IETF Logo Mail Archive

Re: [hybi] Extensibility mechanisms?

Jamie Lokier <jamie@shareable.org> Mon, 26 July 2010 21:10 UTC

Return-Path: <jamie@shareable.org>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C61F3A69F8 for <hybi@core3.amsl.com>; Mon, 26 Jul 2010 14:10:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.586
X-Spam-Level:
X-Spam-Status: No, score=-1.586 tagged_above=-999 required=5 tests=[AWL=-0.846, BAYES_20=-0.74]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dArO7RRhRYmk for <hybi@core3.amsl.com>; Mon, 26 Jul 2010 14:10:00 -0700 (PDT)
Received: from mail2.shareable.org (mail2.shareable.org [80.68.89.115]) by core3.amsl.com (Postfix) with ESMTP id 24C383A6998 for <hybi@ietf.org>; Mon, 26 Jul 2010 14:09:59 -0700 (PDT)
Received: from jamie by mail2.shareable.org with local (Exim 4.63) (envelope-from <jamie@shareable.org>) id 1OdUwF-0003fv-KK; Mon, 26 Jul 2010 22:10:19 +0100
Date: Mon, 26 Jul 2010 22:10:19 +0100
From: Jamie Lokier <jamie@shareable.org>
To: Roberto Peon <fenix@google.com>
Message-ID: <20100726211019.GA23142@shareable.org>
References: <4BCC0A07.9030003@gmx.de> <Pine.LNX.4.64.1004190753510.23507@ps20323.dreamhostps.com> <4BCC111C.90707@gmx.de> <Pine.LNX.4.64.1004190837570.23507@ps20323.dreamhostps.com> <4BCC204D.30004@gmx.de> <z2gad99d8ce1004190822ne4dd36b6v54d63efcc448e840@mail.gmail.com> <Pine.LNX.4.64.1007202204270.7242@ps20323.dreamhostps.com> <AANLkTimzWAkxG18mgfY_IUtKdsvgv4XLnzKVfsE1aC99@mail.gmail.com> <20100721005038.GA27243@shareable.org> <AANLkTinHpqMzGY--+KSpL_q0tw7hVxP8p1fL0MAd6XiF@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AANLkTinHpqMzGY--+KSpL_q0tw7hVxP8p1fL0MAd6XiF@mail.gmail.com>
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] Extensibility mechanisms?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2010 21:10:01 -0000

Roberto Peon wrote:
> 
>    I have some experience with dealing with broken HTTP client
>    implementations in nearly-impossible-to-update devices such as
>    televisions, phones, etc.
> 
>    We're starting from scratch, so hopefully we won't have the confusion
>    of poor implementations that HTTP does, but I'd end up really sad if I
>    had to make my server not use advanced features of a *new* protocol
>    because some clients identify their capabilities wrongly

Unfortunately that kind of breakage is inevitable at some point, if
the protocol is widely adopted with many implementations.

Which is why we should approach any identification and negotiation in
such a way that there's a way out of that trap when it happens.

There are several approaches, and we can learn from what happened with
HTTP what methods actually work.

One way is to encourage widespread use of "user-agent" style strings
which are not meant for negotiation and mostly not used for it (and
therefore there is little incentive to lie in them), but can be used
as an emergency "I don't trust this implementation" get out clause.

When those are used and not abused, they work quite well to deal with
occasionally buggy implementations.  It is important that version
numbers are included.

That said, we see from HTTP that only works if there are other ways to
recognise what people actually want to recognise at the other end so
there is no incentive to parse the user-agent all the time, and no
incentive therefore to lie in it.  HTTP user-agent is now weaker at
this because it seems to have become the de facto way of recognising
characteristics of the device, such as whether it's a mobile and what
type, so there's an incentive to lie.

If a severe WebSocket fault occurs with a widespread, non-updatable
television with a client _or_ server (yes[*]), and it does not display
any identifiable characteristic (not least because the standard
discourages it :-/), the remaining solution to that is to invent a new
capability whose sole purpose is to mean the same as the old one, but
is not used in that widespread, faulty equipment.

Then at least your server can use the advanced feature with newer and
upgradable client implementations, and vice versa.

-- Jamie

[*] Coincidentally as we speak I am developing a server which runs in
a TV and uses comet-style streamed HTTP to both local and remote
(tunnelled) browsers, and may use WebSocket if it proves usable.
Since it's an embedded implementation in C you can bet it probably
will suffer from the issues discussed. :-)

v2.23.0 | Report a Bug | By Email