IETF Logo Mail Archive

Re: HTTP router point-of-view concerns

"Mark Delany" <s2y@romeo.emu.st> Sat, 13 July 2013 18:30 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC99C21F9DCF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 11:30:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HflWZ181AwHo for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 11:30:42 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 8936A21F9DF2 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 11:30:42 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Uy4ZZ-0006lI-5j for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Jul 2013 18:29:33 +0000
Resent-Date: Sat, 13 Jul 2013 18:29:33 +0000
Resent-Message-Id: <E1Uy4ZZ-0006lI-5j@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <s2y@romeo.emu.st>) id 1Uy4ZR-0006kG-7x for ietf-http-wg@listhub.w3.org; Sat, 13 Jul 2013 18:29:25 +0000
Received: from f5.bushwire.net ([199.48.133.46] helo=smtp1.bushwire.net) by lisa.w3.org with smtp (Exim 4.72) (envelope-from <s2y@romeo.emu.st>) id 1Uy4ZP-0000MK-Vm for ietf-http-wg@w3.org; Sat, 13 Jul 2013 18:29:25 +0000
Received: (qmail 69388 invoked by uid 1001); 13 Jul 2013 18:29:02 -0000
Delivered-To: qmda-intercept-ietf-http-wg@w3.org
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=s384; d=romeo.emu.st; b=Ua/VuNbDa0k3Urq3TyO6z0KMnDlLiGIIHhE1+FDJ1FE3PmoUswi4YfNPiP7KBgJi;
Comments: DomainKeys? See http://en.wikipedia.org/wiki/DomainKeys
DomainKey-Trace-MD: h=21; b=45; l=C18R71D32M65F38T23S47R80?33?69?69?49?37?48?37?32?49M17C39C27I61;
Comments: QMDA 0.3
Received: (qmail 69381 invoked by uid 1001); 13 Jul 2013 18:29:02 -0000
Date: Sat, 13 Jul 2013 18:29:02 +0000
Message-ID: <20130713182902.69380.qmail@f5-external.bushwire.net>
From: Mark Delany <s2y@romeo.emu.st>
To: ietf-http-wg@w3.org
References: <CAP+FsNdcYhA=V5Z+zbt70b5e7WmcmXgjG5M9L3vfXeXfTwmRnw@mail.gmail.com> <51DE327C.7010901@treenet.co.nz> <CABkgnnXeqD6wh0dcJ1Dz=4PLAJNkDeGcCuzMr9ATd_7xS7nbGQ@mail.gmail.com> <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com> <092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com> <3835.1373612286@critter.freebsd.dk> <CD9E163F-1225-4DA8-9982-8BDBD16B1051@mnot.net> <1772.1373629495@critter.freebsd.dk> <20130712125628.GC28893@1wt.eu> <881777F8-86A7-4943-9BBD-8EB2DC306834@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <881777F8-86A7-4943-9BBD-8EB2DC306834@gmail.com>
Received-SPF: none client-ip=199.48.133.46; envelope-from=s2y@romeo.emu.st; helo=smtp1.bushwire.net
X-W3C-Hub-Spam-Status: No, score=0.1
X-W3C-Hub-Spam-Report: DKIM_SIGNED=0.1
X-W3C-Scan-Sig: lisa.w3.org 1Uy4ZP-0000MK-Vm e4ad68b2c9c2a62c2af2ea7a05e16a22
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/20130713182902.69380.qmail@f5-external.bushwire.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18745
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

(Gack wrong sender address - you might see this twice).

On 13Jul13, Sam Pullara allegedly wrote:
> This can be (and in many cases is already) solved at any web company big enough to need to solve it. I'm 100% in favor of using a client generated session identifier. This would dramatically simplify HTTP/2 in a real way. Cookies are from another era when building a server-side scalable session data store was difficult and expensive. I would argue that isn't the case anymore.

Just so I understand, does "solved" in this context means:

a) Clients stop exchange cookies

b) Clients start exchanging sessions ids

   (As we know, both of these can be achieved thru the cookie
   mechanism today by the server generating a session id cookie and
   dropping/expiring all other cookies).

c) Assuming origins and other internal systems will still need to see
   a cookie flow for many years to come, participating edge systems
   will need to act as a persistent, consistent cookie cache/proxy on
   behalf of the clients.

   Client -> sessionid -> Edge --sessionid+Cookies--> origin
                           |
                           ^
                           |
                    | Cookie Jar |
                           |
                           ^
                           |
   Client <- sessionid <- Edge <--New Cookies-- origin

d) In a decade or two, when all internal systems grok session id, the
   edges can discard their cookie proxy implementations.

The benefit being that you achieve perfect cookie compression on
your external links without inventing a fancy compression system.

The cost being that large/complicated sites will need to implement a
persistent, consistent, distributed cookie store at their edges until
they upgrade all internal systems.

The argument being that the big guys get the most benefit, ergo they
should bear the cost?


Mark.

v2.35.0 | Report a Bug | By Email | System Status