Re: 0-RTT Design for HTTP/2

Martin Thomson <mt@lowentropy.net> Sun, 20 December 2020 22:43 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07E5A3A0332 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 20 Dec 2020 14:43:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.748
X-Spam-Level:
X-Spam-Status: No, score=-2.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=Hgvtpplc; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=aM7Tj0w3
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rNxUrqRQ0ufq for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 20 Dec 2020 14:43:20 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D81D3A0317 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 20 Dec 2020 14:43:19 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1kr7NB-00040d-PJ for ietf-http-wg-dist@listhub.w3.org; Sun, 20 Dec 2020 22:40:17 +0000
Resent-Date: Sun, 20 Dec 2020 22:40:17 +0000
Resent-Message-Id: <E1kr7NB-00040d-PJ@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mt@lowentropy.net>) id 1kr7N9-0003zn-H7 for ietf-http-wg@listhub.w3.org; Sun, 20 Dec 2020 22:40:15 +0000
Received: from out4-smtp.messagingengine.com ([66.111.4.28]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mt@lowentropy.net>) id 1kr7N7-0005Ie-NY for ietf-http-wg@w3.org; Sun, 20 Dec 2020 22:40:15 +0000
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id AE9875C010B for <ietf-http-wg@w3.org>; Sun, 20 Dec 2020 17:39:56 -0500 (EST)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Sun, 20 Dec 2020 17:39:56 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm1; bh=IvrlgKBLlhx+v9/5IRqTJD1GE5s6byL Y9KkFqt9ZSYE=; b=HgvtpplcamjQJTfyWIx9LaSmpISmBztMsun5c38Mjn35cbC HBtDs30T04bvg8IAfmYkjn2SzwZnhamybbtB7OByLSs/5iz0SD/N66dva13IRTUx T98rlUrxW4d4wEySHkp2sU+Bg+ao3GvCbENQOG1VMzVvmQCuBR8W0MIs8t/yGlvI /TwHFSqOND8ayRY8W9xvgJfMCF0G67VP7YcyN3MydvPutabqRqW71CBBjz7pgpwL kWYnYY1A/4YdvkpZFfUaRKhFZHtlCVHoDOT10YxHe4sm4+BHeOHwX7ivpB7jzxQD dqBhtsQ2nBzpaAm8jGYpg4IftR6nxEL94B9+sBA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=IvrlgK BLlhx+v9/5IRqTJD1GE5s6byLY9KkFqt9ZSYE=; b=aM7Tj0w3qbPBQ/7gOCihby JPYaNij2BAD58ORvaFIPrrpXnoxdb8/XVJMb71yyStoPhBeE/yna4EC56w6hiI6P JUdyO36Gmt1xqUV7JTmunmCl0iWqL/+uf9ny9N+lhRq6yrqnIseTbIpXLIIswdQ0 a6ljFWsDZstemB4oUbkktgZeZ1hsJ9B42DTW9flOO0uF4M0R2Mm1oQGOWnMKuWsV sq0xD6kp2vUamAIKa0L9LI/1uFBGk9ka/yZh7ED24pPsRXP7aRh/i0Xcjm7ObfJX MJtbRX/Al4glP9D15FUhc0lXeizllEtWODemskdW1qqGIX87JG1uRo3/MM7Fe7Ow ==
X-ME-Sender: <xms:vNLfX0OVPXHLEkvhuBMjEM379nQkymtH65yRy8NG4HRDo-RFvwggkg> <xme:vNLfX6_bDIfPOzcfACsqGwuqmLNmczC-J-7dOql1a_8TPReVVfkjq9AOqokXRkfCA chcUB_mHOqloH1rnrc>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvddtuddgtddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeekteeuieektdekleefke evhfekffevvdevgfekgfeluefgvdejjeegffeigedtjeenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvg ht
X-ME-Proxy: <xmx:vNLfX7QbjUwIodP2_oJFkheZ6NdRuLVyojalCeMr3m0_GaR8QWtYGw> <xmx:vNLfX8vvy0Vcw6F7BWESmRzKMjuYo8s-iQuV34iUr72zNo2TESpTAQ> <xmx:vNLfX8c_rUbKeG3Ym85Hifj0X-NAgYfzc6AZqowlbgpkpaK42DADbQ> <xmx:vNLfX2pFpJSjhzT5LQQ_K3P-xQuFkF0HlrflQrI-vBtPNE6k3Z95Nw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 53D1E200B9; Sun, 20 Dec 2020 17:39:56 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.1-61-gb52c239-fm-20201210.001-gb52c2396
Mime-Version: 1.0
Message-Id: <aaddc671-96b9-4a1e-b83b-bb3e77317fd5@www.fastmail.com>
In-Reply-To: <20201219171835.GB18787@1wt.eu>
References: <126ee381-7828-451f-865a-db6357928243@www.fastmail.com> <20201219171835.GB18787@1wt.eu>
Date: Mon, 21 Dec 2020 09:39:33 +1100
From: Martin Thomson <mt@lowentropy.net>
To: ietf-http-wg@w3.org
Content-Type: text/plain
Received-SPF: pass client-ip=66.111.4.28; envelope-from=mt@lowentropy.net; helo=out4-smtp.messagingengine.com
X-W3C-Hub-Spam-Status: No, score=-6.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1kr7N7-0005Ie-NY b08bd4af8a94be79b96da9bc70cd8b87
X-Original-To: ietf-http-wg@w3.org
Subject: Re: 0-RTT Design for HTTP/2
Archived-At: <https://www.w3.org/mid/aaddc671-96b9-4a1e-b83b-bb3e77317fd5@www.fastmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38334
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Sun, Dec 20, 2020, at 04:18, Willy Tarreau wrote:
> My understanding was that if the server advertises EARLY_DATA_SETTINGS=1,
> then the client would assume the server kept the same settings. In my
> opinion this should be sufficient to let the client safely reuse these
> values for next connections. And BTW, this shouldn't prevent the server
> from emitting its settings frame anyway so that the client can check if
> anything changed.

Yes, this is correct.  I've tweaked my copy to include mention of the connection preface in the resumed connection replacing the remembered values.
 
> I see that Cory mentioned the fact that most implementations do not see
> the TLS layer, I can confirm this. For example in haproxy, h2 works on
> top of a streaming transport protocol. It can be plain or TLS on top of
> TCP, UNIX or socketpairs, we don't care. Early data, if any, are retrieved
> by the TLS layer and are prepended in front of the other data (more or
> less some details I don't remember regarding the necessary controls to
> figure whether or not some early data were involved for the request).
> 
> Anything more complicated will likely become a showstopper I'm afraid.

I don't think that you need anything other than an API that allows you to determine whether early data was accepted.

Ideally, you also have a means of saving data to the session ticket and getting that data back when the connection is resumed.  Then you can save the settings in the ticket and then you don't have to remember on your own. A simple boolean doesn't give you a lot of flexibility in terms of how you deploy this.  With just a boolean you have to commit to discarding session tickets every time your server configuration changes.