Re: Encouraging a healthy HTTP/2 ecosystem

"Nicolas Mailhot" <nicolas.mailhot@laposte.net> Wed, 02 July 2014 09:56 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A53D91A0644 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Jul 2014 02:56:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.253
X-Spam-Level:
X-Spam-Status: No, score=-7.253 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yN7iAlKGoL_O for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Jul 2014 02:56:30 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F9111B28E8 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 2 Jul 2014 02:56:30 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1X2HF5-00045J-Nw for ietf-http-wg-dist@listhub.w3.org; Wed, 02 Jul 2014 09:54:19 +0000
Resent-Date: Wed, 02 Jul 2014 09:54:19 +0000
Resent-Message-Id: <E1X2HF5-00045J-Nw@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <nicolas.mailhot@gmail.com>) id 1X2HEv-00043e-Fb for ietf-http-wg@listhub.w3.org; Wed, 02 Jul 2014 09:54:09 +0000
Received: from mail-wg0-f41.google.com ([74.125.82.41]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <nicolas.mailhot@gmail.com>) id 1X2HEu-00023m-HK for ietf-http-wg@w3.org; Wed, 02 Jul 2014 09:54:09 +0000
Received: by mail-wg0-f41.google.com with SMTP id a1so10636634wgh.0 for <ietf-http-wg@w3.org>; Wed, 02 Jul 2014 02:53:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:in-reply-to:references:date:subject:from:to:cc :user-agent:mime-version:content-type:content-transfer-encoding :importance; bh=og1SQ2pK4vK270Le40cl3V8+UzII0qrsg1ijBTi/48U=; b=oPG77PIFDeAyZ2x92cE8bYnZz8JS5KOLpRzQX/vDo8td9PaP8qAZlvy92YauCe9Hau mexN4zcdnGQYpnf1xJUAK+QcYE0xr3xZE+j7iJfnxm7TqVSdAsJRhDt23+hNVrAecF2s TNglPPL/kZC8mPGuJKRVla6Z6o/RXQEb218lxdnPJezHsCieiLb/SDiJo7EC9oF09Lt1 y2oq9xglSYMTbwCG5peUxXRWbMdWaCTJnEB2QQMLJTfb/X6STOQ2Qm79w3eMg+c1p0w4 UOtz2o1Rpm5q/dwAOWCft8njjXDJpeOTa8waO0WdWsWcnq6ypohM0dEMmSJUqmzUMc7h vjNA==
X-Received: by 10.194.24.36 with SMTP id r4mr58462489wjf.35.1404294817465; Wed, 02 Jul 2014 02:53:37 -0700 (PDT)
Received: from arekh.ddns.net ([2a01:e35:8aee:2d00:21f:d0ff:fe20:5f9f]) by mx.google.com with ESMTPSA id ft17sm54010344wjc.14.2014.07.02.02.53.36 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Jul 2014 02:53:36 -0700 (PDT)
Sender: Nicolas Mailhot <nicolas.mailhot@gmail.com>
Received: from localhost (localhost [127.0.0.1]) by arekh.ddns.net (Postfix) with ESMTP id 17E212E46C2; Wed, 2 Jul 2014 11:53:35 +0200 (CEST)
X-Virus-Scanned: amavisd-new at arekh.ddns.net
Received: from arekh.ddns.net ([127.0.0.1]) by localhost (arekh.okg [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k7Jo2DloArtb; Wed, 2 Jul 2014 11:53:20 +0200 (CEST)
Received: from arekh.ddns.net (localhost [127.0.0.1]) by arekh.ddns.net (Postfix) with ESMTP; Wed, 2 Jul 2014 11:53:19 +0200 (CEST)
Received: from 163.116.6.12 (SquirrelMail authenticated user nim) by arekh.ddns.net with HTTP; Wed, 2 Jul 2014 11:53:19 +0200
Message-ID: <34a14c21f8095291800c26637b61d10b.squirrel@arekh.ddns.net>
In-Reply-To: <CAA4WUYhOu0tW_9vSJ4wcLh+V=y9h-FfdZjw8Y2kqLp3Bhkcugg@mail.gmail.com>
References: <CAA4WUYgqE02o9jftm1ERJGsKBqau9CRAJ4=JF0r3x-11gh5ZXQ@mail.gmail.com> <DCA8E438-2E23-48B6-8215-E254A4B455D0@redhat.com> <CAA4WUYhLfUOm21DZUOxUhfJHp3EgLQ+H-S+kNrCtA70uh+vAKA@mail.gmail.com> <683A8E2F-2DC7-4BC0-BCD1-95E28E65E4D0@redhat.com> <CAA4WUYhOu0tW_9vSJ4wcLh+V=y9h-FfdZjw8Y2kqLp3Bhkcugg@mail.gmail.com>
Date: Wed, 02 Jul 2014 11:53:19 +0200
From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
To: "\"William Chan (陈智昌)\"" <willchan@chromium.org>
Cc: Jason Greene <jason.greene@redhat.com>, HTTP Working Group <ietf-http-wg@w3.org>
User-Agent: SquirrelMail/1.4.22-15.fc21
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Received-SPF: pass client-ip=74.125.82.41; envelope-from=nicolas.mailhot@gmail.com; helo=mail-wg0-f41.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.767, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1X2HEu-00023m-HK d52b807c19904a8b8fa38172ebc001bb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Encouraging a healthy HTTP/2 ecosystem
Archived-At: <http://www.w3.org/mid/34a14c21f8095291800c26637b61d10b.squirrel@arekh.ddns.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/25100
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Le Mar 1 juillet 2014 23:08, William Chan (陈智昌) a écrit :

> It's hijacking my thread because it wasn't the impetus :) Indeed, as I
> already said, I specifically caveated the CONTINUATION case because I knew
> it was contentious. The impetus is because I've received word of MITM
> proxies that plan to do deep inspection of HTTP/2. So I'm becoming worried
> about ossification on these TLS connections that were previously free from
> intermediary interference.

Well you were told last year that http2 needed a good intermediary story
or intermediary people would get things into their own hands. And that
they could make your life miserable just as you could make theirs
miserable. And that the "bad" intermediary people where financed by "good"
intermediary users because "good" intermediaries have been made to suck so
much people had no choice but to junk "good" intermediaries in favour of
"bad" working ones.

I don't see how your solution/proposal to make intermediaries suck even
more by guerilla fighting all of them indiscriminately in http2
implementations is not going to result in more of the same.

Make standard malware-scanning youtube-blocking-at-work intermediary work
and most of the market for MITM proxies that plan to do deep inspection
will evaporate.

-- 
Nicolas Mailhot