IETF Logo Mail Archive

Re: New Version Notification for draft-thomson-http-replay-00.txt

Benjamin Kaduk <bkaduk@akamai.com> Tue, 25 July 2017 16:09 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29900129AD1 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 25 Jul 2017 09:09:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level:
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OTkVuSQRm0b8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 25 Jul 2017 09:09:52 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AFA0129A9F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 25 Jul 2017 09:09:52 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1da2Mr-0003yC-2m for ietf-http-wg-dist@listhub.w3.org; Tue, 25 Jul 2017 16:07:29 +0000
Resent-Date: Tue, 25 Jul 2017 16:07:29 +0000
Resent-Message-Id: <E1da2Mr-0003yC-2m@frink.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <bkaduk@akamai.com>) id 1da2Mh-0003xL-MD for ietf-http-wg@listhub.w3.org; Tue, 25 Jul 2017 16:07:19 +0000
Received: from mx0a-00190b01.pphosted.com ([67.231.149.131] helo=mx0b-00190b01.pphosted.com) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <bkaduk@akamai.com>) id 1da2Mg-0008Hm-B9 for ietf-http-wg@w3.org; Tue, 25 Jul 2017 16:07:19 +0000
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.21/8.16.0.21) with SMTP id v6PG6plT021262; Tue, 25 Jul 2017 17:06:53 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type; s=jan2016.eng; bh=6HKA3lSsKbxxQle6erLJKwVRYedSLbvnx6DLgE4lUno=; b=YFKAVyZrnUz1bWPiQmIVc3C7+prcKvwuEd2+Cp9J/nMi92Pww9dj7GFmkzjiIc2DryJ6 hdtwZQKtPDsQrlTkVhRBA/xKiuRUrGCdq1Mqa879UG4C5hO05ToAl5sSvPBGXCBsQ/dl KzLQMXqJ+GoEdMomtDliOaZY/dPOKsYaB1cqxcvD9RtfiV/IY5mxAx0hOmmkpobXWjJ9 7ef9LSkxANEu4XPnXb1cBLhzg8thSM/yos+8HF2M0KBJ17QYyJLxGZ7fid9s+vc5jDW5 2Rekb4Q1QcIX01FDKLfvI340GSMpNFvGJiAQExjN8r7h3Q6w3LpMVlX4hwxEyrXJApJI nQ==
Received: from prod-mail-ppoint3 ([96.6.114.86]) by m0050093.ppops.net-00190b01. with ESMTP id 2bwue32yxp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 25 Jul 2017 17:06:53 +0100
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v6PG6ArX018138; Tue, 25 Jul 2017 12:06:52 -0400
Received: from prod-mail-relay15.akamai.com ([172.27.17.40]) by prod-mail-ppoint3.akamai.com with ESMTP id 2bv21vfgaq-1; Tue, 25 Jul 2017 12:06:52 -0400
Received: from [172.19.17.86] (bos-lpczi.kendall.corp.akamai.com [172.19.17.86]) by prod-mail-relay15.akamai.com (Postfix) with ESMTP id A2DBA20069; Tue, 25 Jul 2017 10:06:51 -0600 (MDT)
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, Subodh Iyengar <subodh@fb.com>, Ilari Liusvaara <ilariliusvaara@welho.com>, Mike Bishop <Michael.Bishop@microsoft.com>, HTTP Working Group <ietf-http-wg@w3.org>
References: <149811425736.30341.16596521802774811431.idtracker@ietfa.amsl.com> <CABkgnnX6CUnMYU8OzLuq+XmeQuocpGm+zntEkJ71xb_Mh670eQ@mail.gmail.com> <MWHPR21MB014129FFB934EB1275A0639387DB0@MWHPR21MB0141.namprd21.prod.outlook.com> <MWHPR15MB14559FC79A1208E87B7714DDB6A60@MWHPR15MB1455.namprd15.prod.outlook.com> <CANatvzxX9wQKqOQZ81O45psWAR7+eg+2cP9i3qQ3XoOxbf=BPg@mail.gmail.com> <MWHPR15MB145573BAA3E2821EDAE3B67BB6A60@MWHPR15MB1455.namprd15.prod.outlook.com> <20170721162620.w4pux4q7h3ebn3kt@LK-Perkele-VII> <MWHPR15MB1455B7B5826FD620A907E8C9B6A40@MWHPR15MB1455.namprd15.prod.outlook.com> <CANatvzxmeYd--vJn2V+frA2Niq4LRuo9ct=pMsAa689+a8_iOA@mail.gmail.com> <CABkgnnU8X+K-K4Dkwo271Wm1ZmbQtxzhM7bR7PuKXOvBiaUS-w@mail.gmail.com> <CANatvzzEJMsHM2_yk7ON3u0bDoqrEHcwDd0Y+tZW_BWz3wkzbA@mail.gmail.com> <CANatvzw64WwksUnyzMWyF9LoPvYMdZP-THUb9NnsoxHCbeku+Q@mail.gmail.com> <b3c87af0-2ec6-eedf-864a-30f04dd21d14@akamai.com> <CANatvzyByFbmcEdw=aZc3v_rRvX6Fyq4q2Wiov=O0FkNQAYpog@mail.gmail.com>
From: Benjamin Kaduk <bkaduk@akamai.com>
Message-ID: <aecbb68c-6fb1-52af-032d-fbd4997776b1@akamai.com>
Date: Tue, 25 Jul 2017 11:06:51 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CANatvzyByFbmcEdw=aZc3v_rRvX6Fyq4q2Wiov=O0FkNQAYpog@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------265F1D6B3864231DF857A97B"
Content-Language: en-US
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-07-25_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707250254
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-07-25_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707250254
Received-SPF: pass client-ip=67.231.149.131; envelope-from=bkaduk@akamai.com; helo=mx0b-00190b01.pphosted.com
X-W3C-Hub-Spam-Status: No, score=-3.0
X-W3C-Hub-Spam-Report: AWL=1.683, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1da2Mg-0008Hm-B9 7533005010e366c31933d71012e4bdd7
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-thomson-http-replay-00.txt
Archived-At: <http://www.w3.org/mid/aecbb68c-6fb1-52af-032d-fbd4997776b1@akamai.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/34158
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 07/25/2017 10:30 AM, Kazuho Oku wrote:
> Hi Benjamin,
>
> Thank you for your response.
>
> 2017-07-25 21:27 GMT+09:00 Benjamin Kaduk <bkaduk@akamai.com>:
>>
>> This part I do not agree with, in particular the intermediary making the
>> decision to re-send the request without the early-data header.  I believe
>> that this decision must be left in the hands of the original client, and do
>> not think the latency concern justifies deviating from that.
> Could you please clarify the reason that an intermediary should not be
> allowed to retry a request (that has once been rejected by 4NN) when
> receiving an 1-RTT confirmation from client, without setting the
> early-data header?
>
> To me, the behavior is identical to a server that postpones a request
> (that was received as 0-RTT data) until it sees a ClientFinished.
> Which is a behavior you state as permissible.
>
>

In the general case, the request can be different when generated for the
retry versus the initial request.  This is quite obvious for the token
binding draft proposal in
https://tools.ietf.org/html/draft-ietf-tokbind-tls13-0rtt-02 but I doubt
that's the only possible case.  Granted, the token binding case is not
especially applicable to the proxy case being discussed here since the
proxy would need to be involved in handling token binding for that to
work.  But I hope it helps to illustrate that the client should retain
control over how the request is retried and that the proxy may not have
all the information necessary to automatically retry.

-Ben

v2.23.0 | Report a Bug | By Email