted new I-D: Cache Digests for HTTP/2

Kazuho Oku <kazuhooku@gmail.com> Mon, 18 January 2016 14:14 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9179B1B377A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 18 Jan 2016 06:14:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.003
X-Spam-Level:
X-Spam-Status: No, score=-7.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xWVGPTMAvqXl for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 18 Jan 2016 06:14:21 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 302511B3774 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 18 Jan 2016 06:14:20 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aLAVM-0003xg-00 for ietf-http-wg-dist@listhub.w3.org; Mon, 18 Jan 2016 14:10:00 +0000
Resent-Date: Mon, 18 Jan 2016 14:09:59 +0000
Resent-Message-Id: <E1aLAVM-0003xg-00@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <kazuhooku@gmail.com>) id 1aLAVG-0003wt-ST for ietf-http-wg@listhub.w3.org; Mon, 18 Jan 2016 14:09:54 +0000
Received: from mail-wm0-f42.google.com ([74.125.82.42]) by lisa.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <kazuhooku@gmail.com>) id 1aLAVF-00039o-Dq for ietf-http-wg@w3.org; Mon, 18 Jan 2016 14:09:54 +0000
Received: by mail-wm0-f42.google.com with SMTP id b14so124822954wmb.1 for <ietf-http-wg@w3.org>; Mon, 18 Jan 2016 06:09:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bGQp21zvalu+1LA/KhIsG9mVC+ah2+HkJjARUxQ7Acw=; b=LAJjSyS0FgHcZKarucIkLXWa+3KYdiCuFBb/ZvbnDF1eq54yqksj8KXTKUX1Mp9MEP IUD5JwZXuGY9ocHhm5MlQDC+kOtE9/p1VlHCOHy3hBvqsFyIEuoyxTI5MmxlYgS96rNs W1aWYhErgpTJ911TbgxW+RIcf17mGuDvA1DHvQTvlLAMNWffDugiYrFtc2XLGf7m9CNh YGAHwdsOV113F/iGu09gcoXHJlrurQ/CCLfYekCtOn4iVURdp/s2sPz2U8qs4m77UeTG UN+sWR/kvzBqeJImvywzxj6TC8n7idWzvpHPVfwSB5dnRcxuAZY/KAkw3BhsmRIAvot0 ZtOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=bGQp21zvalu+1LA/KhIsG9mVC+ah2+HkJjARUxQ7Acw=; b=I++hSyC6TcDmO/oX8hgp86AcDF1lr4ozrepvjoxNwPLc3gmOQ6pi606brR5D1w778s zb0wiEbP2KWNOtlKQq0kV7CvtyIyKLX1ymzyvqUsQplMx8oQ5sq0mgVrNz73T9AeIHs9 WtKOZHAxzWvfODR4xnD0bQFhzbuzjXgo75gGAsWcejI+dqWSkm9p70WnnLoH35/2i+X9 Lc3lbsOS/xMU6rmQZQd+NC/3duOgcVgceA5wy2BEWmHsPAjWCYANL+1hGEZ+X/piCeyx 3BZHEOs5LsrhBWMdmQG0bU3KKt7wW4tzQNmjCC6qtHdp/C3uj0co0t7+2Wh91l4D3vEG I1RQ==
X-Gm-Message-State: AG10YOQw4TpSvuz3KrolBUrfzf/4gMVTo1jaITBPyGVADEDGit2Eq5uCcypvZjE1u9gW27wPcaFyKCvmXIvGtA==
MIME-Version: 1.0
X-Received: by 10.28.222.5 with SMTP id v5mr14620833wmg.94.1453126166814; Mon, 18 Jan 2016 06:09:26 -0800 (PST)
Received: by 10.194.235.163 with HTTP; Mon, 18 Jan 2016 06:09:26 -0800 (PST)
In-Reply-To: <CABkgnnXh3yd2C5F8Q22JePFtwb7P6mXUQGVzFRdVipJGDdA6cg@mail.gmail.com>
References: <CAAMqGzYUoCMxBxUEY9wfLOHZp7nrO4d1q5JZo=96pfEbVS1-ew@mail.gmail.com> <652C3E3A-3DA6-40BB-82FF-01A7D65FF65C@lukasa.co.uk> <CABCZv0piAoDnA1J+2pJ3HyF_iRwj9AaFGfonFjdKGfYr=cGZgQ@mail.gmail.com> <CAKRe7JG16u+MteBz4Rz7iCnHxfhLZ=QbWekrhgNhNkq+pKhVAg@mail.gmail.com> <CANatvzyT_ohm5hEcJ1o8B+AEa70607E-LUnPp5cD8sSO8X0HKA@mail.gmail.com> <56958980.1030307@treenet.co.nz> <CANatvzyOnMSLHfXcDrGSjbtZi5nFX2e9_4tHOjmR2OqBWEYUcg@mail.gmail.com> <EDB7D8A6-9121-4268-8920-223E9BE16B19@greenbytes.de> <CAKRe7JHh9maCnBgODU_rr5TFVmy3Tdm2bwEp2hHsONW8e_LTjw@mail.gmail.com> <CANatvzw6NpbpA_56GbSiCH2yEQoAuaGtXneOvrogBfucqrC8Qw@mail.gmail.com> <CAKRe7JGUUAinAqM9yHnUp0gJm5qwq5xvMhEo+fMnffRW7Kmu7w@mail.gmail.com> <CANatvzxhCXKRFEVJDeJfdMVxP6r+jyOSCcHkY8VHiPNCSF+SwA@mail.gmail.com> <CABkgnnVdR0fi9QKHT=tZUzAzAYe+XxG-oEj=srZGX0TMEkHcuw@mail.gmail.com> <CANatvzwPmZXEpcjE+O2BORq19FgGNGYgs7D7t-t_1O0-x-75KA@mail.gmail.com> <CABkgnnUrbBzKRZZsRzAf93A1Gj3AZQAfNpnBQLRqXzQFnRNwwA@mail.gmail.com> <CANatvzyPDKcuS3rnU9zYvRDXqmsRrqm=Y3+d3xS+a4e+MUZXuw@mail.gmail.com> <CABkgnnWkNynANyjGUkcZBTQjUsVDvDZYA+-zr9BD3+BK3xLNmQ@mail.gmail.com> <CANatvzxMGnodspx1sfCVOOjuLKBFM-ySFM-1A3yrw7nyMLyugw@mail.gmail.com> <CABkgnnUGBj5NZWhqEaSLe5Bj_htyJsk5pX=YAWeFj+prHZUhAA@mail.gmail.com> <CANatvzxOqFgrvExSRzYJKHboQT6kKdUg6XpaUCQC3yY2dnsJtg@mail.gmail.com> <CABkgnnXh3yd2C5F8Q22JePFtwb7P6mXUQGVzFRdVipJGDdA6cg@mail.gmail.com>
Date: Mon, 18 Jan 2016 23:09:26 +0900
Message-ID: <CANatvzzjkmRFzyGBZ7ben9wimmZSo9uNCf3jnFz7MYDMWbsWJw@mail.gmail.com>
From: Kazuho Oku <kazuhooku@gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Ilya Grigorik <ilya@igvita.com>, Stefan Eissing <stefan.eissing@greenbytes.de>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=74.125.82.42; envelope-from=kazuhooku@gmail.com; helo=mail-wm0-f42.google.com
X-W3C-Hub-Spam-Status: No, score=-5.5
X-W3C-Hub-Spam-Report: AWL=-0.817, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1aLAVF-00039o-Dq 8292c73babf920d89b0a5813f3c596f8
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Submitted new I-D: Cache Digests for HTTP/2
Archived-At: <http://www.w3.org/mid/CANatvzzjkmRFzyGBZ7ben9wimmZSo9uNCf3jnFz7MYDMWbsWJw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/30972
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

2016-01-18 18:02 GMT+09:00 Martin Thomson <martin.thomson@gmail.com>:
> On 18 January 2016 at 18:41, Kazuho Oku <kazuhooku@gmail.com> wrote:
>> Should we define `path` attribute for the purpose?
>
> Maybe.  SW calls it scope, which makes it tricky to map out.  Perhaps
> renaming the other from scope to domain would be better.

Thank you for the response.

Under the premise that we should be two attributes, one matches
against authority and one matches against path, I wonder if the former
should be named `domain`.

The positive side of naming it `domain` is that the name is the same
as that used with cookies.  The negative side is that the semantics
will not be the same as the cookies.

IMO we should have three types of authority-level scopes for a cache
digest: a) exact match of the authority (e.g. host:port), b) exact
match of the host, c) match against a wildcard certificate.  b) and c)
come from the definitions in RFC 7540 Section 10.1.  I also believe
that a) should be the default.

However, the three types do not map well against the Domain attribute
of Cookie.  Exact match only exists for b), and that is when the
Domain attribute is not used (however if we are to use make a) as the
default, we need to have the attribute defined in this case).

To summarize, even though the role is similar to the Domain attribute
of Cookie, we need to define totally different semantics for the
attribute for Cache Digest; and I am afraid re-using `Domain` might
cause confusion.


That said, I propose using the name `host`, with following semantics.

* if `host` attribute is not specified, the scope of the cache digest
is the authority
* if a non-wildcard `host` attribute is specified, the scope is the
host.  The value MUST be equal to the host part of the :authority
pseudo header
* if a wildcard `host` attribute is specified, the scope is the hosts
that match the wildcard.  The value MUST be equal to that provided by
the TLS certificate

-- 
Kazuho Oku

v2.23.0 | Report a Bug | By Email