Date: Wed, 18 Oct 2017 02:19:00 +0800
User-Agent: K-9 Mail for Android
In-Reply-To: <CAOdDvNrKDEhbFzdMfOwZOBr8pTSJiMqmYs0VDPpSsQr_TUhQig@mail.gmail.com>
References: <150807649389.12130.9191022211105955718.idtracker@ietfa.amsl.com>
 <f4bb6b5c-b12e-dc59-6faa-15588b692574@warmcat.com>
 <CABkgnnUfDwYmxi72f-x=z=iwf4+3L_rcLqufJRYvEMpP=Fb3MA@mail.gmail.com>
 <a4229e61-fb04-30b1-f2c7-a862645d0059@warmcat.com>
 <CABkgnnX0uXm1mDHL+dy6Z+mCZdofkEshd5jy-a0jV-Hsp88yQA@mail.gmail.com>
 <3dd5002d-49ca-4af5-1b38-f1dbe530b98e@warmcat.com>
 <CABkgnnWfTcGyUDBfSs1S+M4xaeELZKXa=9JP79kKKvsSjL_ouA@mail.gmail.com>
 <dda4b424-b2e3-7096-c2ce-f61e54df2384@warmcat.com>
 <CABkgnnVeXGzw2HjxkUWW8O_EOjhe6j3p1yqJUuezvMnBtHxtLQ@mail.gmail.com>
 <e971cda1-f022-50a6-0e3b-d1a264d6f358@warmcat.com>
 <CAOdDvNrZf-19CmPnZFma_H+iajVgXkUjFiPH0jX3MAVVKju5hg@mail.gmail.com>
 <MWHPR21MB0141A705D0182DA51B934280874F0@MWHPR21MB0141.namprd21.prod.outlook.com>
 <CAOdDvNpCGnZcAUaVaVq7eOLkvQFMbd5qf5BAX30nR8iU9=696A@mail.gmail.com>
 <1B8ED5DE-6147-4463-AA8C-561B6E03C1F0@greenbytes.de>
 <CAOdDvNrKDEhbFzdMfOwZOBr8pTSJiMqmYs0VDPpSsQr_TUhQig@mail.gmail.com>
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable
To: Patrick McManus <pmcmanus@mozilla.com>,
 Stefan Eissing <stefan.eissing@greenbytes.de>
CC: Mike Bishop <Michael.Bishop@microsoft.com>,
 Martin Thomson <martin.thomson@gmail.com>, hybi <hybi@ietf.org>,
 Cory Benfield <cory@lukasa.co.uk>, McManus Patrick <mcmanus@ducksong.com>,
 HTTP Working Group <ietf-http-wg@w3.org>
From: Andy Green <andy@warmcat.com>
Message-ID: <EE07245F-1239-43D0-9F96-9F16442508E9@warmcat.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/hybi/BoYUntP6gOMMzeTQ2XYK2aK9A28>
Subject: Re: [hybi] New Version Notification for
 draft-mcmanus-httpbis-h2-websockets-00.txt
Precedence: list



On October 17, 2017 10:34:16 PM GMT+08:00, Patrick McManus <pmcmanus@mozil=
la=2Ecom> wrote:
>Clearly substituting the h1 exchange out in favor of a new websockets
>specific exchange that contained sub-protocol and version tokens would
>look
>better on paper=2E=2E=2E I actually thought diverging from 6455 would mak=
e
>people
>LESS likely to implement=2E Maybe I'm wrong=2E
>
>So let's poll - please speak up if you have a ws impl (either client or
>server):
>
>If the spec added a new websockets specific parameter negotiation and
>removed the H1 syntax it would make me
> a] MORE likely to implement
> b] LESS likely to implement
> c] wouldn't change my behavior but I like it more
>d] wouldn't change my behavior but it would be more painful (or like it
>less)
> e] really don't care at all=2E

c) =2E=2E=2E as discussed before only three persistant things come from th=
e ws dance, agreement on both sides the stream is in an upgraded state, and=
 the server telling which protocol and any extensions + extension options a=
pply=2E

For the case where the peer is actually h1 ws hitching a ride on h2, the e=
xtra RFC6455-only h1 header bits like Sec key hashes can be synthesized at =
the boundary where the h1 stuff interfaces to the h2 stream, since they don=
't feature in the state after upgrade establishment and an h2 server doesn'=
t need to see them at all=2E

For the case the peer is natively h2 - surely it will become the common ca=
se when this arrives in today's h2-preferring web browsers - doing a simple=
r upgrade in native h2 is easier to implement, just don't do any of the old=
 Sec-key stuff at all=2E

-Andy

>On Tue, Oct 17, 2017 at 4:58 AM, Stefan Eissing <
>stefan=2Eeissing@greenbytes=2Ede> wrote:
>
>>
>>
>> > Am 16=2E10=2E2017 um 23:31 schrieb Patrick McManus
><pmcmanus@mozilla=2Ecom>:
>> >
>> > On Mon, Oct 16, 2017 at 1:13 PM, Mike Bishop <
>> Michael=2EBishop@microsoft=2Ecom> wrote:
>> [=2E=2E=2E]
>> >
>> > I hear what you're saying=2E=2E but I think you're going a touch too
>far=2E
>> websocket means 6455 which has all that h1 stuff as part of its
>> configuration=2E=2E I think it would be totally fair to say such a serv=
er
>could
>> have a more constrained parser that failed any non-ws compliant
>handshake
>> even if it were valid h1=2E Mostly I think it becomes an insanely ugly
>what
>> to do websocket parameter exchange=2E
>> >
>> > I think of origin info (scheme and authority) more as keys to route
>the
>> CONNECT request=2E=2E it's :protocol that defines what to do in the
>tunnel=2E I
>> admit I did consider calling it :alpn (which has a similar kind of
>> property=2E=2E its a route of sorts but it doesn't bear the SETTINGS or
>magic
>> of h2)
>>
>> Me stupid=2E Me asking, why not :upgrade?
>>
>> ht;dr (have time, do read)
>>
>> As proposed, the CONNNECT seems to say: let's talk HTTP/1=2E1 on this
>stream
>> from now on, afaict=2E
>>
>> From a server implementation pov that opens a larger can of worms=2E It
>> would mean warming up the HTTP/1=2E1 engine for the DATA on this
>stream=2E That
>> needs some extra care so that it does only safe things inside a h2
>stream=2E
>> On first glance, it seems to be easier and safer to do the stream
>:upgrade
>> inside the h2 protocol handling itself=2E
>>
>> Just my initial gut reaction=2E=2E=2E
>>
>> -Stefan
>>
>> > You have kind of let the cat out of the bag at just doing an h1
>connect=2E
>> That's actually possible with the draft (or at least envisioned) as I
>> defined :protocol separate from the websocket specific stuff=2E=2E=2E b=
ut I
>kinda
>> hope to never speak of it again :)
>> >
>> > This is a tough one - its definitely going for simplicity as its
>main
>> goal=2E=2E that means ignoring many places that can be improved=2E That=
's a
>> choice based on
>> >  a] the history of other efforts seem to suggest there is no
>stomach for
>> complexity/risk here
>> >  b] we hear about this problem enough that I think its worth seeing
>if
>> this can be m ade a consensus mvp
>> >  c] my belief that websockets is a transitional technology - it
>will be
>> around for years but some kind of native http will supplant it=2E
>> >
>> > ymmv (more than usual on this one!)
>> >
>> > -P
>> >
>> >
>> >
>> >
>> > Given that you=E2=80=99re doing the full Upgrade-to-WebSockets dance =
inside
>the
>> tunneled connection, why don=E2=80=99t you just say that you=E2=80=99re=
 CONNECTing to
>an
>> HTTP/1=2E1 tunnel?  That=E2=80=99s then treated as HTTP/1=2E1 over TCP,=
 which is
>fully
>> allowed to do Upgrade itself=2E  If you=E2=80=99re sure that=E2=80=99s =
the path you
>want,
>> then simply say in the HTTP/2 layer that you=E2=80=99re doing HTTP/1=2E=
1 inside
>the
>> stream=2E  Incidentally, that might be a nice alternative for dealing
>with
>> HTTP_1_1_REQUIRED responses, too!
>> >
>> >
>> >
>> > From: Patrick McManus [mailto:pmcmanus@mozilla=2Ecom]
>> > Sent: Monday, October 16, 2017 5:16 AM
>> > To: Andy Green <andy@warmcat=2Ecom>
>> > Cc: Martin Thomson <martin=2Ethomson@gmail=2Ecom>; Patrick McManus <
>> pmcmanus@mozilla=2Ecom>; hybi <hybi@ietf=2Eorg>; Cory Benfield <
>> cory@lukasa=2Eco=2Euk>; Patrick McManus <mcmanus@ducksong=2Ecom>; HTTP
>Working
>> Group <ietf-http-wg@w3=2Eorg>
>> > Subject: Re: [hybi] New Version Notification for
>> draft-mcmanus-httpbis-h2-websockets-00=2Etxt
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > On Mon, Oct 16, 2017 at 12:44 AM, Andy Green <andy@warmcat=2Ecom>
>wrote:
>> >
>> >
>> > You can probably pipeline the CONNECT + ws handshake though,
>Patrick
>> shows them sequentially and I didn't think about it myself=2E
>> >
>> >
>> >
>> > right=2E The example is just for clarity and cannot show all
>expressions
>> of h2 flows=2E
>> >
>> >
>> >
>> > CONNECT + DATA before the response headers is pretty much the h2
>analog
>> of TCP Fast Open=2E The devil is in the details=2E=2E That's a general
>CONNECT +
>> DATA issue not limited to the protocol upgrade described here so I
>don't
>> think its worth discussion in a websockets rfc=2E
>> >
>> >
>> >
>> > I think the path to success here hinges on a very tight scoping of
>work
>> and therefore optimizing handshake latency is a non-goal of this
>effort=2E
>> >
>> >
>> >
>> >
>> >
>> > Still only two round trips=2E
>> >
>> >
>> >  - SETTINGS                      - SETTINGS
>> >  - GET /index=2Ehtml
>> >                  - 200 HEADERS + DATA
>> >
>> >  - :method CONNECT
>> >  - DATA ws handshake
>> >                   - 200 HEADERS
>> >                   - DATA ws handshake final
>> >                   - DATA=2E=2E=2E
>> >
>> >  - DATA =2E=2E=2E             - DATA=2E=2E=2E
>> >
>> > With the part of the pipelining that is legal for ws, two round
>trips
>> before the client can start to send data and 1=2E5 before the server
>can send
>> data=2E=2E=2E if it's true then you're right it's not so bad=2E
>> >
>> > Were you concerned that the client needs to learn that the server
>> > supports websockets and not just :protocol?
>> >
>> >
>> > No I just followed Patrick's sequencing; he shows them serialized=2E=
=20
>But
>> you're right at least the CONNECT + ws handshake can probably be
>pipelined=2E
>> >
>> > That's also going to be a variation from normal h2 HEADERS flow if
>I
>> understood it, on one stream there will be END_HEADERs coming twice
>(for
>> the CONNECT and the ws handshake separately)
>> >
>> > Anyway you are right, it makes any difference with PUSH_PROMISE
>probably
>> not worth the effort=2E
>> >
>> > -Andy
>> >
>> >
>> >
>> >
>>
>>