Re: draft-ietf-httpbis-jfv: what's next

Willy Tarreau <w@1wt.eu> Wed, 19 October 2016 14:50 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48F341299A0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 19 Oct 2016 07:50:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.332
X-Spam-Level:
X-Spam-Status: No, score=-7.332 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EuEjJisYLvL7 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 19 Oct 2016 07:50:56 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AD6E129661 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 19 Oct 2016 07:50:55 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bws8m-0004bh-ER for ietf-http-wg-dist@listhub.w3.org; Wed, 19 Oct 2016 14:46:48 +0000
Resent-Date: Wed, 19 Oct 2016 14:46:48 +0000
Resent-Message-Id: <E1bws8m-0004bh-ER@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bws8h-0004Zd-OF for ietf-http-wg@listhub.w3.org; Wed, 19 Oct 2016 14:46:43 +0000
Received: from wtarreau.pck.nerim.net ([62.212.114.60] helo=1wt.eu) by maggie.w3.org with esmtp (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bws8C-0007F9-IW for ietf-http-wg@w3.org; Wed, 19 Oct 2016 14:46:43 +0000
Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id u9JEjhp4000958; Wed, 19 Oct 2016 16:45:43 +0200
Date: Wed, 19 Oct 2016 16:45:43 +0200
From: Willy Tarreau <w@1wt.eu>
To: Matt Menke <mmenke@google.com>
Cc: Frederik Braun <fbraun@mozilla.com>, Daniel Stenberg <daniel@haxx.se>, Poul-Henning Kamp <phk@phk.freebsd.dk>, HTTP working group mailing list <ietf-http-wg@w3.org>
Message-ID: <20161019144543.GC653@1wt.eu>
References: <78301.1476524467@critter.freebsd.dk> <CAEK7mvomoxSqTs5APVj=ZzG2wDz24PhJtsSibGQq2oGkv-zcLg@mail.gmail.com> <48285.1476737617@critter.freebsd.dk> <CAEK7mvr_RWR6RbeXE47Ap4Vh21anu5mHTqaxbwtTmA1ZLQ1dmQ@mail.gmail.com> <48364.1476738075@critter.freebsd.dk> <CAEK7mvp5zDw7uo6ZP3KOhQiWWDuoEBAay5wPWYRgpoCNgnsidw@mail.gmail.com> <48410.1476738879@critter.freebsd.dk> <alpine.DEB.2.20.1610172343280.30521@tvnag.unkk.fr> <2234bba0-5100-e5f5-ee9e-da81bafe1235@mozilla.com> <CAEK7mvpkN-wSN7HaEpT9T=W4wv4kW+i5RQHkxfUR2STcnV8SPA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAEK7mvpkN-wSN7HaEpT9T=W4wv4kW+i5RQHkxfUR2STcnV8SPA@mail.gmail.com>
User-Agent: Mutt/1.6.0 (2016-04-01)
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=0.0
X-W3C-Hub-Spam-Report: RCVD_IN_DNSWL_NONE=-0.0001, TIME_LIMIT_EXCEEDED=
X-W3C-Scan-Sig: maggie.w3.org 1bws8C-0007F9-IW a87e802a445e292803d035c5bdebec3a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: draft-ietf-httpbis-jfv: what's next
Archived-At: <http://www.w3.org/mid/20161019144543.GC653@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32637
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Matt,

On Wed, Oct 19, 2016 at 10:30:30AM -0400, Matt Menke wrote:
> With Chrome, about 0.003% of main frame responses are detected as HTTP/0.9,
> and 0.005% of subresources are HTTP/0.9.  Since HTTP/0.9 includes no
> explicit identifying headers, some of these could be broken servers
> responding with nonsense data.
> 
> We actually did try to go it alone in remove HTTP/0.9 support, but soon
> backed off after trying it in our pre-release channels, because of the
> aforementioned incident with the configuration page of a line of home
> routers.

That's very useful data. On haproxy, we never ever had a single report of
a broken application caused by the fact that we block 0.9 responses. So
your observation of home routers using it tends to confirm our observation
in that it is probably only found in cheap consumer devices (that we never
see) and never on the hosting side (where haproxy is normally installed).

It could be useful to know if Squid sees such responses, because in general
it will not be used to access local network devices but will still face the
internet and a wide spectrum of self-hosted servers that we don't see.

Regards,
Willy