IETF Logo Mail Archive

Re: The qpack_static_table_version TLS extension (Draft version 02)

David Benjamin <davidben@chromium.org> Mon, 27 November 2023 18:58 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75D83C15108E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 27 Nov 2023 10:58:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.757
X-Spam-Level:
X-Spam-Status: No, score=-2.757 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kiPnj5wSQvwO for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 27 Nov 2023 10:58:22 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88BE6C14CE44 for <httpbisa-archive-bis2Juki@ietf.org>; Mon, 27 Nov 2023 10:58:22 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1r7gnW-00EWS9-M9 for ietf-http-wg-dist@listhub.w3.org; Mon, 27 Nov 2023 18:57:34 +0000
Resent-Date: Mon, 27 Nov 2023 18:57:34 +0000
Resent-Message-Id: <E1r7gnW-00EWS9-M9@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <davidben@google.com>) id 1r7gnU-00EWR7-Ae for ietf-http-wg@listhub.w3.org; Mon, 27 Nov 2023 18:57:32 +0000
Received: from mail-yw1-x112a.google.com ([2607:f8b0:4864:20::112a]) by titan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <davidben@google.com>) id 1r7gnS-004X0B-AK for ietf-http-wg@w3.org; Mon, 27 Nov 2023 18:57:31 +0000
Received: by mail-yw1-x112a.google.com with SMTP id 00721157ae682-5c8c26cf056so46713587b3.1 for <ietf-http-wg@w3.org>; Mon, 27 Nov 2023 10:57:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1701111445; x=1701716245; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=HpduzesypZyUoHooqxjHsekhNMxQUaBB2sSSGcuyAGE=; b=C/sTdNrkudjFNs8VoS1Pqj69/u7elmoWxCdS++2t2UR8QO6lu39CDxXdqG9lYnqaL1 26LkpWTRoehRj/481HPIxyuBFjZTTltMTJoStgq1r3TH5NTYBMK0PYhNoNmuAQTzF/RH gwmnjWPoU6na2rLTiXr5D5lQz8DxUveRtUZUo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701111445; x=1701716245; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HpduzesypZyUoHooqxjHsekhNMxQUaBB2sSSGcuyAGE=; b=Zltx8xnhwLapyRCNMmSrhFS7yxtsOYLAjnALHycS9Kic8qAusQi7h0V/lLlCHaBTsV cbEfMS6SvL5JXPUqBRrfW6dOy6UgmyvqbBKdxqzgFYB9XexMnDWoWKD+pAoKRflrRWsp eBHRP11esILnanLnqZCyWxMhvy0IPDNicaTLxNkmUARARf7kbXSE7HN574P8+CinIaV1 mk8CAURSkMJf2GzeMJ2vrHSxgFWwQ/ffv2dOLtLP0if387Jqbe4XacGSMbOpiv+XmFwX OgKWRJC4DDqLtAc+00JyOuxTK/CDt1gXgrFaWpjBIFM8kU2amothNFqyEyAml1k6RzaK sPDw==
X-Gm-Message-State: AOJu0Yw1aI2O4Ejz8M+g++R2bkFdy6pnXJoPIB9DO8Z26r3gmfIsUiXq Jb0pSyuThS8bMXUusASAqR2KaLZoq288Uwa4mIxg5QpvQoFK9Eiu1Q==
X-Google-Smtp-Source: AGHT+IFV+OTTh6t+ekpce+FBE0+tfjp6MbfVGg9VxBC7itFa/8FvCSgNyJOqS+Wl8yoyPbz+eb3k12zPZfIUKN6hwd0=
X-Received: by 2002:a0d:d612:0:b0:5ca:4b5b:84fd with SMTP id y18-20020a0dd612000000b005ca4b5b84fdmr13298603ywd.3.1701111445300; Mon, 27 Nov 2023 10:57:25 -0800 (PST)
MIME-Version: 1.0
References: <CAEmMwDyPe6QD2-bce6Y8RYJgaJJY+zh-N3-4awON4_C54m1dAA@mail.gmail.com>
In-Reply-To: <CAEmMwDyPe6QD2-bce6Y8RYJgaJJY+zh-N3-4awON4_C54m1dAA@mail.gmail.com>
From: David Benjamin <davidben@chromium.org>
Date: Mon, 27 Nov 2023 13:57:07 -0500
Message-ID: <CAF8qwaDQAn2qskdYNZEe_Z22PMveZYG1iFz-906Ws-8D7JcqSA@mail.gmail.com>
To: Rory Hewitt <rory.hewitt@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000006c880c060b26dfe5"
Received-SPF: pass client-ip=2607:f8b0:4864:20::112a; envelope-from=davidben@google.com; helo=mail-yw1-x112a.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=davidben@google.com domain=chromium.org), signature is good
X-W3C-Hub-Spam-Status: No, score=-11.3
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_SPF_WL=-7.5, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1r7gnS-004X0B-AK cb90b676e262deee08ef625920f15657
X-Original-To: ietf-http-wg@w3.org
Subject: Re: The qpack_static_table_version TLS extension (Draft version 02)
Archived-At: <https://www.w3.org/mid/CAF8qwaDQAn2qskdYNZEe_Z22PMveZYG1iFz-906Ws-8D7JcqSA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51611
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> FWIW, I'm inclined to come out against the idea of using ALPS rather than
a TLS extension, primarily because ALPS is specifically NOT designed to be
a negotiation mechanism.

I think this may be fixating too much on the name and missing what the
extension actually does.

As one of the folks involved in the original design, I think I can
authoritatively say this is false. We named ALPS S for settings simply
because "ALPS" is easy to pronounce, and because the corresponding message
in h2 and h3 is called SETTINGS. It is absolutely designed to communicate
application protocol capabilities and preferences... in other words,
negotiation. Indeed we specifically had [HQ]PACK static tables in mind as a
use case when designing this. See here:
https://www.ietf.org/archive/id/draft-davidben-tls-alps-half-rtt-00.html#section-1-2

> Of course basic ALPN IS a negotiation mechanism (it's right there in the
name!)

I think this is further fixating on naming coincidences. The N in ALPN
doesn't mean "Negotiation *within* an Application-Layer Protocol" but
"Negotiation *of* Application-Layer Protocol". We couldn't name ALPS after
the former because ALPN was already taken and it's a bit ambiguous.

> maybe what I *want* is a brand-new ALSN (Application-Layer Stuff
Negotiation) which would encompass ALPN and also QPACK static table
negotiation and anything else which needs to be negotiated.

If you work through that design, I think you will quickly reinvent
something akin to the ALPN + ALPS combo.

Really all this is just the standard set of tradeoffs in protocol design
between minting new top-level versions or optional extensions within a
version:

- If we think this is just a sequential series of infrequently updated,
essentially universal features, this can be rolled up into h2.1, h2.2,
h2.3, etc., once we've settled on a cadence/criteria for how often we want
to mint new ones of these.

- If we think there may be multiple static tables for different folks, or
that we want to define new ones frequently, or that maybe one might want to
not have a static table at all, these tables may need to be one of several
orthogonal features. We don't have a great story for this in h2 and h3
today. ALPS aims to fill that gap, and fill in a few papercuts we left in
h3 around how SETTINGS and 0-RTT tickets interact.

FWIW, while I believe ALPS is the right starting point for problems shaped
like the second case, I don't personally have any horse in whether new
static tables should look like the first or second. The second seems
perfectly defensible, once we've switched from "never defining new ALPNs"
to "occasionally defining new ALPNs".

On Mon, Nov 27, 2023 at 1:12 PM Rory Hewitt <rory.hewitt@gmail.com> wrote:

>
>    - Bumping this to request some input on my changes...
>
> FWIW, I'm inclined to come out against the idea of using ALPS rather than
> a TLS extension, primarily because ALPS is specifically NOT designed to be
> a negotiation mechanism. Of course basic ALPN IS a negotiation mechanism
> (it's right there in the name!), so maybe what I *want* is a brand-new ALSN
> (Application-Layer Stuff Negotiation) which would encompass ALPN and also
> QPACK static table negotiation and anything else which needs to be
> negotiated. It could probably include ALPS as well, since that could just
> not use the 'negotiation' concept... But I fear that's a pipe dream :)
>
>    -
>    - From: Rory Hewitt <rory.hewitt@gmail.com
>    <rory.hewitt@gmail.com?Subject=Re%3A%20The%20qpack_static_table_version%20TLS%20extension%20(Draft%20version%2002)&In-Reply-To=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E&References=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E>
>    >
>    - Date: Thu, 9 Nov 2023 16:03:23 -0800
>    - To: HTTP Working Group <ietf-http-wg@w3.org
>    <ietf-http-wg@w3.org?Subject=Re%3A%20The%20qpack_static_table_version%20TLS%20extension%20(Draft%20version%2002)&In-Reply-To=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E&References=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E>>,
>    TLS List <tls@ietf.org
>    <tls@ietf.org?Subject=Re%3A%20The%20qpack_static_table_version%20TLS%20extension%20(Draft%20version%2002)&In-Reply-To=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E&References=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E>>,
>    "Hewitt, Rory" <rhewitt=40akamai.com@dmarc.ietf.org
>    <rhewitt=40akamai.com@dmarc.ietf.org?Subject=Re%3A%20The%20qpack_static_table_version%20TLS%20extension%20(Draft%20version%2002)&In-Reply-To=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E&References=%3CCAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb%3DciEcEYrJOFzxcKA%40mail.gmail.com%3E>
>    >
>    - Message-ID: <CAEmMwDyy2hHfAN3gWWyyKRNFDUJ9i9aDgb=
>    ciEcEYrJOFzxcKA@mail.gmail.com>
>
> Hey folks,
>
> Following my presentation at the meeting at IETF 118 today (thanks for
> taking it easy on me, as this was my first IETF appearance as well as being
> my first I-D), I have created another version of my I-D:
> https://www.ietf.org/archive/id/draft-hewitt-ietf-qpack-static-table-version-02.html
>
> Significant changes from version-01 are as follows:
>
> 1. I changed references to registry "Version" to "Variant" to make it clear
> that they could be very different.
>
> 2. I added a section on vendor-defined registries, which would contain
> static tables that might be much smaller and/or contain vendor-specific
> field names or values - for instance for personal assistants and APIs which
> only use a very small set of headers with known values.
>
> 3. In the QPACK Static Table Background
> <https://www.ietf.org/archive/id/draft-hewitt-ietf-qpack-static-table-version-02.html#name-qpack-static-table-backgrou>
> section,
> I added an example showing how the use of a static table can significantly
> reduce bytes on the wire by passing only 2- or 3-byte references to much
> longer strings that are known to both client and server.
>
> 4. The details of the TLS extension has been changed so that it is no
> longer simply a Variant/Length pair, but similarly to ciphersuite support,
> it is (when passed in the ClientHello) an array of Variant/Length
> combinations supported by the client and (when passed in the ServerHello) a
> single negotiated Variant/Length pair which will be used by both client and
> server.
>
> Note that the draft still refers to this as a "TLS extension" - I think
> many of us agree that it would be preferable if it were defined in ALPS,
> but since ALPS support is still minimal, I'll keep referring to it as a TLS
> extension for now. Given that, I would really appreciate any comments on
> the high-level concept, on the understanding that it may not end up being a
> TLS extension. Speaking of which, where can I find details of why ALPS was
> not taken up - it was mentioned in the meeting that there were 'concerns'
> about ALPS, but I'm not clear on what they were or who was concerned - HTTP
> WG or TLS WG or both or some other entity?
>
> Finally, I'm still trying to build a test harness to determine whether the
> benefits of any additional compression make sense - is this even worth the
> hassle? I would greatly appreciate any help on this - you'll get co-author
> credit, for what that's worth :)
>
> Thanks,
>
> Rory
>
> Received on Friday, 10 November 2023 00:03:41 UTC
>

v2.23.0 | Report a Bug | By Email