IETF Logo Mail Archive

Re: HTTP router point-of-view concerns

Martin Thomson <martin.thomson@gmail.com> Fri, 12 July 2013 15:52 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CE4721F9E77 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Jul 2013 08:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.432
X-Spam-Level:
X-Spam-Status: No, score=-10.432 tagged_above=-999 required=5 tests=[AWL=-0.133, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oG1UuOsVGfvU for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 12 Jul 2013 08:52:40 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 501BD21F9E1D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 12 Jul 2013 08:52:40 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UxfdS-000737-Eo for ietf-http-wg-dist@listhub.w3.org; Fri, 12 Jul 2013 15:51:54 +0000
Resent-Date: Fri, 12 Jul 2013 15:51:54 +0000
Resent-Message-Id: <E1UxfdS-000737-Eo@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1UxfdK-0006xq-Kj for ietf-http-wg@listhub.w3.org; Fri, 12 Jul 2013 15:51:46 +0000
Received: from mail-wi0-f172.google.com ([209.85.212.172]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1UxfdJ-0007s2-P2 for ietf-http-wg@w3.org; Fri, 12 Jul 2013 15:51:46 +0000
Received: by mail-wi0-f172.google.com with SMTP id c10so847278wiw.17 for <ietf-http-wg@w3.org>; Fri, 12 Jul 2013 08:51:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=/ZeTo+JtA/jjBc1pf/jMAFjOQuf97JbaeYupePkOol4=; b=fcLtTtfC3F4ShLkAt+ZELLrrz0lemuKpCavXC2Ec13p3DMVmBNDub44tIGIhWRELEd 76cVSNq5UPpWUZtYj4RdOJYNo532dC2jgZ9BHQGA0EI0XCBHeBIlrwCqK4+f38NI1Dtu CVcUo1eLMq83YQ9b2QLeJUg/nbiciLZoSbWPcQYAWL4Nk5bXa6DW5pjR1SpoDQjHQOl2 OVYkBf1oqvKoOX256SPiLoDQMiyeraYKTLvP6FX6d2xB4AL5D6NvgycPlERjOhmAwLhn rK41DoE5P99x8PlBfx/8JssDbCVoVhuWzpg3g7VYPs+k14WqOEjXSHC/r2wZ+zk2ZJXb KqqQ==
MIME-Version: 1.0
X-Received: by 10.180.73.68 with SMTP id j4mr2093099wiv.10.1373644279547; Fri, 12 Jul 2013 08:51:19 -0700 (PDT)
Received: by 10.194.60.46 with HTTP; Fri, 12 Jul 2013 08:51:19 -0700 (PDT)
In-Reply-To: <CA+KJw_592N7xBVLceTXFQreP1-wUUHutmWii7LQ_mdkGR-7M_w@mail.gmail.com>
References: <CA+qvzFPUpcm6kUtJx+rTw8Dpp4Gtx4Bmr3XPDhjNsjchUfN9_w@mail.gmail.com> <51DE1E32.9010801@treenet.co.nz> <CAP+FsNdcYhA=V5Z+zbt70b5e7WmcmXgjG5M9L3vfXeXfTwmRnw@mail.gmail.com> <51DE327C.7010901@treenet.co.nz> <CABkgnnXeqD6wh0dcJ1Dz=4PLAJNkDeGcCuzMr9ATd_7xS7nbGQ@mail.gmail.com> <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com> <CAP+FsNcOZnLa9GCr6XcZNFdq-mSXG6Q-_1Lb5u=a2YyXNCsVfQ@mail.gmail.com> <51DFBDAB.9010505@treenet.co.nz> <CABaLYCs4KUXO2YwGyG07kbGJtrrfc7kVMJH3N_f=D-WQG86FcQ@mail.gmail.com> <CA+KJw_592N7xBVLceTXFQreP1-wUUHutmWii7LQ_mdkGR-7M_w@mail.gmail.com>
Date: Fri, 12 Jul 2013 08:51:19 -0700
Message-ID: <CABkgnnXOw-6vX_Ayy7cNDKi4GX3J4fREyUksCpLuS6XWvqTruw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Gábor Molnár <gabor.molnar@sch.bme.hu>
Cc: Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=209.85.212.172; envelope-from=martin.thomson@gmail.com; helo=mail-wi0-f172.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.700, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UxfdJ-0007s2-P2 127762655b6d059700010f2f08c0af50
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/CABkgnnXOw-6vX_Ayy7cNDKi4GX3J4fREyUksCpLuS6XWvqTruw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18727
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 12 July 2013 02:46, Gábor Molnár <gabor.molnar@sch.bme.hu> wrote:
> The problem is that there's a DoS vector here. While sending the HEADERS
> frames on the upstream connection, there must not be anything else sent
> there. Now suppose a client is very slow, for example, it waits one second
> between sending the first and the second (last) HEADERS frame to the proxy.
> During this time (which can be arbitrary large), the proxy cannot send
> anything on its upstream connection (and it cannot create a new connection
> as it's forbidden in the current spec), so it's basically is blocked.

So don't do that then.

If you have to have two headers frames, then we simply don't create a
restriction like the current one whereby both have to appear in
immediate succession.

As has been suggested, if routing information is important, we can
conceive of ways to ensure that it appears first.  That doesn't
necessarily constrain the rest of the design.  And existing
constraints are a product of the existing design.  A changed design
necessarily creates new constraints.

v2.23.0 | Report a Bug | By Email