IETF Logo Mail Archive

Re: Magnus Westerlund's No Objection on draft-ietf-httpbis-client-hints-14: (with COMMENT)

Yoav Weiss <yoav@yoav.ws> Thu, 18 June 2020 11:00 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFBF13A0AE0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 18 Jun 2020 04:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.648
X-Spam-Level:
X-Spam-Status: No, score=-2.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yoav-ws.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kev7TlQx8SoI for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 18 Jun 2020 04:00:45 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A13ED3A0ADB for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 18 Jun 2020 04:00:45 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1jlsFI-0001nk-O5 for ietf-http-wg-dist@listhub.w3.org; Thu, 18 Jun 2020 10:58:12 +0000
Resent-Date: Thu, 18 Jun 2020 10:58:12 +0000
Resent-Message-Id: <E1jlsFI-0001nk-O5@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <yoav@yoav.ws>) id 1jlsFH-0001mz-83 for ietf-http-wg@listhub.w3.org; Thu, 18 Jun 2020 10:58:11 +0000
Received: from mail-lf1-x12b.google.com ([2a00:1450:4864:20::12b]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <yoav@yoav.ws>) id 1jlsFF-0000Vq-1U for ietf-http-wg@w3.org; Thu, 18 Jun 2020 10:58:11 +0000
Received: by mail-lf1-x12b.google.com with SMTP id g2so3226435lfb.0 for <ietf-http-wg@w3.org>; Thu, 18 Jun 2020 03:58:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yoav-ws.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=an7arPhufgeI4ZHnkCPQy9CPSNArJsazQUyKlmMGZV0=; b=k11ONU194I2OjBMtjks/E3XGFHI3OpvNfVNGwuQvnqeJ7TuEeu70Gaump9MYlAoarh lLHl48cp/YsHxCf7Sk+cQUjWrj5ZRjmd/NacZfbgC1yVWR+NE9+ZgEJisE2FodGOoY8t jt/J7NRffoVUxJ3RiFJiAzCP9VYgK56PIpNtmkjULHuBXKi+RPQkO3/w1chhhc5Hwn7s +rIXeePy0VZRtyCQl8pLCiIPmFDplCCk79oPlirnZPR5NYFjgbzcP80Lzy9Ije/UhijK i1nVeRF/XOmXI4zDOv/FcJiFMZ93yRB4lW7iZauAoK59Anpuiz95IrDKiffSUyXpD/ol IYNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=an7arPhufgeI4ZHnkCPQy9CPSNArJsazQUyKlmMGZV0=; b=swHixOESk+Kq7FbkOxqkIt0+17t5tFtr6lA9DetYn/kCPuapUXZwNwKbSKNOb8bN3s omQAsr8Q6zTsQXW065wGnR1U5tmGwEA0KcCA2e70cHJ1gwlazEkjBs531dBnfseOatwg HJIhM1eUuhBqHunTtfJN/HBb+1Yvm0pu8yH9bgFHwaY6XouDSt73o4grFBhZNdBy1kgl m98sblQ4hrYq+wn5R15/Cs16Np5EKOn0dEq3rpw7SPPSydco0IvrfoNIQZg3oJV9NYOj CYl44lJSkUfRrjnzZK9SIHiqWU8JSWHXTTZ9q3yg9O14ugxpaDw2ytfxF/4hQq/6OZr/ +y4g==
X-Gm-Message-State: AOAM530CLeC3YQzGU7xVV5BrTTqks7D+VDOqm6NJ5x1rkrR3mSb732u1 cdYwMHgwonegNmnIe38ZVCQXCRuI2Jdtq/KWR/zqaQ==
X-Google-Smtp-Source: ABdhPJwnkoR+023nPS5DltziP0+uJ8IfqlNjRxCgb//vh2IC/WCCcmj5MUq0/5bI5aHZbzF6GSmfcDaEhyZfL/atM3M=
X-Received: by 2002:ac2:5e6c:: with SMTP id a12mr2061696lfr.35.1592477877218; Thu, 18 Jun 2020 03:57:57 -0700 (PDT)
MIME-Version: 1.0
References: <159005445899.23374.13670236118157078353@ietfa.amsl.com> <CACj=BEgAPeeOPTZUUBp43C_4CuSEmnSjSC6T3wGZby55ECbuow@mail.gmail.com> <eced190fd2ef0d008e6706a50a05369470c62585.camel@ericsson.com>
In-Reply-To: <eced190fd2ef0d008e6706a50a05369470c62585.camel@ericsson.com>
From: Yoav Weiss <yoav@yoav.ws>
Date: Thu, 18 Jun 2020 12:57:40 +0200
Message-ID: <CACj=BEjQX6+Qwe8WR__UTXmP-HR+3F_VbAiasaB3cPVq9-_=PA@mail.gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, Tommy Pauly <tpauly@apple.com>
Cc: "httpbis-chairs@ietf.org" <httpbis-chairs@ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-httpbis-client-hints@ietf.org" <draft-ietf-httpbis-client-hints@ietf.org>, "mnot@mnot.net" <mnot@mnot.net>
Content-Type: multipart/alternative; boundary="0000000000002f40df05a859a6f7"
Received-SPF: pass client-ip=2a00:1450:4864:20::12b; envelope-from=yoav@yoav.ws; helo=mail-lf1-x12b.google.com
X-W3C-Hub-Spam-Status: No, score=-8.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1jlsFF-0000Vq-1U 37440b6f9782861125df9da8f7f1fae2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Magnus Westerlund's No Objection on draft-ietf-httpbis-client-hints-14: (with COMMENT)
Archived-At: <https://www.w3.org/mid/CACj=BEjQX6+Qwe8WR__UTXmP-HR+3F_VbAiasaB3cPVq9-_=PA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37789
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, Jun 18, 2020 at 10:35 AM Magnus Westerlund <
magnus.westerlund@ericsson.com> wrote:

> Hi Yoav,
>
>
>
> On Wed, 2020-06-17 at 11:16 +0200, Yoav Weiss wrote:
> > Thanks for reviewing! Apologies for the late reply... :/
> >
> > On Thu, May 21, 2020 at 11:47 AM Magnus Westerlund via Datatracker <
> > noreply@ietf.org> wrote:
> > > Magnus Westerlund has entered the following ballot position for
> > > draft-ietf-httpbis-client-hints-14: No Objection
> > >
> > > When responding, please keep the subject line intact and reply to all
> > > email addresses included in the To and CC lines. (Feel free to cut this
> > > introductory paragraph, however.)
> > >
> > >
> > > Please refer to
> https://www.ietf.org/iesg/statement/discuss-criteria.html
> > > for more information about IESG DISCUSS and COMMENT positions.
> > >
> > >
> > > The document, along with other ballot positions, can be found here:
> > > https://datatracker.ietf.org/doc/draft-ietf-httpbis-client-hints/
> > >
> > >
> > >
> > > ----------------------------------------------------------------------
> > > COMMENT:
> > > ----------------------------------------------------------------------
> > >
> > > I have no significant concern here, but I would appreciate an answer
> if I
> > > understand the situation correctly.
> > >
> > > The Accept-CH header value is  structure header value and uses sh-token
> > > which
> > > has a more restrictive syntax than the HTTP specifications token used
> for
> > > header field names. However, this restriction is not of any real
> practical
> > > concern as all registered HTTP headers starts with an ALPHA. I did
> notice
> > > that
> > > the new HTTP semantics documents proposed new registry was not
> mandating but
> > > strongly recommending to keep within what sh-token can except. Thus,
> do I
> > > assume correctly that this issue has been sufficiently discussed in
> the WG?
> >
> > I'm not sure I properly understand the issue you're referring to. Would
> you
> > like to see a stronger restriction than sh-token?
>
> No, I am simply noting that by using structured field values your
> implicitly
> restriciting the syntax from what RFC 7230 allows for field names, which
> is:
>
> header-field   = field-name ":" OWS field-value OWS
> field-name     = token
> where token is:
>
>      token          = 1*tchar
>
>      tchar          = "!" / "#" / "$" / "%" / "&" / "'" / "*"
>                     / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
>                     / DIGIT / ALPHA
>                     ; any VCHAR, except delimiters
>
>
> However Structure field's token definition is this:
>
>
>    sf-token = ( ALPHA / "*" ) *( tchar / ":" / "/" )
>
> Thus, Client hints will not be able to do express all possible field-names
> that
> may exist in HTTP.
>
> From that I was asking:
>
> Where there any discussion of this restriction?
>

I don't believe there was a thorough discussion of this restriction.

Where there any concerns raised with this, or are all okay with it?
>

I haven't heard any concerns, and I think it's fine to restrict Client
Hints headers to cf-token.

+Mark Nottingham <mnot@mnot.net> & +Tommy Pauly <tpauly@apple.com> - do you
think more discussion is needed on that point? Or is this email thread
enough to ensure concerned folks would come forward if there are any?


>
> I personally don't have an issue with it as all registered HTTP headers
> will
> fitt in this more restricted syntax.
>
> So all I am asking for is an honest answer of the above questions.
>
>
> In addition when you update the draft, please fix the fact that draft-ietf-
> httpbis-header-structure-19 has changed the prefix for its ABNF constructs
> from
> "sh-" to "sf-".
>

Indeed. That came up in the review and a fix is in PR
<https://github.com/httpwg/http-extensions/pull/1220>.


>
>
> Cheers
>
> Magnus Westerlund
>
>
> ----------------------------------------------------------------------
> Networks, Ericsson Research
> ----------------------------------------------------------------------
> Ericsson AB                 | Phone  +46 10 7148287
> Torshamnsgatan 23           | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
>
>

v2.23.0 | Report a Bug | By Email