IETF Logo Mail Archive

Re: Httpdir early review of draft-ietf-ppm-dap-09

Mark Nottingham <mnot@mnot.net> Mon, 08 January 2024 01:02 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78DCCC14F605 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 7 Jan 2024 17:02:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.755
X-Spam-Level:
X-Spam-Status: No, score=-2.755 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b="V5ig5Brc"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="YRJ+ss9J"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8WuP-jmTX3ku for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 7 Jan 2024 17:02:06 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8814DC14F600 for <httpbisa-archive-bis2Juki@ietf.org>; Sun, 7 Jan 2024 17:02:06 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1rMdzG-002vU6-QL for ietf-http-wg-dist@listhub.w3.org; Mon, 08 Jan 2024 00:59:30 +0000
Resent-Date: Mon, 08 Jan 2024 00:59:30 +0000
Resent-Message-Id: <E1rMdzG-002vU6-QL@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mnot@mnot.net>) id 1rMdzE-002vT5-SL for ietf-http-wg@listhub.w3.org; Mon, 08 Jan 2024 00:59:28 +0000
Received: from out4-smtp.messagingengine.com ([66.111.4.28]) by titan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mnot@mnot.net>) id 1rMdzC-002N46-9V for ietf-http-wg@w3.org; Mon, 08 Jan 2024 00:59:28 +0000
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 8753B5C180D; Sun, 7 Jan 2024 19:59:22 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Sun, 07 Jan 2024 19:59:22 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1704675562; x=1704761962; bh=rlW8i0ZUy2JMQ8OTZ0HJN8aqRvAyQH1rEVOj1cYyqMM=; b= V5ig5BrcIthy93PYrblFmdFwiY1A+gTi0vb98+m3WfucFUSQGsSxFawUTdSbnn4Q hWmkM+ZuluCLaeZ0WW85nJZSdYfQO/bdv+pEuG9faz6BaGWrKCluEdgspECnjIsW jsDQ8PZDXt6eTsinESdKC98RkewAixbsjeXtRfPePCcKSQPjyRzr6y2otN1PUlah wdBOBveF7AB2fRMGwxGL/cO4Ef3OEdtsbWTNdMMLvueGA0IBdjImhLodDi2whRcr yUdaL7zahyZlp0PhybOb2puJq3t/6yZ2q65TSj31/FA8n4tYA9JAli4SDv61cqf8 +yPjq/VCML5kZNGfzBFbgw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1704675562; x= 1704761962; bh=rlW8i0ZUy2JMQ8OTZ0HJN8aqRvAyQH1rEVOj1cYyqMM=; b=Y RJ+ss9JIaIiHKThfGy7POXXdprnKHnla21TebzkqfVJ1x5E+5THI+hBr/Z28yjeJ Qe6Vc7U5bkh70qy+LxeimYn065tkf/HNqE+j724yfIabEMSx0baPxzp1J7w6ulCr uxplJqz7Ii7LfpEZ1AFb1G8v1uHexACVRXf47C602M9VgiJ+Fz9blPTJnAh87R1d 5QBElUuqbnux+BSZ83E/JIHUKsBuDgrnhjQws+T4BWd2gVobwLFCPK8AP4DFt46l njuNbivg6JOpxu8X75eAR1aEGNMJWE9J2EDkd7VdqEBn+dq/LcOJi8rXvAqjUTs0 IBBHN2KtgwnhRbD1Cyd9g==
X-ME-Sender: <xms:6kibZahFCGJKWIGZ9hoQn7kq2BdYcNkRsxnKdhGxGEAixKPiaQLcxg> <xme:6kibZbC08FpgywrIfXUzdtna6SIbczMKmp6mMWV51crL15BTQ4L0hau_zI9Adfe5r 2uS6QNrnzM8VHqGVw>
X-ME-Received: <xmr:6kibZSFncySzbjwUTCO-U9pfttcDxPv4RMOaNiwmmGW5e2DZdba4C0KEbWq-k_v-hnjiyIKJnw-FA2VBXe1UB3v2jB4Q7xpjN1R4Pq128_QiTLF3FO3Lm9g0>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdehhedgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpegtggfuhfgjffevgffkfhfvofesth hqmhdthhdtjeenucfhrhhomhepofgrrhhkucfpohhtthhinhhghhgrmhcuoehmnhhothes mhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpedtueehleeuffejffefkedtheejhf fftedvleelgfeiieeffefhgeekteegueeifeenucffohhmrghinhephhhtthhplhgrhigv rhgrnhgufihithhhihhntghhrghllhgvnhhgvghosghjvggtthhsrghsuggvfhhinhgvug hinhhsvggtthhiohhnkedrihhtpdhrvghpohhrthgpmhgvthgruggrthgrrdhrvghpohhr thdpihgvthhfrdhorhhgpdhrfhgtqdgvughithhorhdrohhrghdpmhhnohhtrdhnvghtne cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhnohht sehmnhhothdrnhgvth
X-ME-Proxy: <xmx:6kibZTT7GSlSBHRRRAHBsSCFzpdA9ecSygmj-QMQ1ZgoOVg-GRaDLQ> <xmx:6kibZXxx9L_kHSUVoMKF2QK4RWzwuCHo49hOE8_0eXbbeekee2KAGg> <xmx:6kibZR5WQABRPVzXXQt1Rtu5M1o5MLSwLs07azYUUxzIHCuUkbE_aA> <xmx:6kibZS-ytbjyDDmEoajpjNCHArfTYiW9s5Xzfyz-st0N7GMYNwKigg>
Feedback-ID: ie6694242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 7 Jan 2024 19:59:20 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.300.61.1.2\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CACsY-OduuUv0LjBB=0DR2Pj338MM9HUENkxOhKjxQG9AnCki9Q@mail.gmail.com>
Date: Mon, 08 Jan 2024 11:59:18 +1100
Cc: HTTP Working Group <ietf-http-wg@w3.org>, draft-ietf-ppm-dap.all@ietf.org, ppm@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <007EBB68-5310-42E0-9DB7-AB0ED7A12AC9@mnot.net>
References: <170384026509.4260.5375550250978716488@ietfa.amsl.com> <CACsY-OduuUv0LjBB=0DR2Pj338MM9HUENkxOhKjxQG9AnCki9Q@mail.gmail.com>
To: Tim Geoghegan <timgeog+ietf@gmail.com>
X-Mailer: Apple Mail (2.3774.300.61.1.2)
Received-SPF: pass client-ip=66.111.4.28; envelope-from=mnot@mnot.net; helo=out4-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=mnot.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1rMdzC-002N46-9V 75908f2d6a94f769db9cb4fe59d27d9d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Httpdir early review of draft-ietf-ppm-dap-09
Archived-At: <https://www.w3.org/mid/007EBB68-5310-42E0-9DB7-AB0ED7A12AC9@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51712
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 3 Jan 2024, at 8:06 am, Tim Geoghegan <timgeog+ietf@gmail.com> wrote:
> 
> - 'Errors can be reported in DAP both at the HTTP layer and within challenge
> objects as defined in Section 8.' It should be noted that for HTTP software to
> work correctly, the appropriate status code must be used; indicating an error
> in the object without doing so may lead to unintended retries/caching/etc.
> 
> Good point. The other problem is that I don't think the reference to a "challenge object" makes any sense. What we mean is that a message in the response body might contain error information. So we need to fix that text. That aside, would it suffice to amend this section to say that if the object in the response body indicates an error, then the HTTP status MUST indicate either a client or server error?

That's one way to do it, yes -- although that might be too constraining (e.g. when it's an error that doesn't have impact on / significance to HTTP components).

> - In section 4.3, it might be good to reference RFC 6570.
> 
> Speaking as the individual who wrote the current text: I deliberately avoided using RFC 6570 here because its feature set is much, much richer than what DAP needs, and so I opted for the weaker, simpler templates that we have now.
> 
> Speaking as a document editor/WG member: I have no doubt that the templates and expansions DAP uses can be expressed in RFC 6570 syntax, and will switch over to it if the WG consensus is to do so, but personally I don't see a compelling reason to go that way (I'm open to hearing arguments about this of course).

AIUI these are just an editorial convention / explanatory device, so I don't feel strongly about this, but 6570 does designate "level 1" for such simple cases.

> - Section 4.4.1 and afterwards use static paths for subresources, hindering
> flexibility and violating at least the spirit of BCP 190. If the configuration
> were to allow specification of URI templates, it would be much more flexible.
> 
> We tried to write the text to allow serving of the API relative to any prefix. So in a template like "{aggregator}/hpke_config" (4.4.1), "{aggregator}" can have arbitrary path components in it relative to the hostname. Did we express this incorrectly?
> 
> Past that, are you objecting to DAP spelling out templates like "{aggregator}/hpke_config" or "{helper}/tasks/{task-id}/aggregation_jobs/{aggregation-job-id}"? Are you suggesting that a deployment should be able to use a template like "{helper}/foo/{task-id}/bar/{aggregation-job-id}" if it so wishes?

Using prefixes is better than static URLs. Ideally, the client would fetch something that contains the links (or templates for them) to allow complete flexibility, much as HTML does for the Web. Have you considered that approach?

> - 4.4.2 uses PUT to create a report, but doesn't seem to make the uploaded
> report available for later GETs at the same URL. If this stays the same (i.e.,
> if the server is going to manage the URL of the report), it should be POST. It
> should only be PUT if the client is effectively deciding what the URL should be
> (by PUTting to a URL it can later GET). Also, if it can't be GET later, the
> response status code should be 200, not 201. If it can and POST is used, it
> should be 201 + a Location header pointing to where it was created.
> 
> First, there is a unique identifier for a report that does get chosen by the client, but it only appears inside the request body (this is `Report.report_metadata.report_id`). We could hoist it up to the request path, yielding a template `{leader}/tasks/{task-id}/reports/{report-id}`, and then you'd have a unique URI for each report. I'm inclined to do this much no matter what, for consistency with the aggregation job and collection job resource paths.

If you do that, PUT makes sense.

> That said, I'm not sure if it makes sense for that to be a GETtable resource. DAP doesn't need GET on reports to function and more importantly, I worry about the implementation burden for servers. In many cases, the initial uploaded form of a report isn't useful after the first round of preparation. Servers may wish to discard per-report information aggressively to limit the growth of their databases, which makes it difficult to serve up anything meaningful in response to a GET request. So I'm reluctant to add a requirement or a MUST about GET on this resource.

Understood, but I wonder how much of a burden it really is for a server to return some state that it has sitting there already. 

> I really like having this be a PUT request because of the implied idempotency semantics. What if we leave it as a PUT and change the path template to incorporate the unique report ID, but then don't say anything about GET requests (or at most put in a MAY)? I think then implementations would be free to either respond to GET requests with HTTP 200 and a `struct Report`, or with HTTP 204 or 410 if they happen to have chucked out the relevant database row.

Yes, if the resource isn't available any more, 404 or 410 is entirely appropriate. PUT isn't a guarantee that the same bytes will always be returned -- or even returned on the next request. However, it should make sense, from a systemic view.

> If that's inappropriate, then I think we can switch to a POST as you recommend, but what about idempotency? Would we just have to state in DAP that this particular POST is safe to retry?

Well, this is under development and should ship soon: <https://datatracker.ietf.org/doc/draft-ietf-httpapi-idempotency-key-header/>

> - Use of 201 in 4.6.1 seems incorrect if I understand correctly.
> 
> The request in question is PUT {leader}/tasks/{task-id}/collection_jobs/{collection-job-id}, which is intended to create a collection job resource with the specified ID, in the specified task. RFC 9110 9.3.4 (https://www.rfc-editor.org/rfc/rfc9110.html#section-9.3.4-2) states:
> 
> If the target resource does not have a current representation and the PUT successfully creates one, then the origin server MUST inform the user agent by sending a 201 (Created) response.
> So 201 seems correct: on success, the collection job gets created. The same paragraph in 9110 discusses using 200 or 204 when successfully mutating an existing resource, but DAP explicitly forbids that in this request.

Ah, sorry, I misread that.

Cheers,

--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email