Received: by ietfa.amsl.com (Postfix) id 276B9C09E1B2; Tue, 23 Jul 2024 01:09:06 -0700 (PDT) Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26A3FC1F7D89 for ; Tue, 23 Jul 2024 01:09:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.858 X-Spam-Level: X-Spam-Status: No, score=-2.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="c59lZekJ"; dkim=pass (2048-bit key) header.d=w3.org header.b="Dob1q95j"; dkim=pass (1024-bit key) header.d=transloadit.com header.b="RRwjI/F7" Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MtlEI45NNOBz for ; Tue, 23 Jul 2024 01:09:02 -0700 (PDT) Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D162C09E1C3 for ; Tue, 23 Jul 2024 01:09:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=VXTtJk5eeD2pIbaBaxRIwmF+3ZMpWhkWPxgsrZmQ04Q=; b=c59lZekJ4lmUTwNzowmkeWYWgI HoBUwdLbmT1q1tCTOuW8CFasbs2W/tewMPd8Rk3pm0VywXztjueCUUJ/WRjQjIr9BQvvoldxPN7HB pBnL2Tin2h8qmuQMRTge1Uwxnvkyi8h/2LHhqc/9IVgH2MwsOyDsIWObftaoau3q2eSPJ5FpVvQJC uiyMCsjHY1geU/l7jeN0LWx1iw2lF7d7549DSLQ/VcOecOiUZk50cHT63suE+SMjv+RCjjBprvOiV 5mdLXjrT9DYJG5sGKvH2fmHR/CJNlmVJR1rfyU5V2M9KHS1EIGzU3N5QFbFXx96PTAuGtJOmOOURB a6Y5w2fw==; Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from ) id 1sWAZ0-0010WZ-0k for ietf-http-wg-dist@listhub.w3.org; Tue, 23 Jul 2024 08:08:02 +0000 Resent-Date: Tue, 23 Jul 2024 08:08:02 +0000 Resent-Message-Id: Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1sWAYx-0010RX-2J for ietf-http-wg@listhub.w3.internal; Tue, 23 Jul 2024 08:07:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=VXTtJk5eeD2pIbaBaxRIwmF+3ZMpWhkWPxgsrZmQ04Q=; t=1721722079; x=1722586079; b=Dob1q95jGmGZMoLouW46oiRlqnsabhL1QQ+kGoY4sQjUtAbSL5/1ex8TB9+18LB1q4QTPrO9VYf BSOPd7TqWKJMLtsA0W51ZYurziN1OE22bjs1ZmYyO0OGFPkB3EI4NPc7n6mnAVEx+UTkfRQRe/VnB ta2Fi9nTCe3s8P1UBjzJnwtaGyj7Ar7cNd9Qp3eqnxao5lzabKcDnKrnG4F7tlupt7N02wHWwue5k 8/wqqmC5kxrE0fvW75w+8x6xSzkWSR9RSRFJMvc/mrwD+ldImhQUs3SoMx24TG01Xt9OrFidV67pe 6NFhzKUu37xIHxTWIwdcV4q9wOFAZ8RWahrA==; Received-SPF: pass (puck.w3.org: domain of transloadit.com designates 2a00:1450:4864:20::435 as permitted sender) client-ip=2a00:1450:4864:20::435; envelope-from=marius@transloadit.com; helo=mail-wr1-x435.google.com; Received: from mail-wr1-x435.google.com ([2a00:1450:4864:20::435]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1sWAYw-003clN-33 for ietf-http-wg@w3.org; Tue, 23 Jul 2024 08:07:59 +0000 Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-368313809a4so2389686f8f.0 for ; Tue, 23 Jul 2024 01:07:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transloadit.com; s=google; t=1721722075; x=1722326875; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=VXTtJk5eeD2pIbaBaxRIwmF+3ZMpWhkWPxgsrZmQ04Q=; b=RRwjI/F7wYMZISwX4C1k/3h4wbmApj1tijsiKoTnM2ts54su++/eaQDjPpG4MkXZzX 0H8oiU+UtRLiYaVib7kLI4l0kH41hRXUhJBph48OBvTGf+fo9YU6zwMT6vOeixYeQuQ2 XYRUl3YB8PULyHJ65dGmMWwf5sGtxjA/KTagU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721722075; x=1722326875; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VXTtJk5eeD2pIbaBaxRIwmF+3ZMpWhkWPxgsrZmQ04Q=; b=wW5Q6sv5Rlz8oUigHUdbns6TVd9OaBbT8w4R2Mg5vnZWcjfdorcNM1df1IPCkUTsJK 5MEwWEKsz2VxT15oPf01v1M3V/aqo+bg/Re0YmnTPMRYG8wwG0Hiu+Hg2RoqM2XWh6ue VWyGlVoNn1Q0BsufBU/doHJMVAj9Tcr7zU5izcsxQcqSS+gfIs1qwkJYkun+0aP2aUc2 Rz15yjZC6d8Boljejgql94lR/RPblTXvkZ1r2qnMsyRT5gZtn97FcWQxXJW/cHYZU9Z4 WHngdViFpomEuMLi+/Gwl5/QwYu1DLdLSbxduKSZb9otxeNCLHWDGHduq8MPmugRWCA7 WJyg== X-Gm-Message-State: AOJu0YxJZxrYBAfBIGfmH8wbM50zM1rKkz/yNvU7X2TU8zQvbQzb+DU1 6GgkJ96lhvL5ydxblitsQ71hWY9A5X8JaQlYlCUUheTHEtDasJ2yrSXENW/Amq7d655Zu6qs4/4 dA1Lrjt8XWODYcKqMMrVLl6F6i1d8kwuOAUGGuA== X-Google-Smtp-Source: AGHT+IHYHXUXnpbhCnSajgSG9MDQ4Aw0vw7eJ6q8sDEXLmIUqGpQpm/f2bNwmkt6qSs3zs8yhEJ1ByTczQgYBXH9Hn4= X-Received: by 2002:adf:fcd0:0:b0:361:e909:60c3 with SMTP id ffacd0b85a97d-369e3e7505amr870742f8f.9.1721722074738; Tue, 23 Jul 2024 01:07:54 -0700 (PDT) MIME-Version: 1.0 References: <29911fc7-cfa3-4ea4-8ee0-822781060fa5@gmail.com> In-Reply-To: <29911fc7-cfa3-4ea4-8ee0-822781060fa5@gmail.com> From: Marius Kleidl Date: Tue, 23 Jul 2024 10:07:43 +0200 Message-ID: To: Michael Toomim Cc: ietf-http-wg@w3.org Content-Type: multipart/alternative; boundary="000000000000aad24e061de5a887" X-W3C-Hub-DKIM-Status: validation passed: (address=marius@transloadit.com domain=transloadit.com), signature is good X-W3C-Hub-Spam-Status: No, score=-4.1 X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_WL=-1 X-W3C-Scan-Sig: puck.w3.org 1sWAYw-003clN-33 804611cc50ef226ef58816748228915a X-Original-To: ietf-http-wg@w3.org Subject: Re: Resumable Upload draft updates Archived-At: Resent-From: ietf-http-wg@w3.org X-Mailing-List: archive/latest/52100 X-Loop: ietf-http-wg@w3.org Resent-Sender: ietf-http-wg-request@w3.org Precedence: list List-Id: List-Help: List-Post: List-Unsubscribe: --000000000000aad24e061de5a887 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Michael, there are indeed similarities in our approaches and I like the perspective with which you are looking at the problem! At the end of the day, most approaches to resumable uploads use the same underlying concepts but framed with different terminology, field names or status codes. Focusing specifically on the usage of your draft for uploads, I have a few comments: 1. What is the parent version of a resource that a client is uploading to? Requests have to set this header to ensure they are appending at the correct offset, but I am wondering what parent version would be included in responses to HEAD requests. The example responses in section 3.3 always use the 0 byte count. 2. Can a client upload from a streaming data source without knowing the entire file size upfront? Is the including of the Current-Version header mandatory when starting an upload? 3. The example request for case B in section 3.3.2 includes the Content-Range header, which appears redundant. Does its value carry additional information that is not covered by Parents, Current-Version or Content-Length? 4. Does the method allow the client to split an upload across multiple requests? In our experience, servers can have an upper limit on the size of a single request, which requires a client to split an upload and send multiple consecutive requests to transfer the entire file. Feel free to ignore them if you they fall outside of the draft's intended scope. I am looking forward to your presentation on Wednesday! Best regards, Marius Kleidl On Tue, Jul 23, 2024 at 12:51=E2=80=AFAM Michael Toomim = wrote: > It was great seeing this progress on resumeable uploads in HTTPWG today! > > I am seeing a deep symmetry between this work and the Resource Versioning > work that I'll present on Wednesday. It turns out that we can represent a > lot of the semantics needed for Resumeable Uploads through these generic > Version and Parents headers that I'm proposing. > > Specifically, an upload can be represented as an append-only bytestream, > which is growing over time until it reaches a committed "version." We can > specify this with: > > Version-Type: bytestream > > This header defines that the resource grows at one byte per timestep, and > thus "version =3D=3D length" in bytes. > > Now when a client needs to resume an upload, it simply asks the server > what version it currently has: > > HEAD /upload > > And the server's response says what version it has: > > 200 OK > Version: "500" > > This tells the client that the server is at time=3D500, thus it has the > first 500 bytes of the resource, and the client now knows to upload a ran= ge > starting from 500: > > PUT /something > Current-Version: "900" > Parents: "500" > Content-Range: bytes 500-900/900 > Content-Length: 400 > > > > Check out the full example in Section 3.3 of > draft-toomim-httpbis-versions-00 > > . > > The nice thing about this is that we can implement Resumeable Uploads > without as many new headers. For instance, we wouldn't need this new > Upload-Length > > header proposed today, because the Current-Version header in versions-00 > Section 2.6 > > already does the job =E2=80=94 you can see it on line 2 of the example PU= T above! > > I think it would be great to have general headers that can be used for > both Resource Versioning and Resumeable Uploads. > > What does the group think about this? Details are in versions-00, section > 3.3 > > . > > Michael > On 7/18/24 5:10 PM, Marius Kleidl wrote: > > Dear working group, > > last week we published iteration -04 for the resumable upload draft [1], > which includes a number of useful additions: > > - The application/partial-upload media type for PATCH requests > - Upload limits (max/min total size, max/min request size, upload > expiration) > - Guidelines for handling content and transfer codings > - Guidelines for integrity checks using digest fields > - Problem types for error responses > > From our perspective as editors, the draft is shaping up well, but a few > small questions could still be addressed: > > > 1. The server announces the upload limits (e.g. for maximum size or > minimum request size) only when the client creates a new upload resour= ce. > For the client it would also be useful to know these limits upfront be= fore > creating an upload. The client may then decide to not start an upload = if it > cannot obey the limits. Should we allow the client to send an OPTIONS > request to retrieve the upload limits before creating a resource? [2] > 2. If an upload is spread across multiple requests (e.g. due to limits > from intermediaries), the server only knows the upload length once the > upload is completed. However, in many cases the client knows the lengt= h > upfront and could indicate the length to the server, who can use this > information to optimize the upload storage or reject the upload entire= ly. > Should we add an advisory header to upload creation requests to indica= te > the upload length? The Upload-Complete header would still keep the > authority for completing the upload. [3] > 3. A client may include integrity fields to send the expected digest > for the upload to the server for later verification. This requires the > client to know the digest upfront or transmit it later using trailers > (which might not always be possible). Should we also provide a way for= the > client to request a digest from the server once the upload is complete= ? > Then the client and server can compute the digest during the upload an= d the > client can compare its digest to the server's. [4] > > We are looking forward to discussing these points in the httpbis session > on Monday! > > Best regards, > Marius Kleidl > > [1] > https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-resumable-upload= -04 > [2] https://github.com/httpwg/http-extensions/issues/2833 > [3] https://github.com/httpwg/http-extensions/issues/2832 > [4] https://github.com/httpwg/http-extensions/issues/2834 > > --000000000000aad24e061de5a887 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Michael,

there are indeed= similarities in our approaches and I like the perspective with which you a= re looking at the problem! At the end of the day, most approaches to resuma= ble uploads use the same underlying concepts but framed with different term= inology, field names or status codes.

Focusing spe= cifically on the usage of your draft for uploads, I have a few comments:

1. What is the parent version of a resource that a c= lient is uploading to? Requests have to set this header to ensure they are = appending at the correct offset, but I am wondering what parent version wou= ld be included in responses to HEAD requests. The example responses in sect= ion 3.3 always use the 0 byte count.
2. Can a client upload from = a streaming data source without knowing the entire file size upfront? Is th= e including of the Current-Version header mandatory when starting an upload= ?
3. The example request for case B in section 3.3.2 includes the= Content-Range header, which appears redundant. Does its value carry additi= onal information that is not covered by Parents, Current-Version or Content= -Length?
4. Does the method allow the client to split an upload a= cross multiple requests? In our experience, servers can have an upper limit= on the size of a single request, which requires a client to split an uploa= d and send multiple consecutive requests to transfer the entire file.

Feel free to ignore them if you they fall outside o= f the draft's intended scope. I am looking forward to your presentation= on Wednesday!

Best regards,
Marius Klei= dl

On Tue, Jul 23, 2024 at 12:51=E2=80=AFAM Michael Toomim <toomim@gmail.com> wrote:
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex"> =20 =20 =20

It was great seeing this progress on resumeable uploads in HTTPWG today!

I am seeing a deep symmetry between this work and the Resource Versioning work that I'll present on Wednesday. It turns out that we can represent a lot of the semantics needed for Resumeable Uploads through these generic Version and Parents headers that I'= m proposing.

Specifically, an upload can be represented as an append-only bytestream, which is growing over time until it reaches a committed "version." We can specify this with:

Version-Type: bytestream

This header defines that the resource grows at one byte per timestep, and thus "version =3D=3D length" in bytes.

Now when a client needs to resume an upload, it simply asks the server what version it currently has:

HEAD /upload

And the server's response says what version it has:

200 OK
Version: "500"

This tells the client that the server is at time=3D500, thus it has the first 500 bytes of the resource, and the client now knows to upload a range starting from 500:

PUT /something
Current-Version: "900"
Parents: "500"
Content-Range: bytes 500-900/900
Content-Length: 400

<binary data from 500-900>

Check out the full example in=C2=A0Section 3.3 of draft-toomim-httpbis-versions-00.

The nice thing about this is that we can implement Resumeable Uploads without as many new headers. For instance, we wouldn't need this new Upload-Length header proposed today, because the Current-Version header in versions-00 Section 2.6 already does the job =E2=80=94 you can see it on li= ne 2 of the example PUT above!

I think it would be great to have general headers that can be used for both Resource Versioning and Resumeable Uploads.

What does the group think about this? Details are in versions-00, section 3.3.

Michael

On 7/18/24 5:10 PM, Marius Kleidl wrote:
=20
Dear working group,

last week we published iteration -04 for the resumable upload draft [1], which includes a number of useful additions:
  • The application/partial-upload media type for PATCH requests
  • Upload limits (max/min total size, max/min request size, upload expiration)
  • Guidelines for handling content and transfer codings
  • Guidelines for integrity checks using digest fields
  • Problem types for error responses
From our perspective as editors, the draft is shaping up well, but a few small questions could still be addressed:

  1. The server announces the upload limits (e.g. for maximum size or minimum request size) only when the client creates a new upload resource. For the client it would also be useful to know these limits upfront before creating an upload. The client may then decide to not start an upload if it cannot obey the limits. Should we allow the client to send an OPTIONS request to retrieve the upload limits before creating a resource? [2]
  2. If an upload is spread across multiple requests (e.g. due to limits from intermediaries), the server only knows the upload length once the upload is completed. However, in many cases the client knows the length upfront and could indicate the length to the server, who can use this information to optimize the upload storage or reject the upload entirely. Should we add an advisory header to upload creation requests to indicate the upload length? The Upload-Complete header would still keep the authority for completing the upload. [3]
  3. A client may include integrity fields to send the expected digest for the upload to the server for later verification. This requires the client to know the digest upfront or transmit it later using trailers (which might not always be possible). Should we also provide a way for the client to request a digest from the server once the upload is complete? Then the client and server can compute the digest during the upload and the client can compare its digest to the server's. [4]<= br>
We are looking forward to discussing these points in the httpbis session on Monday!

Best regards,
Marius Kleidl

--000000000000aad24e061de5a887--