Re: 6455 Websockets and the relationship to HTTP

Andy Green <andy@warmcat.com> Mon, 05 December 2016 04:01 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 792C81296ED for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 4 Dec 2016 20:01:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.687
X-Spam-Level:
X-Spam-Status: No, score=-9.687 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=warmcat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n70O2fSVKhV7 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 4 Dec 2016 20:01:53 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 190B51296DE for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 4 Dec 2016 20:01:45 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cDkQv-0000Ix-2e for ietf-http-wg-dist@listhub.w3.org; Mon, 05 Dec 2016 03:59:17 +0000
Resent-Date: Mon, 05 Dec 2016 03:59:17 +0000
Resent-Message-Id: <E1cDkQv-0000Ix-2e@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <andy@warmcat.com>) id 1cDkQf-0000Gx-3T for ietf-http-wg@listhub.w3.org; Mon, 05 Dec 2016 03:59:01 +0000
Received: from mail.warmcat.com ([163.172.24.82]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <andy@warmcat.com>) id 1cDkQS-0001g0-1C for ietf-http-wg@w3.org; Mon, 05 Dec 2016 03:58:55 +0000
DKIM-Filter: OpenDKIM Filter v2.10.3 warmcat.warmcat.com 12C1CA18F2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=warmcat.com; s=dkim; t=1480910298; bh=YGSRgJY1IS2/6TgoKjvZV3lm37pKD1/nG9gwCU4eiV8=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=FpbTbF3nSvpRWGUm6giRR722lKcAE09XOf4YC/2UOH+du+M5NM0iMdnxAi1KbIkuL +WhcqDd8knFmuXp5jcXtd8oNuB6pHpt4p3Kd5MPRYfKYclchBsywzxtGCJUT6apk0/ 4dcBNdc+Qqf0aI2VY8BA/5k9PVeAuVLwF1mur2xA=
Message-ID: <1480910296.4219.33.camel@warmcat.com>
From: Andy Green <andy@warmcat.com>
To: Van Catha <vans554@gmail.com>
Cc: Jacob Champion <champion.p@gmail.com>, Patrick McManus <mcmanus@ducksong.com>, HTTP Working Group <ietf-http-wg@w3.org>
Date: Mon, 05 Dec 2016 11:58:16 +0800
In-Reply-To: <CAG-EYCjhoXthjt7HsaV0MprZigJtzUOK=o7ybPwvj+uXwmBO1Q@mail.gmail.com>
References: <CAOdDvNqk7W_oNWUismMb-ZuhvdboZNDQ0YV2BLsbka-FGC-7oA@mail.gmail.com> <39F32B28-7116-478A-B02A-E8310EA6E189@mnot.net> <CABkgnnVZeLQGES5Dige8u+ukSgqSfJNKiCuL=oK3gQnAb_3LNw@mail.gmail.com> <CANatvzwoUYaC_YPTTF6fdwN5aOiwrttyH9Xj7xYVR1i1DZ27bA@mail.gmail.com> <037D2D57-7423-4375-9FEC-50B3106F42ED@mnot.net> <CANatvzx=mOQ3kE-vnvwNvD2w26+RNTueHgu7BhHLnJixn0vRcw@mail.gmail.com> <9e6f1a46-a782-a688-5b16-836d28032823@treenet.co.nz> <1480646012.4219.21.camel@warmcat.com> <CAOdDvNqShPUdu6zt-dPDpXm31eP2xX_dahrTr8JEbOOGQFFNSw@mail.gmail.com> <220b575c-a953-a8fe-1591-00d1e676b201@gmail.com> <CAOdDvNpdxHWj97S=A+Xtf5k3aWfSWg6AStxji4PKemw=xnH_XQ@mail.gmail.com> <7d0180d5-b3fa-dc7f-e211-a6b9ae0d826c@gmail.com> <A5761229-B012-496C-8AFD-C9FBC85DB4FC@warmcat.com> <af3a3783-4cf6-6e30-4d3c-c7e856894f9f@gmail.com> <568365B5-5F46-4F8B-AAC6-E687116B8DD0@warmcat.com> <f1823fb8-5719-6ac6-d1d5-76ba4265d851@gmail.com> <CAG-EYChDjkEhNrT+GFXsHE_2Df5-NKzyhpJmRivFpReheHR4nw@mail.gmail.com> <1480906979.4219.31.camel@warmcat.com> <CAG-EYCjhoXthjt7HsaV0MprZigJtzUOK=o7ybPwvj+uXwmBO1Q@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=163.172.24.82; envelope-from=andy@warmcat.com; helo=mail.warmcat.com
X-W3C-Hub-Spam-Status: No, score=-5.5
X-W3C-Hub-Spam-Report: AWL=1.147, BAYES_00=-1.9, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cDkQS-0001g0-1C 1b142fd06bcf1347b3de69abb580aa4c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: 6455 Websockets and the relationship to HTTP
Archived-At: <http://www.w3.org/mid/1480910296.4219.33.camel@warmcat.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33108
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Sun, 2016-12-04 at 22:23 -0500, Van Catha wrote:
> > The meaning of ws1 PING is different than the h2 link PING, which
> is
> > defined to not be able to have a specific stream context but only
> > connectionwide.  For ws1 it means the websockets server (which may
> be a
> > different process or on a different machine than the h2 endpoint)
> still
> > acknowledges the ws1 connection as alive and communication in both
> ways
> > on the stream is working.  For h2 it means the h2 server is still
> > connected at the stream bundle level.  They're not actually giving
> you
> > the same assurance.
> 
> That is the responsibility of the h2 endpoint (if h2 is
> proxing/forwarding the request to another server).
> 
> I do not see why this should be the responsibility of ws.  I see your

Ws1 already does that and it's in wide use.

Telling people to use the mux ping on h2 will be a departure in
functionality from ws1.  And depending how its put together, the guy
that binds streams in h2 may not have a way for the child streams to
request / see / manage delivery of h2-connection-level h2 PING/PONGs
that are already defined to not have any stream index other than zero.

It's a valid topic for discussion as to whether enough people care or
not to define a way to get the same functionality in ws2...

> point, but I see it as out of scope.

...ws1 found it "in scope".

-Andy

> On Sun, Dec 4, 2016 at 10:02 PM, Andy Green <andy@warmcat.com> wrote:
> > On Sun, 2016-12-04 at 19:59 -0500, Van Catha wrote:
> > 
> > > I do not see the need for Ping, Pong or Close ws frames. The
> > h2/quic
> > > transport layer handles this. If you want to measure latency then
> > > send your own pings/pongs, do not bake it into the protocol. 
> > There
> > > is no need for this, and if there is, please present a compelling
> > > reason.
> > 
> > He's making a slightly different point... there are some corner
> > cases
> > about ws1 RFC6455 protocol that are not grounded in the JS API,
> > although almost everything else is.
> > 
> > 1) ws1 PING / PONG for example aren't exposed in the JS API at all.
> > 
> > But they are in wide use by non-browser clients, who at intervals
> > want
> > to confirm their connection to the ws server is still live if it's
> > idle.
> > 
> > The meaning of ws1 PING is different than the h2 link PING, which
> > is
> > defined to not be able to have a specific stream context but only
> > connectionwide.  For ws1 it means the websockets server (which may
> > be a
> > different process or on a different machine than the h2 endpoint)
> > still
> > acknowledges the ws1 connection as alive and communication in both
> > ways
> > on the stream is working.  For h2 it means the h2 server is still
> > connected at the stream bundle level.  They're not actually giving
> > you
> > the same assurance.
> > 
> > 2) Jacob points out there is implicit serialization in ws1, a
> > fragment
> > is atomic, blocking PING, PONG and CLOSE until it is all sent. 
> > Again
> > it's not explicit in the JS API.  But again he's suggesting that
> > behaviour should be maintained in a ws2.
> > 
> > These are at least reasonable-to-argue points.
> > 
> > > The clientside API should not change, but it should definitely be
> > > extended OR more functionality should be added to browsers, like
> > the
> > > ability to compress data from inside JS land.
> > 
> > I dunno.  I implemented permessage-deflate nicely, with good
> > control
> > over its memory and streaming fixed-size buffers in and out, it can
> > pass Autobahn, but personally I have never had (or even seen) a
> > good
> > use for it.  I know some people love it... better to discuss with
> > them
> > rather than me...
> > 
> > -Andy
> > 
> > >
> > >
> > > On Fri, Dec 2, 2016 at 4:41 PM, Jacob Champion <champion.p@gmail.
> > com>
> > > wrote:
> > > > On 12/02/2016 12:58 PM, Andy Green wrote:
> > > > > On December 3, 2016 4:18:06 AM GMT+08:00, Jacob Champion
> > <champio
> > > > > n.p@gmail.com> wrote:
> > > > > > My point is just that this ability to multiplex control
> > frames
> > > > > > inside
> > > > > > of
> > > > > > in-flight messages is not something that is explicitly
> > exposed
> > > > > > by the
> > > > > > JS
> > > > > > API, but it may be something that a (non-browser) client
> > > > > > requires for
> > > > > > proper operation. I think WS/2 should still support it,
> > > > > > regardless of
> > > > > > whether or not a JS client can make use of it.
> > > > > >
> > > > >  
> > > > > OK.  Although the only relevant control frames are PING /
> > PONG.
> > > > >
> > > >  
> > > > CLOSE too, plus any control frames added to the protocol
> > between
> > > > now and the release of WS/2.
> > > >
> > > > > And if a client wants to send control frames inside a huge
> > > > > message, that client must have explicitly fragmented the
> > message
> > > > > already.
> > > > >
> > > > > The general idea is just map ws2 payload frames direct to h2
> > > > > framing... refragmenting them to fit.  In that way,
> > 'supporting'
> > > > > ws1 63-bit frame lengths compatibly doesn't require 63-bit
> > frame
> > > > > lengths in ws2 because ws always allows refragmentation of
> > > > > frames.
> > > > >
> > > >  
> > > > Agreed.
> > > >
> > > > > So it only creates more fragmentation / opportunities to
> > insert
> > > > > control frames, so no problem.
> > > > >
> > > > > > Let me step back: when you say that your goal is to
> > "provide a
> > > > > > transport
> > > > > > for JS WS API on h2", my fear is that this could lead to a
> > > > > > situation
> > > > > > where semantics that are part of WS/1 are removed from WS/2
> > for
> > > > > > no
> > > > > > reason other than "Javascript clients don't need it, so no
> > one
> > > > > > else
> > > > > > does
> > > > > > either." I would like to avoid that.
> > > > > >
> > > > >  
> > > > > What I meant by that is ws1 wire protocol can go out the
> > window
> > > > > completely.  The job is not wrap ws1 verbatim in h2 frames,
> > keep
> > > > > ws1 negotiation headers, masking, etc.  It can be radically
> > > > > recast to align with h2 while following the JS API, and fully
> > > > > exploit new possibilities like roundtrip elimination.
> > > > >
> > > > > I agree it should make some effort to not break non JS /
> > browser
> > > > > uses.  But it's no coincidence there are only a tiny number
> > of
> > > > > corner cases about that -- ws1 was itself designed to
> > implement a
> > > > > transport for the ws JS API.
> > > > >
> > > >  
> > > > It sounds like we're on the same page, as long as the eventual
> > > > solution's authors understand those corner cases, and that the
> > > > functionality provided by WebSocket is (to a minor extent) a
> > > > superset of what's provided by the JS API. In particular, I
> > agree
> > > > that we don't necessarily need to be bound by the current wire
> > > > format, or the same HTTP-buster security features, as WS/1.
> > > >
> > > > --Jacob
> > > >
> > > >
> > >
> > >
> > 
> 
>