IETF Logo Mail Archive

Re: Design Issue: Separate HEADERS and PRIORITY Frames, Eliminate HEADERS+PRIORITY

Jeff Pinner <jpinner@twitter.com> Sat, 25 May 2013 19:46 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 122E821F86CB for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 25 May 2013 12:46:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.976
X-Spam-Level:
X-Spam-Status: No, score=-9.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41I23ZUTA-Kf for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 25 May 2013 12:45:56 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 8850721F8825 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 25 May 2013 12:45:54 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UgKOj-0000Iv-DG for ietf-http-wg-dist@listhub.w3.org; Sat, 25 May 2013 19:45:01 +0000
Resent-Date: Sat, 25 May 2013 19:45:01 +0000
Resent-Message-Id: <E1UgKOj-0000Iv-DG@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <jpinner@twitter.com>) id 1UgKOV-0000HJ-LQ for ietf-http-wg@listhub.w3.org; Sat, 25 May 2013 19:44:47 +0000
Received: from mail-ob0-f170.google.com ([209.85.214.170]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <jpinner@twitter.com>) id 1UgKOS-0003Cl-Ok for ietf-http-wg@w3.org; Sat, 25 May 2013 19:44:47 +0000
Received: by mail-ob0-f170.google.com with SMTP id er7so6819293obc.29 for <ietf-http-wg@w3.org>; Sat, 25 May 2013 12:44:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=twitter.com; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=O1zBjZulSQIJ/Ld06c2D1nhhKK5B/csiColqnHAeP7g=; b=oBFzeMjwTDMB4bf1gLb6Zvho97+Co8Ugnuv7aR9VJYIpFsT52zhfRiw8s6OrFsChyY xbHH6Z0e80K5CqoPvrNblbXrixQT9x7X7HR9o3gyUPw/Qtm1lP184frmBuz5bSy6ynLi gtQDQ/eHtLPlSxYuYcQ0ICPn1FCESBoAm2qtk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=O1zBjZulSQIJ/Ld06c2D1nhhKK5B/csiColqnHAeP7g=; b=iZGwBaWgi6Uvt1p8AluByA98o0eQiuSRYry1F9rdy12fsjpsZsh1C6eApxUtosX7wY nSiEWYTbcdXzP8rtOCHUqULgSQ1Nalru+QyWz8mqSjFbsi1p3Hdq6WwvP4e5ITg5Ewi4 8n9NnkZfBtWQ2iNxt+JpYQnQ8syVr00p9jQ90Xjjol2f83m6vLEPilfQV6pl5SsxTvhY OTVM3MeWIgh4OuEXe20LAR8+hOtd+Hw2A9LUwHBFPJfbeX4jbU0Tow04eVvp+rSFiXDg nZFI+wMP3mPd7/jk27rZHHirnbHogKgYLf4qTAnNWxBAlx7OV70LbDKPlEhlq+c1nWvh WENA==
MIME-Version: 1.0
X-Received: by 10.60.115.103 with SMTP id jn7mr14638886oeb.136.1369511058603; Sat, 25 May 2013 12:44:18 -0700 (PDT)
Received: by 10.182.39.36 with HTTP; Sat, 25 May 2013 12:44:18 -0700 (PDT)
In-Reply-To: <CAP+FsNe4=hVsm3sNerAdELECHz_2m8aWOLK-Kif-JVz_G=HyKw@mail.gmail.com>
References: <CABP7RbfX_H_7dwM7ExL5qJgpV5JN1NYyv9tqnu_E23qGk63mWg@mail.gmail.com> <CAA4WUYhDhoS+BNknRnYLAOXfWzumcjkWnQnM=NkNM8oqqE=atw@mail.gmail.com> <CAOdDvNqkuY5qtOzFz5J0v1F1_n8HmFY9J==sXMs_9tDrTTE=cg@mail.gmail.com> <CAA4WUYhZb_ScYZ=F8ypGkXkX=3oK+4TnyWOtuN_FNkZqqhbZLQ@mail.gmail.com> <CABP7RbeAwrT15QKn5kL0=w+V0zBgObe_pOzT-NxbwSrZ_RyA+A@mail.gmail.com> <CAP+FsNd95pXcPM1OiG2qjOyXKV80noh2frdEbORwe6HxsgeK3Q@mail.gmail.com> <CABP7RbfOWdaOVeVSmnrqUtHM5F8=xjLauDBoRbpijWsWxyK+rw@mail.gmail.com> <CA+pLO_g892Cr1B8GtN01j1GArU0+Mkoya2UAAb893ZrfKdyeEA@mail.gmail.com> <CAP+FsNe4=hVsm3sNerAdELECHz_2m8aWOLK-Kif-JVz_G=HyKw@mail.gmail.com>
Date: Sat, 25 May 2013 12:44:18 -0700
Message-ID: <CA+pLO_jaDNWyZyxsWVQ2YuBG8kuZjo1KovmBVfa2d9vVYb56dg@mail.gmail.com>
From: Jeff Pinner <jpinner@twitter.com>
To: Roberto Peon <grmocg@gmail.com>
Cc: James M Snell <jasnell@gmail.com>, "William Chan (陈智昌)" <willchan@chromium.org>, Patrick McManus <pmcmanus@mozilla.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="089e01161b482a164404dd9024fa"
X-Gm-Message-State: ALoCoQmORYbPGcwixuzMp1/EGujt8A2CehdHdrlLyzgXgbnscV8R95epzsiJhryqW3SsWQSnriq1
Received-SPF: pass client-ip=209.85.214.170; envelope-from=jpinner@twitter.com; helo=mail-ob0-f170.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.712, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UgKOS-0003Cl-Ok 217c7791334f2b8db8eb026dd0cd6f17
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Design Issue: Separate HEADERS and PRIORITY Frames, Eliminate HEADERS+PRIORITY
Archived-At: <http://www.w3.org/mid/CA+pLO_jaDNWyZyxsWVQ2YuBG8kuZjo1KovmBVfa2d9vVYb56dg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18091
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

A rebuttal of the DoS argument for the server case. Consider the following:

1. We currently allow up to N concurrent streams on the server (configured
via settings).
2. With reducing the frame size you have made the argument that multiple
HEADERS frame may be required on an individual stream to comprise a HTTP
request.

This means that a malicious client could always send N HEADERS+PRIORITY
frames, all with some "continuation" bit set (and possibly all without any
headers), causing the server to allocate state for all N streams.

This would be identical to issuing N PRIORITY frames for the next N open
streams followed by N HEADERS frames.

We can also protect the server against DoS by either requiring that the
receipt of a PRIORITY frame for a Stream ID that is invalid result in a
PROTOCOL_ERROR the same way that receipt of a HEADERS+PRIORITY frame would.

As for the additional state transitions, the additional complexity in the
session management logic is introduced as soon as you allow more than one
HEADERS frame per request and unaffected by separating HEADERS and PRIORITY
(again since a HEADERS+PRIORITY frame with no headers is equivalent).


As for issuing HEADERS from the client, does the spec now allowing mapping
HTTP requests to either HEADERS or HEADERS+PRIORITY frames? So this is
different than what was done with SynStream?


On Sat, May 25, 2013 at 12:24 PM, Roberto Peon <grmocg@gmail.com> wrote:

> Right now, we've proposed the following frame types:
>
> HEADERS+PRIORITY
> HEADERS
> PRIORITY (to be added)
>
> While I'm strongly against removal for the HEADERS+PRIORITY frame, I do
> agree that the PRIORITY frame is probably reasonable.
>
> Playing devil's advocate on the PRIORTY frame, though, I ask myself the
> question:
> Since a HEADERS+PRIORITY frame with no payload would be the same as a
> PRIORTY frame (and we have to handle the empty-payload case for header
> blocks anyway), are we buying anything?
> I don't have a good answer except that the PRIORITY frame "smells" right,
> and it has a low implementation cost in terms of complexity if we're doing
> any reprioritization.
>
> So, onto why I hate the idea of *requiring* separate frames for PRIORITY
> and HEADERS:
> In the PUSH_PROMISE case, the client can have indicated that it will not
> accept these streams by sending a SETTINGS frame, and much of the time the
> client has orders of magnitude more memory to spend per connection that
> does the server. PUSH_PROMISE is a totally different beast from PRIORITY.
> PRIORITY, on the other hand is not optional and can't be disabled-- if we
> did remove/disallow it, then we'd have crippled multiplexing for the
> browser use-case.
> If we allow PRIORITY to perform allocations, then we've increased
> complexity in the servers (more state transitions and state to store) and
> thus increased the number of DoS vectors against the servers for
> essentially zero gain.
>
> In your (non browser) use case, you'd just use HEADERS to initiate a
> stream from the client when you don't care to set the priority. You don't
> have to use HEADERS+PRIORITY. Your overall complexity should be unchanged.
> In the browser use-case, HEADERS+PRIORITY would be used nearly all the
> time, since the communication of priority is of very high importance (else
> the browser must implement and play heuristic waiting games for requests).
>
> In either case a PRIORITY frame could be used to reprioritize a stream.
>
> -=R
>
>
> On Sat, May 25, 2013 at 11:58 AM, Jeff Pinner <jpinner@twitter.com> wrote:
>
>> The color of my shed:
>>
>> I would like to see us remove HEADERS+PRIORITY entirely and add a
>> separate PRIORITY frame.
>>
>> I don't agree that separating them will simply cause an additional 4
>> bytes to be sent on every request. While it might be true that most
>> browsers will set the priority of a request, I don't think that all clients
>> necessarily will (I have a mobile client that uses HTTP for API requests
>> and have not found the priority mechanism necessary -- at least not yet).
>>
>> I could imagine that it would be acceptable to send the PRIORITY frame
>> before the HEADERS frame and still mandate that HEADERS frames (and now
>> only HEADERS frames) initiate streams. While this does cause some extra
>> state allocation, we already have to do something similar with PUSH_PROMISE
>> where we must track that the "stream identifier MUST be a valid choice for
>> the next stream sent" and then initiate the stream later.
>>
>> This would also give us a mechanism to send priority changes for
>> outstanding requests at the framing layer, and could allow priorities to be
>> set for pushed responses should it prove useful.
>>
>> - Jeff
>>
>>
>> On Tue, May 21, 2013 at 2:55 PM, James M Snell <jasnell@gmail.com> wrote:
>>
>>> On Tue, May 21, 2013 at 2:43 PM, Roberto Peon <grmocg@gmail.com> wrote:
>>> > Sending the PRIORITY frame *MUST* cause state allocation at the
>>> receiver,
>>> > else it was useless to send before the HEADERS frame. As you point
>>> out, at
>>> > minimum it must allocate a stream ID and priority field, and for most
>>> > implementations it will also need to include so mechanism of pointing
>>> out
>>> > that the headers don't exist, so, probably between 16 to 24 bytes
>>> worth of
>>> > allocation on a 64 bit machine.
>>> >
>>>
>>> Sorry, I wasn't clear in my initial response. Yes, there is some state
>>> that would need to be allocated but not the same as that when the
>>> initial HEADERS frame is received, for instance.
>>>
>>> > If the PRIORITY frame was renamed to CHANGE_PRIORITY, would that
>>> clarify
>>> > anything? Priority changing is the current intent of that frame type.
>>> >
>>>
>>> Not particularly, because we'd still have the question of when to use
>>> HEADERS+PRIORITY vs. the combination of HEADERS and a CHANGE_PRIORITY.
>>> Can HEADERS+PRIORITY be used any time? For instance, could I send an
>>> initial HEADERS frame on a stream then later send a HEADERS+PRIORITY
>>> on the same stream? I honestly don't care how it ultimately ends up so
>>> long as (a) It's the simplest thing that could possibly work and (b)
>>> Is easy to explain in the spec and easy for a developer to implement.
>>>
>>> > btw, I am not particularly partial to the "any frame opening up a
>>> stream"
>>> > thing. I'm not completely against it though :)
>>> > My reason for slightly preferring that streams must begin with HEADERS
>>> or
>>> > HEADERS+PRIORITY is that it is an explicit statement of intent, and
>>> thus
>>> > off-by-one, uninitialized var, etc. errors are more likely to be
>>> detectable
>>> > in a world where such is required.
>>> >
>>>
>>> I would very much like to see us mandate that streams always initiate
>>> with a HEADERS / HEADERS+PRIORITY frame.
>>>
>>> - James
>>>
>>> >
>>> >
>>> > -=R
>>> >
>>> >
>>> > On Tue, May 21, 2013 at 2:19 PM, James M Snell <jasnell@gmail.com>
>>> wrote:
>>> >>
>>> >> On Tue, May 21, 2013 at 10:30 AM, William Chan (陈智昌)
>>> >> <willchan@chromium.org> wrote:
>>> >> > Thanks for describing these cases now. I had not thought of them.
>>> >> >
>>> >> > If everyone's sold on reprioritization, then let's go ahead and do
>>> this
>>> >> > and
>>> >> > have the debate about ditching HEADERS+PRIORITY or not. I want to
>>> keep
>>> >> > it. I
>>> >> > don't like the idea of sending a PRIORITY frame first. Is sending a
>>> >> > PRIORITY
>>> >> > frame going to trigger stream state allocation at the receiver?
>>> What's
>>> >> > the
>>> >> > expectation? And if you don't have a priority for the HEADERS, then
>>> you
>>> >> > have
>>> >> > the race that Roberto described.
>>> >> >
>>> >>
>>> >> There is no reason to assume that sending a PRIORITY frame first would
>>> >> trigger stream state allocation at the receiver. At most, it would
>>> >> reserve the stream ID and store the priority value. The full state
>>> >> allocation would not occur until the HEADERS frame is received. That
>>> >> said, I'm not 100% dead set on removing HEADERS+PRIORITY, I would just
>>> >> like to simplify the protocol where it makes sense to, and even then
>>> >> only after it's been proven out in implementation. Having separate
>>> >> HEADERS, HEADERS+PRIORITY and PRIORITY frames is confusing, if we can
>>> >> do without separating them, we ought to do so.
>>> >>
>>> >> - James
>>> >>
>>> >> >
>>> >> > On Tue, May 21, 2013 at 2:09 PM, Patrick McManus <
>>> pmcmanus@mozilla.com>
>>> >> > wrote:
>>> >> >>
>>> >> >>
>>> >> >> On Tue, May 21, 2013 at 12:32 PM, William Chan (陈智昌)
>>> >> >> <willchan@chromium.org> wrote:
>>> >> >>>
>>> >> >>>
>>> >> >>> I support adding a new additional PRIORITY frame for stream
>>> >> >>> reprioritization.
>>> >> >>
>>> >> >>
>>> >> >> me too. Specifically I support this as a mechanism for the client
>>> to be
>>> >> >> able to explicitly prioritize an open pushed stream. I can wait for
>>> >> >> more
>>> >> >> evidence about re-prioritizing, but in cases where the client
>>> hasn't
>>> >> >> ever
>>> >> >> explicitly set the stream's priority I think we have evidence that
>>> its
>>> >> >> time
>>> >> >> to do something.
>>> >> >>>
>>> >> >>>
>>> >> >>> Unless there's a reason this needs to be in the current http/2
>>> draft
>>> >> >>> sooner rather than later, I'd rather punt on this discussion
>>> until we
>>> >> >>> have
>>> >> >>> implementation experience that can guide this debate.
>>> >> >>
>>> >> >>
>>> >> >> I think there is experience here specifically related to push.
>>> >> >>
>>> >> >> e.g. You can easily configure mod_spdy to push images when html is
>>> >> >> pulled.
>>> >> >> but you can't effectively dictate the relative priorities of those
>>> two
>>> >> >> things.
>>> >> >>
>>> >> >> Sure, you can define an explicit priority for those images but
>>> priority
>>> >> >> implementations are all about relative levels and the client set
>>> the
>>> >> >> priority of the html.
>>> >> >>
>>> >> >> You can argue that mod_spdy should have defined relative priorities
>>> >> >> (+/-
>>> >> >> the associated stream) instead of constants.. that would be better
>>> but
>>> >> >> the
>>> >> >> client still has no way to make sure those streams are at a higher
>>> >> >> priority
>>> >> >> than a "save as" background stream (I've seen this one happen as
>>> >> >> mod_spdy
>>> >> >> defaults to lowest priority when pushing), or a lower priority
>>> than a
>>> >> >> real-time video stream..
>>> >> >>
>>> >> >> plus there is no scale for the server to work with.. it might set
>>> a +2
>>> >> >> priority for pushed images but the client might be using +3 for
>>> pulled
>>> >> >> images causing a mismatch in something that was intended to be
>>> equally
>>> >> >> weighted.
>>> >> >>
>>> >> >> at least with a priority frame the client can make those
>>> adjustments in
>>> >> >> a
>>> >> >> RTT.
>>> >> >>
>>> >> >> Cheefully,
>>> >> >> -Patrick
>>> >> >>
>>> >> >>
>>> >> >
>>> >> >
>>> >>
>>> >
>>>
>>>
>>
>

v2.23.0 | Report a Bug | By Email