Re: Working Group Last Call: Compression Dictionary Transport

Patrick Meenan <patmeenan@gmail.com> Fri, 14 June 2024 21:35 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7662AC14CE3F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 14 Jun 2024 14:35:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.859
X-Spam-Level:
X-Spam-Status: No, score=-2.859 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="O2UNZ+HS"; dkim=pass (2048-bit key) header.d=w3.org header.b="I/Rt+PUO"; dkim=pass (2048-bit key) header.d=gmail.com header.b="QDWvFO+F"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kThtSQqvhUmJ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 14 Jun 2024 14:35:55 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F8BCC14F6FD for <httpbisa-archive-bis2Juki@ietf.org>; Fri, 14 Jun 2024 14:35:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=eRINnqBQxfPYcajGqrVtsZ3eAOopFhyKA/VY9d/L3RQ=; b=O2UNZ+HS6RyQ3N2FhtC3JXs/Dh X8vTvNC65M07LNAAZVjhVKG1BZ2kxTyY9e1AAAqA82SzzhfH1KVrrabPx8KvV9jBKDRZfOeqfbLWs h6DwQK+VdvAT1foWRGgl5CHq4tgj0v+teW67/JLzYakAFb29EZEnFUoxQBUu7o0SNMv4S6Uv3eq6B vB/JXBsb11BY9Ri6wH852cs2mz3Uz71qwVjnqwc5da7//T+XreIBFZqg+8B3MEMkrpzRic5nIN1C+ p0nFXYhUdyEwQpGhn0HINHy++yB+/pE4uvAant7UO9FQ+iNtC/us0FyUVmdxxVx6xknmv1+TPhZer D+HGzDSg==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sIEZV-007HLv-3C for ietf-http-wg-dist@listhub.w3.org; Fri, 14 Jun 2024 21:34:57 +0000
Resent-Date: Fri, 14 Jun 2024 21:34:57 +0000
Resent-Message-Id: <E1sIEZV-007HLv-3C@mab.w3.org>
Received: from ip-10-0-0-144.ec2.internal ([10.0.0.144] helo=pan.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <patmeenan@gmail.com>) id 1sIEZT-007HKz-1G for ietf-http-wg@listhub.w3.internal; Fri, 14 Jun 2024 21:34:55 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=eRINnqBQxfPYcajGqrVtsZ3eAOopFhyKA/VY9d/L3RQ=; t=1718400895; x=1719264895; b=I/Rt+PUO/41I+Tor8ox4NgyNmjpLUFh7oHyR7w7UwfvPEgP6KtMkw3BE7eRuEyZivJoejKkTJdI nwwpEsfJ2GZl1Ye+yXvb5PSNPgMosZyS74Htogz7297q1Koa2OlYD0OyGgC0PciwVwej9X0fjoanG n3pGpSkUpOhKw3AWFpWIGBLDJAOXJQav+SBsmHV6N++sKrYOZfDz7zL8kPnYnV0OyR7jyz/3b6Yrr KtFOaNvwXSJ0C73MZw0oTFCvjMWGwZsLhOuFMnOuaY9dPYSi2VXpDwGHFsiMmKfdhrVG3Iz3Xe948 MmKbmnucaryeiTb5NK9YrqldONrtC2NoEFQA==;
Received-SPF: pass (pan.w3.org: domain of gmail.com designates 2a00:1450:4864:20::530 as permitted sender) client-ip=2a00:1450:4864:20::530; envelope-from=patmeenan@gmail.com; helo=mail-ed1-x530.google.com;
Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <patmeenan@gmail.com>) id 1sIEZO-00F7rB-2A for ietf-http-wg@w3.org; Fri, 14 Jun 2024 21:34:55 +0000
Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-57c5c51cb89so2938110a12.2 for <ietf-http-wg@w3.org>; Fri, 14 Jun 2024 14:34:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718400887; x=1719005687; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eRINnqBQxfPYcajGqrVtsZ3eAOopFhyKA/VY9d/L3RQ=; b=QDWvFO+FKXiQDrqI8SQhvAJ7NgUBdjOFR5AlCULYjyEmmH1dbmM+ipmhnmoiFJMeaX lAd4j3UxwMOBMoI5vf8j7uAGUS0pIOVlmgzOIDYomFLvWMf1zQohtklMySVCZlWqKtOA FftdTfOFU+8I6HE8V1yyDU/n8PMlKMpITplNICauE1OkqkwSb5bkC4QLhd6MgbImCq7d iKtSZ5lAYsB65wA3L4219jRkohnlFaNjsrEquuLDaOgBYRd349wNa3I5Uf6lVq59wqIk z/J/xKINmir3eXTPOSomsuXYciTp5ymoI3NSn2TYmoINtfrrjviStlvRQ20QkuY68FEw 8FCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718400887; x=1719005687; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eRINnqBQxfPYcajGqrVtsZ3eAOopFhyKA/VY9d/L3RQ=; b=ljcgbqp93fw/DMgWC2JZO2azvxIWyd6xo8iUbl9OzxGojqFzWboIEjKqdIa5CYJt0k 4D3yQwpD/GUt0IZBmOQ25WBsIk6VftMsz1Vxj0ztXCiiTvjtWo/g8HsfZ+MuvuoImEKF RSqwEFXgY0mXN1Af0mXWCYhedMDqJD68krjnLqrK7Aj6KK5LIIu42LzlizZPo2ENuv8I x/Cwp2K9t8/dwhdjvAGNx41hgl3SQXXJ7pDSsdgzoi9I5APWHtLK5ftNfD77DygX5xw3 lQ67WTfF2An7CVM/tfaabpU7JYaQmHcpsrF8xokgOZnWZTlDsRh4iqkfQ1Yqp3+4+1V/ kiiA==
X-Forwarded-Encrypted: i=1; AJvYcCWVbgc366B5UzPgTHv9OUTKhkjP4dwEmIUBnG/SsDjv7rVZFMqz67BfdWxu+Q0/QGTcDDtVQosl+I4iba7drjW/atxr
X-Gm-Message-State: AOJu0YwtECLTuYvmP59rOPhygMV8CG6HJY5NTQEkiW0JJ2l5noz1mlUq 3ecLXSPOQ1tlcJsrNt7ZlKR4kk495Yg87C3PByAYmoeEDBne7KDX0jCpcdPplhDDPUl4Lq/agbS TumJXRLyCp3Kr4cPoSPscIdJ/Ty0=
X-Google-Smtp-Source: AGHT+IEC3r+qDqBP6O47ApeP3RSO/gGSKlHyMie7KYG0V3qRyHPwm1p2MvoxLjRh1ejVTfPUipc6w1IDZd8qr7kFiSU=
X-Received: by 2002:a17:906:354b:b0:a6f:4804:d41a with SMTP id a640c23a62f3a-a6f60dc4f05mr364362066b.55.1718400886314; Fri, 14 Jun 2024 14:34:46 -0700 (PDT)
MIME-Version: 1.0
References: <6871AEAA-DC4D-408D-915A-22BF9627B5FC@mnot.net> <aabfd879-2a0a-488e-9ee1-4f49eaf6c2a6@betaapp.fastmail.com> <CALYmMaebQOuDZHYgvCm799AbLPQfj+fxNQTsj_bKCMJU-076BQ@mail.gmail.com> <a328fabb-7f36-4fd1-905f-6308adfcf7a9@betaapp.fastmail.com> <CALYmMae2T1ip6Sh8Ei_DZjuN+REFd=wid2mfB4gTOrJXttniTw@mail.gmail.com> <8e1866e0-d766-48f9-b61e-6a9f03c3f58d@betaapp.fastmail.com> <CAJV+MGzYOgWOxSjhkEQyf1+mS0mJS6bg85YGMKwDkXnjQ=QSNA@mail.gmail.com> <PH0PR22MB310226537760B8029AF6B338DAC22@PH0PR22MB3102.namprd22.prod.outlook.com>
In-Reply-To: <PH0PR22MB310226537760B8029AF6B338DAC22@PH0PR22MB3102.namprd22.prod.outlook.com>
From: Patrick Meenan <patmeenan@gmail.com>
Date: Fri, 14 Jun 2024 17:34:34 -0400
Message-ID: <CAJV+MGydwDdBP7-Tc8iU-zv5z92z23PVRJL4_-6nVeFq=jJjvA@mail.gmail.com>
To: Mike Bishop <mbishop@evequefou.be>
Cc: Martin Thomson <mt@lowentropy.net>, Yoav Weiss <yoav.weiss@shopify.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="00000000000069224c061ae062a2"
X-W3C-Hub-DKIM-Status: validation passed: (address=patmeenan@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_DB=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1sIEZO-00F7rB-2A d2f4e960b35ce8fb7b5afc95ed26566d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call: Compression Dictionary Transport
Archived-At: <https://www.w3.org/mid/CAJV+MGydwDdBP7-Tc8iU-zv5z92z23PVRJL4_-6nVeFq=jJjvA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52020
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Mostly correct.

The origin servers are all using independent implementations but all are
using the "zstd" and "brotli" cli's and libraries published by Facebook and
Google for the dictionary encoding.

The CDN's aren't entirely in passthrough mode. They aren't actively
participating in the encoding but they are being used with "vary" support
to cache and serve the delta-compressed versions of resources in the static
case.

One client (Chrome).

On Fri, Jun 14, 2024 at 3:32 PM Mike Bishop <mbishop@evequefou.be> wrote:

> If I’m distilling this correctly, the current state of implementations is:
>
>    - Several origin servers
>       - All using the same implementation, or multiple independent
>       implementations?
>    - Multiple CDNs in pass-through mode (i.e. don’t break, let origin
>    send diffs)
>    - Zero CDNs performing the diff themselves
>    - One browser
>
>
>
> Is that accurate?
>
>
>
> *From:* Patrick Meenan <patmeenan@gmail.com>
> *Sent:* Thursday, June 13, 2024 9:51 AM
> *To:* Martin Thomson <mt@lowentropy.net>
> *Cc:* Yoav Weiss <yoav.weiss@shopify.com>; ietf-http-wg@w3.org
> *Subject:* Re: Working Group Last Call: Compression Dictionary Transport
>
>
>
> Sorry, this is my first foray into the standards process but from reading
> over RFC 2026 for the standards track from proposed -> draft -> standard,
> it looked like proposed was appropriate and draft is the point where
> multiple independent implementations became the defining factor.
>
>
>
> Pulling out the relevant section for proposed standard:
>
>
>
>    A Proposed Standard specification is generally stable, has resolved
>    known design choices, is believed to be well-understood, has received
>    significant community review, and appears to enjoy enough community
>    interest to be considered valuable.  However, further experience
>    might result in a change or even retraction of the specification
>    before it advances.
>
>    Usually, neither implementation nor operational experience is
>    required for the designation of a specification as a Proposed
>    Standard.  However, such experience is highly desirable, and will
>    usually represent a strong argument in favor of a Proposed Standard
>    designation.
>
>
>
> And for experimental:
>
>
>
>    The "Experimental" designation typically denotes a specification that
>    is part of some research or development effort.  Such a specification
>    is published for the general information of the Internet technical
>    community and as an archival record of the work, subject only to
>    editorial considerations and to verification that there has been
>    adequate coordination with the standards process (see below).  An
>    Experimental specification may be the output of an organized Internet
>    research effort (e.g., a Research Group of the IRTF), an IETF Working
>    Group, or it may be an individual contribution.
>
>
>
> Maybe I haven't been transparent enough with the process of Chrome's
> origin trials but it feels like it was experimental already when we adopted
> the draft into the WG, having done the research and internal testing.
>
>
>
> The origin trials started with Chrome 117 last March with the draft-00
> design. There have been 3 rounds of trials with 3 different revisions of
> the draft with the current V3 trial implementing the features in the
> current draft-05.
>
>
>
> The trials included different types of sites from the largest properties
> (Google and others) as well as sites of various sizes from rich
> applications to ecommerce and published content sites to make sure the
> developer ergonomics worked like we expected and that the design
> failed-safe when exposed to the web at scale. This included testing through
> most of the popular CDN's to make sure it either worked out of the box as a
> passthrough cache or could be configured to work (and, more importantly,
> that it didn't break anything). The trials have been hugely successful with
> the expected 80%+ reduction in bytes for static content and significant
> performance wins for dynamic content (even for the most latency-sensitive
> sites).
>
>
>
> As far as breakage goes, the only issue discovered was with some security
> devices (middleboxes) that inspect traffic but don't modify the
> Accept-Encoding header that passes through to make sure only encodings that
> they understand are advertised. We are planning to "fix" the ecosystem when
> the Chrome feature rolls out by providing an time-locked enterprise policy
> that will make admins aware of the issue and provide pressure on the device
> vendors to fix their interception.
>
>
>
> There haven't been any fundamental changes to the design since the
> original draft. We moved a few things around but the basic negotiation and
> encoding has been stable and we've converged on the current, tested design.
> This feels like we have quite a bit of both implementation and operational
> experience deploying it and feels pretty solidly at the "proposed standard"
> maturity.
>
>
>
> It's possible that further experience when CDN's or servers start
> implementing features to automate the encoding that it would benefit to
> revise the standard but, as far as I can tell, that's the purpose of
> proposed standard before it matures to draft standard.
>
>
>
>
>
> Stage aside, for "Use-As-Dictionary" specifically and the risks of
> matching every fetch, "clients" can decide the constraints around when they
> think it would be advantageous to check for a match or when they would be
> better off ignoring it and falling back to non-dictionary compression.
> Chrome, for example, has a limit of 1000 dictionaries per origin in a LRU
> store (and 200 MB per origin). Those may change but there are no MUSTs
> around using the advertised dictionaries.
>
>
>
> For that matter, there is no requirement that a client and server need to
> use the Use-As-Dictionary header as the only way to seed dictionaries in
> the client. It's entirely possible to embed a dictionary in a client and
> still use the Available-Dictionary/Content-Encoding part of the spec. The
> same can apply to a CDN when it is configured to talk to an origin. There's
> nothing stopping a CDN from providing a config where dictionaries can be
> uploaded (or provided) and certain types of requests back to the origin
> could advertise the configured dictionaries as available.
>
>
>
> I'm hopeful that what we have designed and tested has the flexibility to
> allow for a lot of use cases beyond what we have already deployed and
> tested but that's largely what the process from proposed standard to draft
> standard allows for.
>
>
>
> On Thu, Jun 13, 2024 at 1:42 AM Martin Thomson <mt@lowentropy.net> wrote:
>
> On Thu, Jun 13, 2024, at 15:36, Yoav Weiss wrote:
> > Yeah, I don't think this is the way to go.
>
> As I said, obviously.  But your strategy only really addresses the serving
> end.
>
> >> All of which is to say, I think this needs time as an experiment.
> >
> > I'll let Pat chime in with his thoughts, as I don't have strong
> > opinions on that particular front.
>
> I should have said before: I'm supportive of experimentation in this
> area.  Even to the extent of publishing an RFC with the code points and
> whatnot.  But I don't think that this meets the bar for Proposed Standard.
>
>