Re: New Version Notification for draft-kerwin-http2-encoded-data-01.txt
Matthew Kerwin <matthew@kerwin.net.au> Wed, 23 July 2014 00:29 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D03B1A01FF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Jul 2014 17:29:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.28
X-Spam-Level:
X-Spam-Status: No, score=-6.28 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4XNKthjK1eh for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Jul 2014 17:29:29 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B45EA1A0188 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 22 Jul 2014 17:29:29 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1X9kOs-00036U-Ee for ietf-http-wg-dist@listhub.w3.org; Wed, 23 Jul 2014 00:27:18 +0000
Resent-Date: Wed, 23 Jul 2014 00:27:18 +0000
Resent-Message-Id: <E1X9kOs-00036U-Ee@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phluid61@gmail.com>) id 1X9kOd-000326-1j for ietf-http-wg@listhub.w3.org; Wed, 23 Jul 2014 00:27:03 +0000
Received: from mail-qa0-f41.google.com ([209.85.216.41]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <phluid61@gmail.com>) id 1X9kOb-0006MN-Gr for ietf-http-wg@w3.org; Wed, 23 Jul 2014 00:27:02 +0000
Received: by mail-qa0-f41.google.com with SMTP id j7so494850qaq.0 for <ietf-http-wg@w3.org>; Tue, 22 Jul 2014 17:26:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=P1cACeo6rDVvgiyrSFDHDb0EEgHHJqaUYPW71cm8QZY=; b=e1+WJMNeP44f0GX1ZiA10MRjACoRS4IuZO60j1g5u6ZDWoz1mY2cBhPEAMxoDGE0jV 4Szk7fw9N2MT3j5J4coDxkPOYvxbf1qvX7WkGE+NW/u/kRRn7LjjRT0kNN5LqA0tLSft f3wMip+WU3Rsu23M8JGOcVXAZNvw1mQ6xVupRBIAzXw/gmTKllukvrPEBknm/4tfq5/u HB55gk1/gtTWFXPtmudMzfahuYKJFFr9WC5tWZnqcuj/IeUhNp7gjYhY4R6JfcystSCJ 2p0fSui1sOecnaCgjWbYP6GrPgMfj1+Fk7DiNP6juOTNWxOH2sYdxWju48orv+IvRStk qI0Q==
MIME-Version: 1.0
X-Received: by 10.140.47.80 with SMTP id l74mr56848633qga.24.1406075195771; Tue, 22 Jul 2014 17:26:35 -0700 (PDT)
Sender: phluid61@gmail.com
Received: by 10.140.25.139 with HTTP; Tue, 22 Jul 2014 17:26:35 -0700 (PDT)
In-Reply-To: <CAH_y2NGrwbUiOEHiux4e7qz=HHM3xSBRojpURkOO6d6E4ca5FA@mail.gmail.com>
References: <20140721234651.7996.35285.idtracker@ietfa.amsl.com> <CACweHNDQ-rVJW6_uq=3H4Pcnf2NdbdE058OvXUVEnmfh+DJSnA@mail.gmail.com> <CAH_y2NGrwbUiOEHiux4e7qz=HHM3xSBRojpURkOO6d6E4ca5FA@mail.gmail.com>
Date: Wed, 23 Jul 2014 10:26:35 +1000
X-Google-Sender-Auth: 84iXUVpNjFj9duroXkPZLBqPsdc
Message-ID: <CACweHNC6Pd_TSw2bBumFDiWDNxcxUHZZnm5=HvV76jGwVzDrYA@mail.gmail.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Greg Wilkins <gregw@intalio.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a11c1606492538404fed164c3"
Received-SPF: pass client-ip=209.85.216.41; envelope-from=phluid61@gmail.com; helo=mail-qa0-f41.google.com
X-W3C-Hub-Spam-Status: No, score=-3.2
X-W3C-Hub-Spam-Report: AWL=-2.720, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1X9kOb-0006MN-Gr 366e4e38675d47638040821c7f9f0e7b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-kerwin-http2-encoded-data-01.txt
Archived-At: <http://www.w3.org/mid/CACweHNC6Pd_TSw2bBumFDiWDNxcxUHZZnm5=HvV76jGwVzDrYA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26304
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 23 July 2014 09:14, Greg Wilkins <gregw@intalio.com> wrote: > > Matthew, > > why are the compression contexts frame only? Doesn't that make this > extension very vulnerable to fragmentation, specially if we drop > END_SEGMENT as we have done. > > > > > > Surely there is no harm in having a compression context that is per stream? > > The two main reasons were CRIME/BREACH attacks, and to limit the state commitment, particularly when transport-level compression was part of the main spec. I'm trying to dig up a reference to the conversation that lead to it; here's one cherry I've picked from the archives, which might be a starting point back from which to work: http://lists.w3.org/Archives/Public/ietf-http-wg/2014AprJun/0297.html Three months is such a long time ago, on the internet. :\ Incidentally, END_SEGMENT had potential to enforce useful fragmentation -- i.e. avoiding a CRIME/BREACH attack by separating secret and attacker-controlled data with an end-to-end barrier -- if the END_SEGMENT mechanism was exposed to the origin application. > If there is a desire to have per frame contexts, can't that be done with > different types rather than saying that no type can have a stream context? > > It could be, I'm totally up for discussion on it. If the WG wants to adopt the draft, or just host the discussion on it, I'm cool with that too. Probably not when we're focusing pretty hard on getting consensus and closing out issues in the main spec, though. -- Matthew Kerwin http://matthew.kerwin.net.au/
- Fwd: New Version Notification for draft-kerwin-ht… Matthew Kerwin
- Re: Fwd: New Version Notification for draft-kerwi… Poul-Henning Kamp
- Re: Fwd: New Version Notification for draft-kerwi… Matthew Kerwin
- Re: New Version Notification for draft-kerwin-htt… Greg Wilkins
- Re: New Version Notification for draft-kerwin-htt… Matthew Kerwin
- Re: New Version Notification for draft-kerwin-htt… Amos Jeffries
- Re: New Version Notification for draft-kerwin-htt… Roberto Peon
- Re: New Version Notification for draft-kerwin-htt… Amos Jeffries
- Re: New Version Notification for draft-kerwin-htt… Matthew Kerwin
- Re: New Version Notification for draft-kerwin-htt… Roberto Peon
- Re: New Version Notification for draft-kerwin-htt… Roberto Peon
- Re: New Version Notification for draft-kerwin-htt… Matthew Kerwin