RE: HTTP/2 GREASE, Results, and Implications

Mike Bishop <mbishop@evequefou.be> Thu, 31 October 2019 15:59 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB7CA12008B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 31 Oct 2019 08:59:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.649
X-Spam-Level:
X-Spam-Status: No, score=-2.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rZmVkQd7DQHO for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 31 Oct 2019 08:59:19 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1021512012C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 31 Oct 2019 08:59:19 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1iQCp4-0004RA-OQ for ietf-http-wg-dist@listhub.w3.org; Thu, 31 Oct 2019 15:57:18 +0000
Resent-Date: Thu, 31 Oct 2019 15:57:18 +0000
Resent-Message-Id: <E1iQCp4-0004RA-OQ@frink.w3.org>
Received: from mimas.w3.org ([2603:400a:ffff:804:801e:34:0:4f]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mbishop@evequefou.be>) id 1iQCp1-0004Oq-L1 for ietf-http-wg@listhub.w3.org; Thu, 31 Oct 2019 15:57:15 +0000
Received: from mail-eopbgr740107.outbound.protection.outlook.com ([40.107.74.107] helo=NAM01-BN3-obe.outbound.protection.outlook.com) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mbishop@evequefou.be>) id 1iQCoy-0003Mr-Tx for ietf-http-wg@w3.org; Thu, 31 Oct 2019 15:57:15 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oallNSgba4BblhOtNOdKiUVjDgn99kD/Mde4tTPf+xOhQQ2lnD2+tf4eTIMluI7WfdqtJ0vIaXeW4TdySNgfQutfSweWS695YEQ8wBA5Xre1UPfQHgggvpEqEM6sbh+siGphPkvQOrUgbYRU3Nl6CBc/151pl43lsDIyc/edlAh9jeei4UyxmnYRJr4YikKPzA4EC/bhO/Y2ifxba0zFSTGO0FbWW/rHtg5I07jSTnzuK3zq73JS2FGGoMTJe6sY/syDvXX5AbmGS4HYESAK9AVYc4RvHQ8X8De0vatyh0PKIBKbpDA+ufvxnQnBNc3foTi7j0Qlrg5qH9vd1F6SCw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6hQErNCGosQRxfXD9guqvYf4NWzm54M/6GfBv+QcwWk=; b=BMB/DYNWjSz12TVQOFFxFywjIm9guXsaAXlhx2cCFicE+UcN4LwdUTJr7eEfEfZj9aQt5y39obaF2s96Shn6sUecsRLoauD6jyrFZJ6jpCXN/0rnRgNQOWedBoF6pqDc6V1MIpACalDUdHEe/rhhehd0xxdp1uXwU4o/F2nnEOjN9qruYh0NuWgCqF6pHqO1rmAMXWDda2T9ENCEtd/0Vb/NabvSi/plMcyQiZiYPT8D+7X5aVZAi42ULw1ylvI5Px+mjhaYgEAjDvOY3cFhWYHs8LPz7VrFx3e5nXPJ1lJCnauQK90MF50SfthdL9Okp+BYYajaS0hjwB6u+t/LbQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6hQErNCGosQRxfXD9guqvYf4NWzm54M/6GfBv+QcwWk=; b=EWCQkGxpvpzRSpE3lTF5Eyna2AdJLv0NkXOX/HCFGsVDVAZ7wvnf7Ka4LZTJoh7PPFI8B6FqRxULgdpsY9IwCuOHwYinY+1nJ3HkMu7wafIvCBQMZht10hNso0NbE0uUxYGS24cu1zvCEtu6EvS9G32907O+G90UIele8UZ5YLs=
Received: from BN6PR2201MB1700.namprd22.prod.outlook.com (10.161.152.144) by BN6PR2201MB1219.namprd22.prod.outlook.com (10.172.31.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.25; Thu, 31 Oct 2019 15:57:08 +0000
Received: from BN6PR2201MB1700.namprd22.prod.outlook.com ([fe80::7cb4:5e4e:334c:a737]) by BN6PR2201MB1700.namprd22.prod.outlook.com ([fe80::7cb4:5e4e:334c:a737%7]) with mapi id 15.20.2387.028; Thu, 31 Oct 2019 15:57:08 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Lucas Pardue <lucaspardue.24.7@gmail.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: HTTP/2 GREASE, Results, and Implications
Thread-Index: AdWP/A0ck3yXHmXeTa2YBLnotcTIRgABkKoAAABb/EA=
Date: Thu, 31 Oct 2019 15:57:08 +0000
Message-ID: <BN6PR2201MB1700996BA38EC2FED189E876DA630@BN6PR2201MB1700.namprd22.prod.outlook.com>
References: <BN6PR2201MB1700D10A34C72213C78E09A6DA630@BN6PR2201MB1700.namprd22.prod.outlook.com> <CALGR9oZUHDbsvWUJ=r0TBDaKOwchWux5gEF+EH0cpb6hqcs-xA@mail.gmail.com>
In-Reply-To: <CALGR9oZUHDbsvWUJ=r0TBDaKOwchWux5gEF+EH0cpb6hqcs-xA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2600:2b00:931f:a301:d09f:75d0:3565:b179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 11a642b5-dfa2-4a04-0928-08d75e1afbe4
x-ms-traffictypediagnostic: BN6PR2201MB1219:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BN6PR2201MB12193950ED6D205A832B1FF9DA630@BN6PR2201MB1219.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 02070414A1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(366004)(136003)(396003)(39830400003)(199004)(189003)(51914003)(229853002)(6436002)(52536014)(7696005)(256004)(76176011)(25786009)(966005)(86362001)(6246003)(6306002)(54896002)(236005)(9686003)(6916009)(55016002)(5660300002)(7736002)(74316002)(4326008)(508600001)(316002)(71190400001)(790700001)(71200400001)(6116002)(8936002)(186003)(606006)(14454004)(66946007)(66446008)(64756008)(66476007)(8676002)(102836004)(11346002)(66556008)(76116006)(2906002)(81166006)(81156014)(46003)(99286004)(33656002)(486006)(476003)(6506007)(53546011)(446003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR2201MB1219; H:BN6PR2201MB1700.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: e+a95ik0I/NAeGvWExPPBVqo6XBFyuW4eyCTM66E5YLeX8DH7HVeUZkYPZ6o/T0a+Ud0bK8Jq4wHT+d7iLfI6rD8Ukuoe+YWH0FPrV1wc3zUkWXjeFk6A/nsxJDH9CH1X/OGzTJWxEEx78sIdgbs7lkgX6C+NByMDyLz2+DPADWxvyFnNwG5/s3BTLEfV1y6Z0mq6hrrc28wJws+eKE4e6uwjDG0qxEuiEKuZapipIHRiM+MeRWPE3XozHZydg1fX+mTqTcgkHsrl95AMsbDaZJR6OGwmtPyVKwGkEenpg8aW3AKiJ4wT0jyNhmw0bRwcpV0pyU5pEYMsbuVBXY3wTe5rwqJjX5vRSB4CQJnNwtmL5ucZnSge69COGEQ5Hcu+POY6jaFgvwmBNhTVghGrMZwsaYUx7+uggSJbH5FR2lK2jmQ+V0AWRR8zUoaSUveJW/iCqUQHfjUeVt49XxiMasBc81DQsrRM6MpdhXyh8g=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN6PR2201MB1700996BA38EC2FED189E876DA630BN6PR2201MB1700_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 11a642b5-dfa2-4a04-0928-08d75e1afbe4
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Oct 2019 15:57:08.2452 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PctQ7MaEKcdMWuYE1TLSr7GRlcWdkcaUrMH4wd2TQeFrErogxvbiCuO2cQYmrrP3mpBUvh12DAxMhFfEkftzQw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR2201MB1219
Received-SPF: pass client-ip=40.107.74.107; envelope-from=mbishop@evequefou.be; helo=NAM01-BN3-obe.outbound.protection.outlook.com
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1iQCoy-0003Mr-Tx 4f1ec0121664cd808bd8ea48239aae21
X-Original-To: ietf-http-wg@w3.org
Subject: RE: HTTP/2 GREASE, Results, and Implications
Archived-At: <https://www.w3.org/mid/BN6PR2201MB1700996BA38EC2FED189E876DA630@BN6PR2201MB1700.namprd22.prod.outlook.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37086
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Bence’s experiment didn’t cover anything server-sent, that I’m aware of.  Of course, if Cloudflare would like to do a corresponding experiment…?  😉

From: Lucas Pardue <lucaspardue.24.7@gmail.com>;
Sent: Thursday, October 31, 2019 11:46 AM
To: Mike Bishop <mbishop@evequefou.be>;
Cc: HTTP Working Group <ietf-http-wg@w3.org>;
Subject: Re: HTTP/2 GREASE, Results, and Implications


On Thu, Oct 31, 2019 at 3:14 PM Mike Bishop <mbishop@evequefou.be<mailto:mbishop@evequefou.be>> wrote:
Way back when, I presented a draft (https://tools.ietf.org/html/draft-bishop-httpbis-grease-00) proposing that we adopt as an HTTP/2 extension the same behaviors that HTTP/3 is specifying, permitting the greasing of settings and frame types.  The outcome of that discussion was that, prior to considering adoption, we’d want to understand the real-world impact of deploying such a behavior.  Bence generously volunteered to add such an experiment to Chrome, which he has done.

The results are discussed at https://crbug.com/1019410.  TL;DR:  Settings are fine, but too many servers blow up on unknown frame types for this to be viable in major client deployments.  They don’t even tell you what they don’t like – they just PROTOCOL_ERROR on you.


Thanks for the experimentation and sharing the results Mike and Bence.

Is the sense that this is symmetrically broken? Do we have data about how server-sent GREASE frames might break clients? (and if not would that move the needle at all).

Frankly, this makes me quite sad.  It means that our primary extension mechanism for HTTP/2 has already rusted shut, and it’s now inadvisable to define new optional-to-understand frame types and send them without prior negotiation.

Now that we have this data, are we interested in pursuing the draft with settings only, or perhaps reserving frame types but recommending caution in their use?

This indeed has some practical implications to active work in the group. I can see how there might be some merit in capturing this situation, along with some guidance, in a draft that can be reference by people making HTTP/2 extensions.

Based on my experience of HTTP/3 interop to date, we are doing pretty well with GREASE perhaps it is time to capture this in the matrix. I'd also like to highlight that today the Cloudflare edge exercises all HTTP/3 grease mechanisms* for all connections.

* unidirectional stream type GREASE is sent when sufficient stream credit is provided by the client e.g. more than 3