Re: New Version Notification for draft-nottingham-site-wide-headers-01.txt

Mark Nottingham <mnot@mnot.net> Fri, 25 November 2016 02:25 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6467B12A1C0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 24 Nov 2016 18:25:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.398
X-Spam-Level:
X-Spam-Status: No, score=-8.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DBvRS4ZsLmJx for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 24 Nov 2016 18:25:29 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4041294DC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 24 Nov 2016 18:25:29 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cA69D-00068B-AE for ietf-http-wg-dist@listhub.w3.org; Fri, 25 Nov 2016 02:21:55 +0000
Resent-Date: Fri, 25 Nov 2016 02:21:55 +0000
Resent-Message-Id: <E1cA69D-00068B-AE@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1cA697-00067P-62 for ietf-http-wg@listhub.w3.org; Fri, 25 Nov 2016 02:21:49 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <mnot@mnot.net>) id 1cA691-0001wp-5V for ietf-http-wg@w3.org; Fri, 25 Nov 2016 02:21:43 +0000
Received: from [192.168.4.130] (unknown [124.189.98.244]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id EC0C522E255; Thu, 24 Nov 2016 21:21:19 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CAPP_2SYJu2o7W8zWVd62-c9ekCfCUB6UQ=avNnM8R2NqhFhv2Q@mail.gmail.com>
Date: Fri, 25 Nov 2016 13:21:16 +1100
Cc: Mike West <mkwst@google.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <E68A0643-97A4-447F-B59F-D3B66AE8BBEA@mnot.net>
References: <147995400666.32746.15867339667353417986.idtracker@ietfa.amsl.com> <FCDFC352-5D68-456F-AFF4-39E9E1697AF2@mnot.net> <CAKXHy=d18Zy-khibw78iC5i=8iOu2v_M2VS_aKV2jOexp8=gBg@mail.gmail.com> <A030350C-F73A-402D-A3B6-28244F855015@mnot.net> <CAPP_2SYJu2o7W8zWVd62-c9ekCfCUB6UQ=avNnM8R2NqhFhv2Q@mail.gmail.com>
To: Emily Stark <estark@google.com>
X-Mailer: Apple Mail (2.3251)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-8.1
X-W3C-Hub-Spam-Report: AWL=1.543, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cA691-0001wp-5V 9a208f4c92e33eb53848d5a4e610070a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-site-wide-headers-01.txt
Archived-At: <http://www.w3.org/mid/E68A0643-97A4-447F-B59F-D3B66AE8BBEA@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33009
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 25 Nov. 2016, at 3:08 am, Emily Stark <estark@google.com> wrote:
> 
> 
> 
> On Thu, Nov 24, 2016 at 2:10 AM, Mark Nottingham <mnot@mnot.net> wrote:
>> One other thing --
>> 
>> If we take an approach that doesn't allow fallback to headers for new features, it's going to be important to get broad buy-in from implementers. Otherwise, it'll raise the friction for those new features.
>> 
>> For example, if Expect-CT were to adopt it, and browsers were now required to make an extra fetch to implement the spec, some might not like that, and resist implementing it.
> 
> A feature could always define its own fallback to headers, couldn't it?

It could, but doing so would raise implementation cost; either on the client side (requiring clients that support the JSON form to also always support the header form, always, or the server side (requiring sites to always host the JSON and send the headers, unless the client says it has the JSON). 

Putting the requirement on the client probably makes more sense (they're less diverse), but then if you want to take advantage of the JSON syntax, you'd have two parsers, and the possibility of divergence in their behaviour. 

None of this is a deal killer IMO, just worth noting.

Once the JSON format enjoys wide adoption in browsers, new features can stop specifying the header fallbacks. If that takes a long time, or never completes (e.g., one browser decides not to do the JSON), it'd be a suboptimal outcome.

Cheers,



--
Mark Nottingham   https://www.mnot.net/