RE: Choosing a header compression algorithm
RUELLAN Herve <Herve.Ruellan@crf.canon.fr> Thu, 28 March 2013 17:01 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A439F21F905B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 28 Mar 2013 10:01:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.359
X-Spam-Level:
X-Spam-Status: No, score=-9.359 tagged_above=-999 required=5 tests=[AWL=0.290, BAYES_00=-2.599, HELO_EQ_FR=0.35, J_CHICKENPOX_62=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lfE0THjCCA-y for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 28 Mar 2013 10:01:20 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id EE3D221F8F24 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 28 Mar 2013 10:01:19 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ULGCB-0000ko-Es for ietf-http-wg-dist@listhub.w3.org; Thu, 28 Mar 2013 17:00:59 +0000
Resent-Date: Thu, 28 Mar 2013 17:00:59 +0000
Resent-Message-Id: <E1ULGCB-0000ko-Es@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <Herve.Ruellan@crf.canon.fr>) id 1ULGBv-0000iM-MR for ietf-http-wg@listhub.w3.org; Thu, 28 Mar 2013 17:00:43 +0000
Received: from inari-msr.crf.canon.fr ([194.2.158.67]) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <Herve.Ruellan@crf.canon.fr>) id 1ULGBq-0008Us-Nb for ietf-http-wg@w3.org; Thu, 28 Mar 2013 17:00:43 +0000
Received: from mir-bsr.corp.crf.canon.fr (mir-bsr.corp.crf.canon.fr [172.19.77.99]) by inari-msr.crf.canon.fr (8.13.8/8.13.8) with ESMTP id r2SH09F8012410; Thu, 28 Mar 2013 18:00:09 +0100
Received: from ADELE.crf.canon.fr (adele.fesl2.crf.canon.fr [172.19.70.17]) by mir-bsr.corp.crf.canon.fr (8.13.8/8.13.8) with ESMTP id r2SH092P031560; Thu, 28 Mar 2013 18:00:09 +0100
Received: from ADELE.crf.canon.fr ([::1]) by ADELE.crf.canon.fr ([::1]) with mapi id 14.02.0342.003; Thu, 28 Mar 2013 18:00:09 +0100
From: RUELLAN Herve <Herve.Ruellan@crf.canon.fr>
To: Roberto Peon <grmocg@gmail.com>
CC: "agl@google.com" <agl@google.com>, Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Thread-Topic: Choosing a header compression algorithm
Thread-Index: AQHOJgaI2I9gxWQLAUOB6sMRXNhzJpixMSEAgAB5jdCAAEKngIAAFPgQgAPbnwCAAMyn8IAACJEAgABgHoCAAJ7DUIAAi5aAgAH4HwCAASiv0A==
Date: Thu, 28 Mar 2013 17:00:08 +0000
Message-ID: <6C71876BDCCD01488E70A2399529D5E5163F68FE@ADELE.crf.canon.fr>
References: <254AABEE-22B9-418E-81B0-2729902C4413@mnot.net> <A14105FB-ED1A-4B70-8840-9648847BCC3A@mnot.net> <6C71876BDCCD01488E70A2399529D5E5163F3C67@ADELE.crf.canon.fr> <CAP+FsNfFohSwrX2DxthNcnn+wDj6T5W7xpcg4yA56Gvt_nP3_Q@mail.gmail.com> <6C71876BDCCD01488E70A2399529D5E5163F3D72@ADELE.crf.canon.fr> <7CA7F3EB-A492-471A-8AC4-23293DD10840@mnot.net> <6C71876BDCCD01488E70A2399529D5E5163F4076@ADELE.crf.canon.fr> <CAP+FsNdztfCJjvP58ryVXDRgGyGSPO-37gRMjAuwikz2eviBiw@mail.gmail.com> <CAP+FsNdQ7mNbsaAiUqEF22Oh8KMaK3UWUWFzWE=K0jQbkM7t1Q@mail.gmail.com> <6C71876BDCCD01488E70A2399529D5E5163F4263@ADELE.crf.canon.fr> <CAP+FsNeXvn6UasR6e56A7pHtrkXg6A0NnrVGmRYNW49Qu2vxqg@mail.gmail.com> <CAP+FsNfy0ognTBaF7USBcP9dTL5bQsruav30FmGB70m_0JfjyA@mail.gmail.com>
In-Reply-To: <CAP+FsNfy0ognTBaF7USBcP9dTL5bQsruav30FmGB70m_0JfjyA@mail.gmail.com>
Accept-Language: en-US, fr-FR
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.20.8.8]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Received-SPF: none client-ip=194.2.158.67; envelope-from=Herve.Ruellan@crf.canon.fr; helo=inari-msr.crf.canon.fr
X-W3C-Hub-Spam-Status: No, score=-4.0
X-W3C-Hub-Spam-Report: AWL=-2.696, RP_MATCHES_RCVD=-1.3
X-W3C-Scan-Sig: lisa.w3.org 1ULGBq-0008Us-Nb 65e9e0f408c14131858fbefe16748af7
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Choosing a header compression algorithm
Archived-At: <http://www.w3.org/mid/6C71876BDCCD01488E70A2399529D5E5163F68FE@ADELE.crf.canon.fr>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17164
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
> -----Original Message----- > From: Roberto Peon [mailto:grmocg@gmail.com] > Sent: jeudi 28 mars 2013 01:15 > To: RUELLAN Herve > Cc: agl@google.com; Mark Nottingham; ietf-http-wg@w3.org Group > Subject: Re: Choosing a header compression algorithm > > I've checked in some changes to delta2 which expands and documents > various options for delta2 in the README.md. > > After running a number of variations of delta2, The following defaults look > good for small buffer sizes: > > > delta2=max_entries=256, small_index=1 > > small_index basically says use a uint8 instead of a uint16 for representing > indices, and is the kind of thing that could be messaged somewhere (opcode, > flag, whatever). > > The best headerdiff option which I believe is safe against CRIME in the future > is: > headerdiff=delta_type=false,Huffman I think that for headerdiff, the best option which is safe against CRIME is: headerdiff=delta_type='/&= \coma',Huffman > > I removed prefix matching from delta some months ago (~6 I think?) after > cogitating on it for a while and then speaking with security folks.. I just > couldn't come up with a way I could prove was safe, unlike the atom- > matching, which one can prove is no worse than a brute-force attack. The limited prefix matching defined above also need a brute-force attack to be broken. Hervé. > > I've appended runs with these values@4k buffer size for delta2 and > headerdiff below. > -=R > > > > > * TOTAL: 5949 req messages > size time | ratio > min max std > http1 3,460,925 0.13 | > 1.00 1.00 1.00 0.00 > delta2 (max_byte_size=4096, max_entries=256, small_index=1, > hg_adjust=0, implicit_hg_add=0, refcnt_vals=0) 664,683 4.16 | 0.19 0.02 > 0.83 0.15 > headerdiff (buffer=4096, delta_type=false, > huffman) 759,783 2.03 | 0.22 0.01 0.78 0.18 > > > * TOTAL: 5948 res messages > size time | ratio > min max std > http1 2,186,162 0.12 | > 1.00 1.00 1.00 0.00 > delta2 (max_byte_size=4096, max_entries=256, small_index=1, > hg_adjust=0, implicit_hg_add=0, refcnt_vals=0) 585,475 5.32 | 0.27 0.02 > 1.28 0.13 > headerdiff (buffer=4096, delta_type=false, > huffman) 543,047 3.29 | 0.25 0.02 0.73 0.14 > > > >
- Re: Choosing a header compression algorithm Stephen Farrell
- Choosing a header compression algorithm Mark Nottingham
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm James M Snell
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Mark Nottingham
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Martin Thomson
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Mark Nottingham
- Re: Choosing a header compression algorithm Mark Nottingham
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm James M Snell
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm Roberto Peon
- RE: Choosing a header compression algorithm RUELLAN Herve
- Re: Choosing a header compression algorithm Roberto Peon
- Re: Choosing a header compression algorithm James M Snell