IETF Logo Mail Archive

Re: Call for Adoption: draft-hutton-httpbis-connect-protocol-00

Martin Thomson <martin.thomson@gmail.com> Tue, 29 July 2014 16:33 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 651161B28CC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Jul 2014 09:33:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.003
X-Spam-Level:
X-Spam-Status: No, score=-7.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qxh2tV0f2cbR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Jul 2014 09:33:13 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA4261B2899 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 29 Jul 2014 09:33:12 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XCAII-0008Uf-Jk for ietf-http-wg-dist@listhub.w3.org; Tue, 29 Jul 2014 16:30:30 +0000
Resent-Date: Tue, 29 Jul 2014 16:30:30 +0000
Resent-Message-Id: <E1XCAII-0008Uf-Jk@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XCAI4-00080m-Ii for ietf-http-wg@listhub.w3.org; Tue, 29 Jul 2014 16:30:16 +0000
Received: from mail-wi0-f173.google.com ([209.85.212.173]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XCAI3-0006L8-8N for ietf-http-wg@w3.org; Tue, 29 Jul 2014 16:30:16 +0000
Received: by mail-wi0-f173.google.com with SMTP id f8so6073916wiw.12 for <ietf-http-wg@w3.org>; Tue, 29 Jul 2014 09:29:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=3a+ygK5b8Y6Qo5ePKyYN0GPHiX8f6WzOvl2agC605sQ=; b=eIwgDJopCPfFx63KH+Xx32veAxrl/dzPOERByjBb7ZPKz0vGMRtrVP+dD3C7tlMd14 6O5xh/hY4kqvKXPf5d63n6X02Uxrb1fCY+PZoBxoCpYB096X/mWx6V8wzeSPAwDsmG51 KuEZHZ5ON0MRY4dXPaTXamUmJjluvDjjr6NYwzG11U0udcGNBmRMdncD6osHQwT1OyOL M56Cg0t4cnxJWiuoUxPFRnOS34Xz46/44kkbQH80We6NW8e5O9VBpdPCjuX8VQxPNofy HsqNiIanLoOId7tK3fjy7mEUd5dTFb4Yw6AHP7+KRDaGnM/ZhAcwMhFgah9iOWnewXeg c1CA==
MIME-Version: 1.0
X-Received: by 10.180.92.38 with SMTP id cj6mr7845983wib.64.1406651388036; Tue, 29 Jul 2014 09:29:48 -0700 (PDT)
Received: by 10.194.110.6 with HTTP; Tue, 29 Jul 2014 09:29:47 -0700 (PDT)
In-Reply-To: <7970206F-8A31-487D-B2FA-AB237BCDA14E@mnot.net>
References: <7970206F-8A31-487D-B2FA-AB237BCDA14E@mnot.net>
Date: Tue, 29 Jul 2014 09:29:47 -0700
Message-ID: <CABkgnnXi9HcxGKmsrTmWVfEsxB7vjw6v3U+pB=w8QUKYUc6mQA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=209.85.212.173; envelope-from=martin.thomson@gmail.com; helo=mail-wi0-f173.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.733, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1XCAI3-0006L8-8N 3daa6e33ae7039aa52447783e4b5881d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: draft-hutton-httpbis-connect-protocol-00
Archived-At: <http://www.w3.org/mid/CABkgnnXi9HcxGKmsrTmWVfEsxB7vjw6v3U+pB=w8QUKYUc6mQA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26428
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 28 July 2014 23:38, Mark Nottingham <mnot@mnot.net> wrote:
> Another concern briefly mentioned was that such an extension might inhibit protocol evolution; e.g., if a firewall whitelists what tunnelled protocols it accepts, it might be that we're stuck advertising "h2" in the future. However, there didn't seem to be strong concern here, since ALPN negotiation is a separate step, and HTTP can choose to omit this header when using CONNECT for its own purposes.

I'll note that the header field only brings the information forward.
A proxy that permits an unlabelled CONNECT can (maybe) examine the TLS
ClientHello to see what protocols are being offered.  That is, if TLS
is involved at all; though other protocols could have similarly
distinctive fingerprints.

Omitting the header field will, at least in the short term, avoid any
whitelisting issues.  However, if we start using this for "h2", then
we could end up with omission being risky.  My crystal ball tells me
that this is unlikely on any relevant timescale :)

v2.23.0 | Report a Bug | By Email