IETF Logo Mail Archive

Re: New Version Notification for draft-divilly-status-555-00.txt

Mark Nottingham <mnot@mnot.net> Fri, 27 March 2020 03:58 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6DB73A0907 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 26 Mar 2020 20:58:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.214
X-Spam-Level:
X-Spam-Status: No, score=-4.214 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-1.463, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=YePv11zx; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=NvNPwIw8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6UMGPEGUWqE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 26 Mar 2020 20:58:09 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 973B33A08C7 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 26 Mar 2020 20:58:08 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1jHg5R-0001eB-Nc for ietf-http-wg-dist@listhub.w3.org; Fri, 27 Mar 2020 03:55:13 +0000
Resent-Date: Fri, 27 Mar 2020 03:55:13 +0000
Resent-Message-Id: <E1jHg5R-0001eB-Nc@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1jHg5P-0001dQ-37 for ietf-http-wg@listhub.w3.org; Fri, 27 Mar 2020 03:55:11 +0000
Received: from out1-smtp.messagingengine.com ([66.111.4.25]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1jHg5M-00024I-1D for ietf-http-wg@w3.org; Fri, 27 Mar 2020 03:55:10 +0000
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id CD4FD5C0345; Thu, 26 Mar 2020 23:54:54 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Thu, 26 Mar 2020 23:54:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm2; bh=M IfixHyaOyyeENugrMm9AOsxHhNsBVDfD5vLZ1sSAlE=; b=YePv11zxoO7q3Pm8M kO8itufqeTQZ5NjMXXaYVqL74NGgcAsD8vCOmjlVDV2vHJHBhTdcrP7chK9kDgIy 5LyqBsrm8pgGE9hc71sdARaqeVrK+jyHSpfI+s80EWVoqzLejgcG5OY0TqjXmoMo w+4h3bw3urmrr/zM1XTEa+Qb34uH1kntZDGOltN6bzZhLRkTUhQofAIgelMzKwlE W/XWdAyNSHhfWi6PC/7X1JUTbza1jpBWaXQHQiCL25WV5eWDXL/lnDNQ+VPJ76Z3 g8vJKkOuJhC1cY/HmJ9H820kJ3lgQBle6e2P4M372q5BK4mVZSDXe4v76TMfFOgh J1RYg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=MIfixHyaOyyeENugrMm9AOsxHhNsBVDfD5vLZ1sSA lE=; b=NvNPwIw8iZAuvPWcLmJF/Xi8+d54NERC5/r01FQ9ZwT2gkz6w93j4lVU+ KQqOBgvZS4n4YoyTP6KQWKPRkHsydexATY1JMku29wQWrWLXXQXJdB7ic+VNwBoh bEUkoh8aTlmsb4Rypa6jOGuQgAfYSZ2y6udej3tqzgXkjszKL7XATf3xwi8iuTBr fvmQzy9g9MzmbIBRpQ78ysH+o5aFK1Xd85LdjTh536NMaWp1Cb0ZagB02wppnytw j+x8e9xupJITZVERxAZZcgkmxO8JfssjmrqCvNHQV7/I6fTP4ZUaVlms9B4qHvv5 GTHuhOXEMvpZFas7yT5WDRrJ8CXeA==
X-ME-Sender: <xms:DXl9XrqNuhmhBkGGc0cfXf62tVe5cx73zRkrDQ9kq6nc_1RCajGVow>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudehjedgudeigecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpegtggfuhfgjfffgkfhfvffosehtqhhmtdhhtddvnecuhfhrohhmpeforghr khcupfhothhtihhnghhhrghmuceomhhnohhtsehmnhhothdrnhgvtheqnecuffhomhgrih hnpehivghtfhdrohhrghdphhhtthhpfihorhhkihhnghhgrhhouhhpmhgvvghtihhnghhi nhhmrggurhhiugdrihhtpdhgihhthhhusgdrtghomhdpfiefrdhorhhgpdhhthhtphifgh drohhrghdpmhhnohhtrdhnvghtnecukfhppeduudelrddujedrudehkedrvdehudenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmnhhothesmh hnohhtrdhnvght
X-ME-Proxy: <xmx:DXl9Xm71FB8wjnL-TNyAc4ZOVcOUpbt4UFZj3-vLjx1F_ets5E2Pcg> <xmx:DXl9XtgOdQNA3KrRuQBr4wRggix1i8pGBIUpBp-iaPvYdBfRFxdJNA> <xmx:DXl9Xs3zhXLJoanPVIKHcXiGHMBCFoeV5j916MeclUG9h82ZNu1Z9Q> <xmx:Dnl9XnB5j2IdkZ5o9PKYDFgSESfojlZ0sxdX6yESuNLz0PwNaDc_GQ>
Received: from attitudadjuster.mnot.net (unknown [119.17.158.251]) by mail.messagingengine.com (Postfix) with ESMTPA id 46715306B27E; Thu, 26 Mar 2020 23:54:52 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <6F5864DF-55C8-4C64-9D1A-074850A3C3DC@oracle.com>
Date: Fri, 27 Mar 2020 14:54:49 +1100
Cc: HTTP Working Group <ietf-http-wg@w3.org>, Tommy Pauly <tpauly@apple.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <90EA7BE6-3A89-4330-AC19-A89F58F1A716@mnot.net>
References: <84C127AC-BA21-4CD8-9F79-8920ADE5BA4C@ORACLE.COM> <370AAF66-833D-42FB-A714-56582937124E@mnot.net> <6F5864DF-55C8-4C64-9D1A-074850A3C3DC@oracle.com>
To: Colm Divilly <colm.divilly@oracle.com>
X-Mailer: Apple Mail (2.3608.60.0.2.5)
Received-SPF: pass client-ip=66.111.4.25; envelope-from=mnot@mnot.net; helo=out1-smtp.messagingengine.com
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1jHg5M-00024I-1D ac36cad58e6b8bcc4c38b77c933c5a46
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-divilly-status-555-00.txt
Archived-At: <https://www.w3.org/mid/90EA7BE6-3A89-4330-AC19-A89F58F1A716@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37483
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Colm,

> On 26 Mar 2020, at 11:27 pm, Colm Divilly <colm.divilly@oracle.com> wrote:
> 
> Hi Mark,
>  thanks for taking the time to review this, based on your & Amos' [1] feedback, I've submitted a new draft:

Great.

> 
> Regarding this question:
> 
>> More generally, when someone needs to convey more refined information about what caused an error, the advice we give is to put that information in the response body or a response header. Did you consider that approach?
> 
> Yes, we include information in both the response header and the response body, we have found it to be largely ineffective. Our experience is that tools and humans see 500, think 'I know what that means...' and proceed to filing a problem report/complaining to the wrong party far too often. Also the extra information in the response header and body may end up being lost in the journey back to the client/monitoring tools. For example the access log will only show the status code, custom error pages may hide extra information in the response body. 

I understand and sympathise. However, if the bar for getting a new status code is "that's what people pay attention to", we're going to run out of status codes pretty quickly (which is the underlying concern with lots of these discussions). Also, the more status codes we mint, the more confusion there is about which one to use -- a phenomenon we already see a lot of.

That doesn't mean that we can't or won't standardise this -- just that we need to be thoughtful about it.


> https://datatracker.ietf.org/doc/draft-divilly-user-defined-resource-error/
> 
> Changes in this draft:
> 
> - Use 5NN instead of 555 through out
> - Remove 555 from the draft name
> - Explain use of 5NN: https://tools.ietf.org/html/draft-divilly-user-defined-resource-error-00#section-1
> - Explain why 500 Internal Server Error does not suffice: https://tools.ietf.org/html/draft-divilly-user-defined-resource-error-00#section-2.1. TLDR, folks only see the status code in the response, they ignore anything else is my experience
> - Do not indicate that the draft seeks to update RFC 7231

Thanks, that's a very good start.


> Regarding the following point:
> 
>> I agree this condition is potentially applicable to any resource, but it might fall afoul of another principle that we haven't written down as well -- that HTTP focuses on standardising the interface to the resource, not its implementation details (which this seems to be about). Roy might have some more thoughts here.
> 
> I see this proposal as enhancing the interface rather than clouding it with implementation details. When an error occurs, then very often some follow up action needs to be taken. Often that action is to file a problem report or examine some logs. The purpose of this status code is to help inform the client with whom to file the problem report or which logs to examine.
> 
> This proposal provides a clear classification for tools and humans, that can inform their decision about to how to deal with the error condition.
> 
> This falls outside what HTTP does or should specify. I see this proposal as a tiny layer atop the HTTP protocol to help with this pain point. 
> 
> I still feel this a pretty specialised use-case at this time and there likely is not enough consensus to standardise this approach, which is why I filed it as an informational draft. My hope with submitting the original draft was that others with similar requirements might come across the draft and choose to harmonise on using 555 as the status code for this condition, and that over time a consensus might build that it would be appropriate to try get it standardised.
> 
> I understand now that this approach is not in line with RFC 7231, so I've amended the draft to avoid preferring (squatting on) any particular status code.

Thanks again.

Regarding next steps (chair "hat" on) -- I'd love to hear what other WG participants (and people who don't participate here regularly, of course) think about this. One of the things we look for is level of interest, as well as level of agreement.

Normally, Tommy and I would probably ask you to present at the next HTTP Working Group meeting in Madrid. It's not clear what's going to happen with that meeting, but I suspect that one way or another we'll be having a WG meeting soon, if only virtually, and we can probably have a discussion there. Between now and then, hopefully we'll see more mailing list discussion.

Is that workable for you?  I'm not sensing a need to get a decision quickly on your part, but if that's not the case, please say so.

I've also added this to our Watch List so we remember to check in on it from time to time:
  https://github.com/httpwg/wiki/wiki/WatchList

Cheers,


> 
> Regards,
> Colm
> 
> [1]: https://lists.w3.org/Archives/Public/ietf-http-wg/2020JanMar/0244.html
> 
>> On 26 Mar 2020, at 03:49, Mark Nottingham <mnot@mnot.net> wrote:
>> 
>> Hi Colm,
>> 
>> For reference, the guidance for new status codes is here:
>>  https://httpwg.org/specs/rfc7231.html#considerations.for.new.status.codes
>> 
>> I agree this condition is potentially applicable to any resource, but it might fall afoul of another principle that we haven't written down as well -- that HTTP focuses on standardising the interface to the resource, not its implementation details (which this seems to be about). Roy might have some more thoughts here.
>> 
>> More generally, when someone needs to convey more refined information about what caused an error, the advice we give is to put that information in the response body or a response header. Did you consider that approach?
>> 
>> Cheers,
>> 
>> P.S. As an aside - we discourage people from "squatting" on status codes like this because it makes it harder to use them in standards later, and they are a relatively scarce resource. Please don't use it until it has been standardised, and in the future, it's best to make proposals along the lines of "a new 5xx status code" rather than a specific number. Thanks.
>> 
>> 
> 

--
Mark Nottingham   https://www.mnot.net/

v2.14.0 | Report a Bug | By Email