RE: [WARNING: ATTACHMENT(S) MAY CONTAIN MALWARE]Re: HTTP(3) priorities

Mike Bishop <mbishop@evequefou.be> Mon, 29 July 2019 19:34 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6E31120043 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Jul 2019 12:34:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.652
X-Spam-Level:
X-Spam-Status: No, score=-2.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fup1eV5yprPb for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Jul 2019 12:34:24 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A795812002F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 29 Jul 2019 12:34:24 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1hsBNp-0007tl-Tk for ietf-http-wg-dist@listhub.w3.org; Mon, 29 Jul 2019 19:32:33 +0000
Resent-Date: Mon, 29 Jul 2019 19:32:33 +0000
Resent-Message-Id: <E1hsBNp-0007tl-Tk@frink.w3.org>
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mbishop@evequefou.be>) id 1hsBNn-0007t0-5s for ietf-http-wg@listhub.w3.org; Mon, 29 Jul 2019 19:32:31 +0000
Received: from mail-eopbgr740113.outbound.protection.outlook.com ([40.107.74.113] helo=NAM01-BN3-obe.outbound.protection.outlook.com) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mbishop@evequefou.be>) id 1hsBNk-0002ku-Si for ietf-http-wg@w3.org; Mon, 29 Jul 2019 19:32:31 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B2Q54U0ZciJV4UVb1IiEO8HmAhn3s/Z7COySH+TAwoKHvUHdbW2/32pOKjQjka5CBnDC4CevZzsQEvgkMC99HYED9RD1JhJVv6y/HiN2uoB1NNZmJ1M9As2uqdDn650+Kwcj9hWh39Stmugj3cdEdEqXAq6Tax4/UuFgLyRElItRdvUGxh0mnOS7Gr1NHpyhFN0Xy7yXo+tUhffNFkJu+6vleycCEONjQE7AoYFu1vCsKcyQQnQmeBYhe9q3UdqTwO+IopljpT3B5LYv4BZrGiL67UurzyqXN/YDyOt3toEIqig+9XThxjWbGhOCYHAtoNU88CJW2z5BwFSiXosbQg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ru/zTi6hR5/Qh3kwxBGSSO7l/GR4WdjD21djAu65CV4=; b=YyezEMkhd5TUZUGP9NYJF+wMLC1jK8A7y4nK5UPGHpzgjQe0FLKv8241Gwgyrr/Z++k9Zj6zSl1IaHF9R/9hxkkuPPzdxtkoFCayd2zbLXGU2e/rtejCILszj8cVfvu8oEMR9HpL31wNW/Zp/XGwOpyHbTtQN+SRdWDkOLg/F2AOYC9loY/MkXbIvX1QM9tIObznhXGUEKcdVWUOIcsvvzUV4sJt4qiGdAggxjRWrvSD2t8nS8zkmiVXJgppG9421t6nim6/My1p+vSYDowgRJuTZkWqOasuJIIdwTUOKqqNx7AXO+4FhB5PWdmQAbaERE+s6MUDQTJKCBr/tGGqzQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=evequefou.be;dmarc=pass action=none header.from=evequefou.be;dkim=pass header.d=evequefou.be;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ru/zTi6hR5/Qh3kwxBGSSO7l/GR4WdjD21djAu65CV4=; b=WWwQrSqjqHwEWZhbrVeY9MvxwgJI45OGAPS8AOEdxz8TtUWk0G+3XOzmBo9Zi3TcV2GS51tnDiqfu1MYtJx3Y4mkJ1hWvciGbXxo/iZubwDOKLfI/fvJskNcGYbtM11rTZDaukjjNIo43StfyD+fX2XmNTCZIbKVqsyJejUr2I0=
Received: from CY4PR22MB0983.namprd22.prod.outlook.com (10.171.164.151) by CY4PR22MB0903.namprd22.prod.outlook.com (10.171.170.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.15; Mon, 29 Jul 2019 19:32:04 +0000
Received: from CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::4190:c9d6:bf3f:2432]) by CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::4190:c9d6:bf3f:2432%4]) with mapi id 15.20.2115.005; Mon, 29 Jul 2019 19:32:04 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: "Oliver, Wesley, Vodacom South Africa (External)" <Wesley.Oliver@vcontractor.co.za>, Kazuho Oku <kazuhooku@gmail.com>
CC: Ian Swett <ianswett=40google.com@dmarc.ietf.org>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: [WARNING: ATTACHMENT(S) MAY CONTAIN MALWARE]Re: HTTP(3) priorities
Thread-Index: AQHVRdnnImES0ElSSUey3JhTQVZiA6bh+yqQ
Date: Mon, 29 Jul 2019 19:32:04 +0000
Message-ID: <CY4PR22MB0983AB60CF366351FFA18DFFDADD0@CY4PR22MB0983.namprd22.prod.outlook.com>
References: <CAKcm_gOzeufrZua5Y9HSVKn3UeuA+XM9bBmEw8W6LdtfhE5LDg@mail.gmail.com> <CANatvzw0rzbDFoc4GZy=KMsDT2udS1PwEK9uXJ4+HsA9CTtYcA@mail.gmail.com> <564520DD-2BAE-48EE-9041-3FCF5531328A@vcontractor.co.za> <CANatvzzrzT4_ANs_8uGd2jCPN38cmatcrm_c6Kavdn6BE-s7yg@mail.gmail.com> <659AE69D-BAC4-4E81-ACBD-503E3645C838@vcontractor.co.za>
In-Reply-To: <659AE69D-BAC4-4E81-ACBD-503E3645C838@vcontractor.co.za>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [74.215.152.7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 43c0bb5f-c4c0-4507-a412-08d7145b6ff2
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:CY4PR22MB0903;
x-ms-traffictypediagnostic: CY4PR22MB0903:
x-microsoft-antispam-prvs: <CY4PR22MB0903C2F07D8FD11CC5051993DADD0@CY4PR22MB0903.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01136D2D90
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(346002)(136003)(396003)(376002)(39830400003)(13464003)(199004)(189003)(39224004)(25786009)(66446008)(74316002)(66946007)(66066001)(76116006)(6116002)(7696005)(3846002)(99286004)(68736007)(229853002)(305945005)(256004)(14444005)(5024004)(54906003)(66476007)(5660300002)(64756008)(110136005)(52536014)(14454004)(66556008)(316002)(86362001)(6436002)(9686003)(486006)(11346002)(2906002)(508600001)(33656002)(446003)(81166006)(8676002)(81156014)(7736002)(55016002)(6506007)(66574012)(26005)(53936002)(6246003)(186003)(8936002)(53546011)(76176011)(71190400001)(102836004)(4326008)(476003)(71200400001)(204813004); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR22MB0903; H:CY4PR22MB0983.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ZM5NOd8DnD2ILMw6ScTmMFy8qGvdrmdvudvytQ320tatP/udLFnE9lKtL7e4TfXnqjvj5xo9llQxHAnVfGbg6U2rxWMLPAJPRV0tjgsHYXV73RFc3JczDuVOpFbCFGGdr/hSVSdMVgXhISy3k+un6+ZqICmGq9b/STOUwg0cUa/K7Q2so6Npkpc1iqv+NcDSdxj8vkSrlnB/4K57bUXxxlrZfDn7/jqk5VZkhAbfqEh0/6AO/qAnFhGJiVkPGGdqoCVd217HWj/3jzIgOgMOXIHza3Fcn7lQFAZUeXHm22JASIyiUjWO+EsBTilPK55pjVKd0/FOqd+rTekPKGod2V2Fc7m+OngrmLYzyCyjln9rRK+s9ihK6LmhF19tztHoeICRT+zLeW2Atpt4NuwBZi9uws19ztF/nIn/pV9CR+E=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 43c0bb5f-c4c0-4507-a412-08d7145b6ff2
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2019 19:32:04.7527 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mbishop@evequefou.be
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR22MB0903
Received-SPF: pass client-ip=40.107.74.113; envelope-from=mbishop@evequefou.be; helo=NAM01-BN3-obe.outbound.protection.outlook.com
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1hsBNk-0002ku-Si 14ffd66be803539a3c0f3145b4f11b67
X-Original-To: ietf-http-wg@w3.org
Subject: RE: [WARNING: ATTACHMENT(S) MAY CONTAIN MALWARE]Re: HTTP(3) priorities
Archived-At: <https://www.w3.org/mid/CY4PR22MB0983AB60CF366351FFA18DFFDADD0@CY4PR22MB0983.namprd22.prod.outlook.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/36863
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Whatever we design will likely be used with both HTTP/2 and HTTP/3.

HTTP/2 is TCP, so delivering segments in priority is... inadvisable.

HTTP/3 is QUIC, where the application data is encrypted.

In neither case is it possible (or advisable) to put unencrypted application-level priority fields outside the encrypted envelope.

-----Original Message-----
From: Oliver, Wesley, Vodacom South Africa (External) <Wesley.Oliver@vcontractor.co.za> 
Sent: Monday, July 29, 2019 2:47 AM
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Ian Swett <ianswett=40google.com@dmarc.ietf.org>rg>; IETF QUIC WG <quic@ietf.org>rg>; HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: [WARNING: ATTACHMENT(S) MAY CONTAIN MALWARE]Re: HTTP(3) priorities

Hi,

Ideally the payload should be encrypted!
Any form of priority flags and Oos and steamID should be publicly readable, so that routes and switches Can deal with buffer bloat at the data frame level.

Well with out quality of service, you subject to router packet inspection, and congestion and re-transmission Rules that are custom to that router. Any isp can shape traffic how they like, so Qos, just way to improve the a realtime reverse pipe Across network segments, to ensure the use has the correct realtime experience.
So to just claim the Qos effects it, is not correct, there so many other external factors that would affect it.

Kind Regards,

Wesley Oliver

> On 26 Jul 2019, at 15:48, Kazuho Oku <kazuhooku@gmail.com> wrote:
> 
> Hi Oliver,
> 
> Thank you for your comments.
> 
> Being a server developer, I like the idea of splitting the urgency 
> groups, but I am not sure if we should bake something that we *might* 
> want to use into the core design. IIUC, your suggestion is to have a 
> more fine-grained signaling between the web application and the H2/H3 
> terminator. Assuming that is the case, these two parties can do an 
> experiment, by defining a proprietary parameter of the Proxy header 
> field, do the experiments, then ask for it to become an official 
> extension.
> 
> Now that we are dropping support for priorities in H3, it is 
> beneficial to have some alternative shipped at an early moment.
> 
> Therefore, it is my view that we should first standardize something 
> minimally viable, based on what the clients and servers already do, at 
> the same time leaving room for experiments and improvements. While I 
> agree that having 20*8 urgency levels is possible, it is complex than 
> just having 8 urgency levels. Broad adoption of the H2 prioritization 
> scheme happened, even though it was implementable. At least two 
> large-scale server operators do support it the way spec is written.
> But for others, it seemed too complicated. I think we would like to 
> minimize the chance of repeating that failure.
> 
> Regarding your other comments, I am not sure if I am following, but I 
> do not think that routers or switches would deal with the HTTP-level 
> priority information. Plaintext H2 is not a thing, and H3 will always 
> be encrypted. It is also my understanding that sending some packets of 
> a connection with a different QoS label is a bad idea, because doing 
> so would have bad impact on loss recovery and congestion control. I 
> could be wrong (or there might be some solution that I am not aware of
> - I'm not a transport persone), though.
> 
> 2019年7月25日(木) 2:48 Oliver, Wesley, Vodacom South Africa (External)
> <Wesley.Oliver@vcontractor.co.za>za>:
>> 
>> Hi,
>> 
>> The only thing I could suggest is that you make those priority flags 
>> increments of 20, So that if there are changes or minor priority 
>> preference per website, then That in between numbers can be used. If 
>> there is any new future priority conventions Then just add them in the middle of the 20 group splitting the existing group.
>> Maybe make the field 2 bytes, which allows for future expansion, were 
>> there are many files, streams Which require a new priority order.
>> 
>> Otherwise one needs to build a priority map, over the deps, converting a high resolution to low resolution.
>> 
>> Kind Regards,
>> 
>> Wesley Oliver
>> 
>>> On 24 Jul 2019, at 19:14, Kazuho Oku <kazuhooku@gmail.com> wrote:
>>> 
>>> Hi!
>>> 
>>> Attached are the slides that Lucas and I presented during the side meeting.
>>> 
>>> Thank you all for the feedback.
>>> 
>>> 2019年7月9日(火) 21:00 Ian Swett <ianswett=40google.com@dmarc.ietf.org>rg>:
>>>> 
>>>> There has been quite a bit of discussion of HTTP priorities lately on both the QUIC and HTTP mailing lists, with more to follow.  The plan for IETF in Montreal is as follows:
>>>> 
>>>> Monday: Overview of priorities for 15 minutes in HTTP, with 15 minutes discussion.
>>>> Wednesday: A side meeting will be held from 8:30-9:45am in Van Horne.
>>>> Thursday: I'll summarise the side meeting in Wednesday's HTTP session.
>>>> 
>>>> Thanks, Ian
>>> 
>>> 
>>> 
>>> --
>>> Kazuho Oku
>>> <The Priority Header Field.pdf>
>> 
>> This e-mail is classified C2 - Vodacom Restricted - Information to be used inside Vodacom but it may be shared with authorised partners.
>> 
>> "This e-mail is sent on the Terms and Conditions that can be accessed by Clicking on this linkhttps://www.vodacom.co.za/vodacom/terms/email-acceptable-user-policy"
> 
> 
> 
> --
> Kazuho Oku


"This e-mail is sent on the Terms and Conditions that can be accessed by Clicking on this linkhttps://www.vodacom.co.za/vodacom/terms/email-acceptable-user-policy"