Re: Unicode escape sequence | Re: draft-ietf-httpbis-header-structure-00, unicode range
Mark Nottingham <mnot@mnot.net> Fri, 23 December 2016 14:41 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4FE3129526 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 23 Dec 2016 06:41:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.001
X-Spam-Level:
X-Spam-Status: No, score=-10.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-3.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ib45NH2vlMUr for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 23 Dec 2016 06:41:45 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24008129512 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 23 Dec 2016 06:41:44 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cKQzC-000871-2p for ietf-http-wg-dist@listhub.w3.org; Fri, 23 Dec 2016 14:38:18 +0000
Resent-Date: Fri, 23 Dec 2016 14:38:18 +0000
Resent-Message-Id: <E1cKQzC-000871-2p@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1cKQyr-000857-Vz for ietf-http-wg@listhub.w3.org; Fri, 23 Dec 2016 14:37:58 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <mnot@mnot.net>) id 1cKQyq-0003uP-G1 for ietf-http-wg@w3.org; Fri, 23 Dec 2016 14:37:57 +0000
Received: from [10.0.0.44] (unknown [71.200.63.170]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 428EF22E1FA; Fri, 23 Dec 2016 09:37:27 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <63340.1481720099@critter.freebsd.dk>
Date: Fri, 23 Dec 2016 09:37:26 -0500
Cc: Martin Thomson <martin.thomson@gmail.com>, "Julian F. Reschke" <julian.reschke@gmx.de>, Alexey Melnikov <alexey.melnikov@isode.com>, Matthew Kerwin <matthew@kerwin.net.au>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>, Ilari Liusvaara <ilariliusvaara@welho.com>, HTTP working group mailing list <ietf-http-wg@w3.org>, Poul-Henning Kamp <phk@varnish-cache.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <C8F21FA8-8B03-4E9C-B0E8-CD3C9CF028CE@mnot.net>
References: <20161213173327.C1F7D1714B@welho-filter2.welho.com> <20161213175419.GA7943@LK-Perkele-V2.elisa-laajakaista.fi> <25434.1481665395@critter.freebsd.dk> <201612140628.uBE6SO3L025885@shell.siilo.fmi.fi> <36792.1481701328@critter.freebsd.dk> <CACweHNDKgWQewZHb=Kz3_2=41M58sY5472Q5OwpqPLxorvkzHQ@mail.gmail.com> <37223.1481707288@critter.freebsd.dk> <3a65ca44-f652-3b14-6d64-46f35b32df57@isode.com> <55880.1481711031@critter.freebsd.dk> <95057a05-6714-9154-8cf8-7cd302c86715@gmx.de> <60914.1481712680@critter.freebsd.dk> <CABkgnnWzOhkznH2HzweNegYo4dDHE+DT0PM=eCSvVr+-Wkup1A@mail.gmail.com> <63340.1481720099@critter.freebsd.dk>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
X-Mailer: Apple Mail (2.3251)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-9.6
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cKQyq-0003uP-G1 34e650f391f04946605714446966f93b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Unicode escape sequence | Re: draft-ietf-httpbis-header-structure-00, unicode range
Archived-At: <http://www.w3.org/mid/C8F21FA8-8B03-4E9C-B0E8-CD3C9CF028CE@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33232
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
> On 14 Dec. 2016, at 7:54 am, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > > -------- > In message <CABkgnnWzOhkznH2HzweNegYo4dDHE+DT0PM=eCSvVr+-Wkup1A@mail.gmail.com> > , Martin Thomson writes: > >> I can't remember, is there actually a good reason why we can't just >> start shoving UTF-8 in header fields? I mean, h2 is probably OK with >> this. > > You mean "h2 end to end" ? Yes, probably. > > But what about H2->H1 and H1->H2 proxies/load-balancers/etc ? Furthermore (and it bears repeating), the ends are never just "HTTP." On the server side, they're a mash of CGI, FastCGI and various other interfaces to languages like Perl, Python, PHP and Ruby, each with their own galaxy of library modules, frameworks and such. On the client side, things get easier because of the relative alignment between browsers*, but you still have to consider non-browser clients, including spiders, robots, scrapers -- and the various libraries and infrastructure they use. Both sides are implemented by intermediaries, whether that be "forward" proxies, "reverse" ones, CDNs, load balancers, firewalls, or on-machine virus scanners (ew). If you're really lucky, they might pass through an ICAP hop or two. Off-path, you need to consider logging and monitoring software, as well as configuration interfaces that allow headers to be manipulated (e.g. through Web form -- that should be fun). Potentially, all of these interfaces and pieces of software touch HTTP headers, and might assume that they are ASCII, 8859-1, UTF-8, or a bytestring. That's not to say that we can't use more than the least common denominator (ASCII), but we don't know how much trouble doing so will cause. And, as discussed previously, there aren't a lot of use cases for non-ASCII header values in standards (because few have a payload that's exposed to end users), so the reward for taking that risk is questionable. Cheers, * If you believe in Fetch. -- Mark Nottingham https://www.mnot.net/
- draft-ietf-httpbis-header-structure-00, unicode r… Kari Hurtta
- Re: draft-ietf-httpbis-header-structure-00, unico… Ilari Liusvaara
- Re: draft-ietf-httpbis-header-structure-00, unico… Kari Hurtta
- Re: draft-ietf-httpbis-header-structure-00, unico… Poul-Henning Kamp
- Re: draft-ietf-httpbis-header-structure-00, unico… Poul-Henning Kamp
- Re: draft-ietf-httpbis-header-structure-00, unico… Ilari Liusvaara
- Re: draft-ietf-httpbis-header-structure-00, unico… Poul-Henning Kamp
- Unicode escape sequence | Re: draft-ietf-httpbis-… Kari Hurtta
- Re: draft-ietf-httpbis-header-structure-00, unico… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: draft-ietf-httpbis-header-structure-00, unico… Martin J. Dürst
- Re: Unicode escape sequence | Re: draft-ietf-http… Matthew Kerwin
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Martin Thomson
- Re: Unicode escape sequence | Re: draft-ietf-http… Alexey Melnikov
- Re: draft-ietf-httpbis-header-structure-00, unico… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Alexey Melnikov
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Martin Thomson
- Re: Unicode escape sequence | Re: draft-ietf-http… Matthew Kerwin
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Matthew Kerwin
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Kari Hurtta
- Re: Unicode escape sequence | Re: draft-ietf-http… Matthew Kerwin
- Re: Unicode escape sequence | Re: draft-ietf-http… Kazuho Oku
- Re: Unicode escape sequence | Re: draft-ietf-http… Daurnimator
- Re: Unicode escape sequence | Re: draft-ietf-http… Mark Nottingham
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Mark Nottingham
- Re: Unicode escape sequence | Re: draft-ietf-http… Julian Reschke
- Re: Unicode escape sequence | Re: draft-ietf-http… Poul-Henning Kamp
- Re: draft-ietf-httpbis-header-structure-00, unico… Mark Nottingham
- Re: draft-ietf-httpbis-header-structure-00, unico… Poul-Henning Kamp
- Re: Unicode escape sequence | Re: draft-ietf-http… Martin J. Dürst