Re: ID for Immutable

Patrick McManus <pmcmanus@mozilla.com> Fri, 28 October 2016 15:06 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79D6F12962D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 28 Oct 2016 08:06:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.351
X-Spam-Level:
X-Spam-Status: No, score=-7.351 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wwnGkWVg5nup for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 28 Oct 2016 08:06:11 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28D21129558 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 28 Oct 2016 08:06:10 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1c08fE-0002nu-27 for ietf-http-wg-dist@listhub.w3.org; Fri, 28 Oct 2016 15:01:48 +0000
Resent-Date: Fri, 28 Oct 2016 15:01:48 +0000
Resent-Message-Id: <E1c08fE-0002nu-27@frink.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <pmcmanus@mozilla.com>) id 1c08f9-0002mz-Bd for ietf-http-wg@listhub.w3.org; Fri, 28 Oct 2016 15:01:43 +0000
Received: from www.ducksong.com ([192.155.95.102] helo=linode64.ducksong.com) by titan.w3.org with esmtp (Exim 4.84_2) (envelope-from <pmcmanus@mozilla.com>) id 1c08f2-0001JW-Em for ietf-http-wg@w3.org; Fri, 28 Oct 2016 15:01:37 +0000
Received: from mail-yw0-f172.google.com (mail-yw0-f172.google.com [209.85.161.172]) by linode64.ducksong.com (Postfix) with ESMTPSA id DFF043A044 for <ietf-http-wg@w3.org>; Fri, 28 Oct 2016 11:01:13 -0400 (EDT)
Received: by mail-yw0-f172.google.com with SMTP id w3so87371179ywg.1 for <ietf-http-wg@w3.org>; Fri, 28 Oct 2016 08:01:13 -0700 (PDT)
X-Gm-Message-State: ABUngvdcMsplpvH5i0KrubmjTjtq2BYS4Bxz7v02zOkW+dT6R12df5AHncDNEEJIrnhFym/Ld/J9hp6uRLpnaA==
X-Received: by 10.107.32.10 with SMTP id g10mr11905691iog.183.1477666873650; Fri, 28 Oct 2016 08:01:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.228.236 with HTTP; Fri, 28 Oct 2016 08:01:12 -0700 (PDT)
In-Reply-To: <CAOdDvNpNAUccK0FO2HyvL7etnxEg2FRt0tvXwXxkR1q5wLy_gw@mail.gmail.com>
References: <CAOdDvNqam930_0eA1p3yHW+xDdOm0AAMKvVKe6xwNwm1itpRpQ@mail.gmail.com> <20161028144407.48EFF162D1@welho-filter4.welho.com> <CAOdDvNpNAUccK0FO2HyvL7etnxEg2FRt0tvXwXxkR1q5wLy_gw@mail.gmail.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Fri, 28 Oct 2016 11:01:12 -0400
X-Gmail-Original-Message-ID: <CAOdDvNpi=TxEf+W5vX8V3rCh8yB2P14pgO6bFXKthODRaU_y-g@mail.gmail.com>
Message-ID: <CAOdDvNpi=TxEf+W5vX8V3rCh8yB2P14pgO6bFXKthODRaU_y-g@mail.gmail.com>
To: Patrick McManus <pmcmanus@mozilla.com>
Cc: Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP working group mailing list <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a1140b15c19b8ee053fee21f2"
Received-SPF: softfail client-ip=192.155.95.102; envelope-from=pmcmanus@mozilla.com; helo=linode64.ducksong.com
X-W3C-Hub-Spam-Status: No, score=-4.6
X-W3C-Hub-Spam-Report: AWL=-1.401, BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1c08f2-0001JW-Em 526e10f823bff356666efd885bd6db75
X-Original-To: ietf-http-wg@w3.org
Subject: Re: ID for Immutable
Archived-At: <http://www.w3.org/mid/CAOdDvNpi=TxEf+W5vX8V3rCh8yB2P14pgO6bFXKthODRaU_y-g@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32701
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hey Kari, In my distaste for response header hashes, I did hastily neglect
to mention that one of my implementation corner cases was to ignore
immutable in cases of weakly framed content.. we define weakly framed as
responses terminated by EOF or with Content-Lengths that don't match, or
chunked encodings without a 0 chunk at the end. Experience has shown that
we have to accept these responses for reasons of interop - but discretion
says to ignore immutable on them as they may be indications of corruption.
The ID should mention this - I'll put in -01. Thanks.

worth noting here that the refresh conditional-request path that immutable
impacts has never helped much with the corruption case.. it conditionally
verifies etags or l-m, but generally the corruption is in the message body
- most often truncation. so a 304 reply confirms to the client to keep
using the corrupted content anyhow.. that's there is often a force (or
hard) reload option that goes with no-cache and the draft tries to point
out you really shouldn't use immutable to shortcut that. We use this
force-reload path in lieu of revalidations for weekly framed things.


On Fri, Oct 28, 2016 at 10:50 AM, Patrick McManus <pmcmanus@mozilla.com>
wrote:

> the notion of integrity hashes have failed in the past (notably md5)..
> separable from immutable imo and would rather not tie that anchor to its
> fate.
>
> On Fri, Oct 28, 2016 at 10:44 AM, Kari Hurtta <
> hurtta-ietf@elmme-mailer.org> wrote:
>
>> > Htmlized:       https://tools.ietf.org/html/draft-mcmanus-immutable-00
>>
>> |    o  User-Agents often provide two different refresh mechanisms: reload
>> |       and some form of force-reload.  The latter is used to rectify
>> |      interrupted loads and other corruption.  These reloads should
>> |      ignore immutable as well.
>>
>> How about making it
>>
>> Cache-Control: max-age=31536000, immutable=<hash-function-value>
>>
>>
>> So that immutable does not have effect if result of hash-function
>> does not give same value that what is value of immutable
>> cache control.
>>
>> Several immutable cache controls are invalid if they are result
>> of same hash-function.
>>
>> If server can't calculate hash-function over resource,
>> is is really static non-caching resource?
>>
>> I think that this protects agaist that interrupted loads
>> becomes immutable.
>>
>> / Kari Hurtta
>>
>>
>