Re: [hybi] #1: HTTP Compliance

[Willy Tarreau <w@1wt.eu>]

On Thu, Jul 22, 2010 at 06:32:02AM +0000, Ian Hickson wrote:
> I see no advantage in the common case to using the same software for both. 
> It's far easier to just host them separately.
> 
> Why don't people use the same software for HTTP and DNS? Or IMAP and SMTP?  
> Or IRC and FTP? Why would they act differently for HTTP and WebSocket?

Ian, you forget one thing : "applications".
HTTP + WebSocket will be combined in the same use to for applications,
with WebSocket being the interactive part, and HTTP carrying all the
transactional parts. For this reason, they will be intimately bound,
there will be a need for shared context, for persistence between the
two protocols from the same user on the same server, for passing
credentials, etc... None of the other examples you've proposed above
need that. And in fact there's one case where IMAP+SMTP are used
together, it's when you require a user to first log into the POP or
IMAP server so that he's allowed to relay through the SMTP server.
And in this case, both are bound ;-)

(...)
> On Thu, 22 Jul 2010, Jamie Lokier wrote:
> > Willy Tarreau wrote:
> > >
> > > [Good description of transparent proxies at ISPs with configurable 
> > > HTTP-aware rules on the routers.]
> 
> What Willy wrote was not a description of transparent proxies but of 
> man-in-the-middle proxies. Transparent proxies are a different beast 
> altogether. Please see the HTTP spec for details. Man-in-the-middle 
> proxies are not legitimate per the HTTP spec as far as I can tell,
> and are the cause of many problems on the Web (such as the lack of
> our ability to deploy pipelining).

Sorry ? what you call man-in-the-middle is what HTTP calls "gateways"
or what are commonly called "reverse-proxies". Not only they don't
cause lots of imaginary problems, they're deployed everywhere and you
don't ever notice them, reason why you believe they don't work. Try
to spot one large site which does not make use of an HTTP gateway in
front of servers. Hint: they're at least in every layer 7 load
balancers. So please stop thinking about your perl-written server
running on your laptop for your own tests and think about the real
world.

> On Thu, 22 Jul 2010, Willy Tarreau wrote:
> > 
> > There are not that many ISPs in each country, I mean there are far less 
> > ISPs than there are web sites or potential WebSocket implementers. 
> > There's a high pressure on them to work as expected by customers.
> 
> Not high enough, clearly, or we'd be able to deploy pipelining.

We'd be able to *enable* pipelining, not deploy it for the other reason
I explained before (high cost and risks on intermediates for little added
value). However, if there are some remaining places where it still does
not work, well it may very well be because it's disabled by default in
browsers so that nobody has to complain.

> On Thu, 22 Jul 2010, Willy Tarreau wrote:
> > > 
> > > (Note: from a conformance standpoint, the "server" includes the 
> > > proxy.)
> > 
> > as seen from the client, yes. As seen from the proxy or the server or 
> > any intermediate between them, no :-)
> 
> I mean as seen from the point of view of conformance to the specification.

Then it's a gateway, not a server.

Willy