Re: ID for Immutable

Martin Thomson <martin.thomson@gmail.com> Sat, 29 October 2016 09:29 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C276129594 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 29 Oct 2016 02:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.932
X-Spam-Level:
X-Spam-Status: No, score=-6.932 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PWyPDfnrrbLo for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 29 Oct 2016 02:29:15 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65C40129577 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 29 Oct 2016 02:29:14 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1c0Pt4-0006wS-MW for ietf-http-wg-dist@listhub.w3.org; Sat, 29 Oct 2016 09:25:14 +0000
Resent-Date: Sat, 29 Oct 2016 09:25:14 +0000
Resent-Message-Id: <E1c0Pt4-0006wS-MW@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1c0Psz-0006aP-7P for ietf-http-wg@listhub.w3.org; Sat, 29 Oct 2016 09:25:09 +0000
Received: from mail-qk0-f177.google.com ([209.85.220.177]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <martin.thomson@gmail.com>) id 1c0Pst-000068-CG for ietf-http-wg@w3.org; Sat, 29 Oct 2016 09:25:04 +0000
Received: by mail-qk0-f177.google.com with SMTP id v138so22858980qka.0 for <ietf-http-wg@w3.org>; Sat, 29 Oct 2016 02:24:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=eiwnS0rKBSr6/eCyQI1AWCDHGdnhu/LGO/UmYnLswEI=; b=y3/Utkbr6goVrCfhpgyE0AVgaWWCYobZoti9apmljehkkjtnLZ8pihEi0yROMwjC1D atmTxE0lNlfcf1B3vVZ7kvehd8NfM2n4QEVWYUdA5+I9AUqxx34q0WTRSgupQf+4tall MWlTOXygv6cLJDAvET51imKHBRjNhm16HnFdaJvCCaTOJ/290QOIyRbxqVaR+Xq+TGpo BlmyGLPtH3U/ZFD2vxCRVvlYW3WlVl7iXokFLxmIjHi/aPBzViUP42UxzBwYVKq1dx+G 2BcHlREPGXplHF3Q5zXpC3AIZzI+1Un5hNxwq5L1pYXH2LjQghv5dpVgblabcnoZr3JQ X3ug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=eiwnS0rKBSr6/eCyQI1AWCDHGdnhu/LGO/UmYnLswEI=; b=NIMU2KsF373wLBN0VTrcZ6xwPdtDTQMTsDSSJ9wIgXITTkSDg7hhVjIpFDrYN2DQG4 xMk2+wjXN+E6S6CVYuGR9vIsPO5DiBPTjfzihmgAdchuKLqnYrTebMaMqAr20CY3cBm1 lUeTFmIa0slMaZVU8C7OVMWFE/kwAGXjBcBL/9+XUxfGO96DedxkFQJ191nXlYi5cdAy lmj9zrXng/u7AzzobFr9hmVHFBd1vsITVgchrEOIznJqKPtY47uKrvWZX98Qpnyz3KkY ZjnXh+P/YS2oCH/F4zJX7xdioxWJhAffl1CccofUZ2KeUDS6FzM0HBiwJSfpcCPCZnTD GdyA==
X-Gm-Message-State: ABUngvc+mS0T8kn9AsIcLUdymEBqtDMwoGB/JCBoQiXUzWFlL1lYnV6IxHECEn9cL4OzxXcUiPkeFQJE9qcSSg==
X-Received: by 10.233.235.72 with SMTP id b69mr16363534qkg.144.1477733077063; Sat, 29 Oct 2016 02:24:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.85.7 with HTTP; Sat, 29 Oct 2016 02:24:36 -0700 (PDT)
In-Reply-To: <201610290549.u9T5nThC023236@shell.siilo.fmi.fi>
References: <CAOdDvNqam930_0eA1p3yHW+xDdOm0AAMKvVKe6xwNwm1itpRpQ@mail.gmail.com> <20161028144407.48EFF162D1@welho-filter4.welho.com> <CAOdDvNpNAUccK0FO2HyvL7etnxEg2FRt0tvXwXxkR1q5wLy_gw@mail.gmail.com> <CAOdDvNpi=TxEf+W5vX8V3rCh8yB2P14pgO6bFXKthODRaU_y-g@mail.gmail.com> <201610290549.u9T5nThC023236@shell.siilo.fmi.fi>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 29 Oct 2016 20:24:36 +1100
Message-ID: <CABkgnnUjXrJnsGJr2iipxJ_J2czORh6xGaoz73EQY-MqnXL1Hw@mail.gmail.com>
To: Kari Hurtta <hurtta-ietf@elmme-mailer.org>
Cc: Patrick McManus <pmcmanus@mozilla.com>, HTTP working group mailing list <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.220.177; envelope-from=martin.thomson@gmail.com; helo=mail-qk0-f177.google.com
X-W3C-Hub-Spam-Status: No, score=-5.8
X-W3C-Hub-Spam-Report: AWL=-0.258, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1c0Pst-000068-CG 7be005af26cf5929d0e40a7298f6596f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: ID for Immutable
Archived-At: <http://www.w3.org/mid/CABkgnnUjXrJnsGJr2iipxJ_J2czORh6xGaoz73EQY-MqnXL1Hw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32722
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 29 October 2016 at 16:49, Kari Hurtta <hurtta-ietf@elmme-mailer.org> wrote:
> So on these case that heuristic that ignore immutable for
> "weakly framed content" does not help either. 304 reply
> still confirms to the client to keep using the corrupted content.
>
> My suggestion using immutable=<property from bydy> for ignnoring
> immutable was making that more explicit than heuristic. But
> that does change  is that ignoring usefull or not.


We aren't really looking for perfect here.  Corruption happens, but is
highly unlikely in the cases that we use this:

Note that Firefox also requires HTTPS (I think).  So random corruption
is astronomically unlikely and well-framed responses (Content-Length
fits, it uses h2) mean that there is enough confidence that the
response was as the server intended.  The key thing for the document
is probably not to specify precisely what conditions that it would
consider this safe to use, but to note that a degree of care might be
needed to avoid having broken responses cached.

Yes, the server might screw up, but the client won't be responsible
for that.  The server needs to create a new resource to fix it.  Or
maybe user will notice a problem and reload.