Re: [quicwg/base-drafts] Define terms for application actions (#2857)

Martin Thomson <notifications@github.com> Fri, 28 June 2019 00:31 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C3F120169 for <quic-issues@ietfa.amsl.com>; Thu, 27 Jun 2019 17:31:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Level:
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UVli_rYUAWG8 for <quic-issues@ietfa.amsl.com>; Thu, 27 Jun 2019 17:31:37 -0700 (PDT)
Received: from out-2.smtp.github.com (out-2.smtp.github.com [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC65F120176 for <quic-issues@ietf.org>; Thu, 27 Jun 2019 17:31:36 -0700 (PDT)
Date: Thu, 27 Jun 2019 17:31:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1561681895; bh=gM/XaLA+TnQSN+hRlqAp+Uu3O5eF1iFYjtNV8bFQxRg=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=bnoH0bvdqGmfM0A+FU//3+Lzg9rGv7XM8kvApG1JhVh6MJ4WGWhzBkr36h+j4tgLg P3cGPlVlnxD8sY6EFKHj/TWfndE3J7AmFEojTV6bt/BRAX3mXz7cBZRaCNix8D/VpK ONCtsRSP8dUrxwrP/6y4J73xuYRxCY43llrl3O2c=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK2LCFBZOH3YLRP7GZ53EKJGPEVBNHHBXBSRPY@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2857/review/255536084@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2857@github.com>
References: <quicwg/base-drafts/pull/2857@github.com>
Subject: Re: [quicwg/base-drafts] Define terms for application actions (#2857)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d155fe76cf07_56ed3fe4362cd968318558"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/SMfQp3uTR_ar7olzJA1B3pvS4Q0>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jun 2019 00:31:40 -0000

martinthomson commented on this pull request.

Thanks for doing this Mike, I have quite a few comments.

> @@ -452,12 +452,12 @@ HTTP_INCOMPLETE_REQUEST.
 
 A server can send a complete response prior to the client sending an entire
 request if the response does not depend on any portion of the request that has
-not been sent and received. When this is true, a server MAY request that the
-client abort transmission of a request without error by triggering a QUIC
-STOP_SENDING frame with error code HTTP_EARLY_RESPONSE, sending a complete
-response, and cleanly closing its stream. Clients MUST NOT discard complete
-responses as a result of having their request terminated abruptly, though
-clients can always discard responses at their discretion for other reasons.
+not been sent and received. When this is true, a server MAY abort reading the
+receiving part of the request stream with error code HTTP_EARLY_RESPONSE, send a

Do you think that we can just say "abort reading the request stream" and drop the  "receiving part of" piece on the basis that "abort reading" can only apply to the receiving part?

> @@ -505,11 +505,11 @@ this limit are not guaranteed to be accepted.
 
 ### Request Cancellation and Rejection {#request-cancellation}
 
-Clients can cancel requests by aborting the stream (QUIC RESET_STREAM and/or
-STOP_SENDING frames, as appropriate) with an error code of
-HTTP_REQUEST_CANCELLED ({{http-error-codes}}).  When the client cancels a
-response, it indicates that this response is no longer of interest.
-Implementations SHOULD cancel requests by aborting both directions of a stream.
+Clients can cancel requests by abruptly terminating the sending part of the

"abruptly terminating" or just "resetting" ?

> @@ -1590,8 +1584,9 @@ the cause of a connection or stream error.
 
 ## HTTP/3 Error Codes {#http-error-codes}
 
-The following error codes are defined for use in QUIC RESET_STREAM frames,
-STOP_SENDING frames, and CONNECTION_CLOSE frames when using HTTP/3.
+The following error codes are defined for use when abruptly terminating the
+sending part of streams, aborting reading of the receiving part of streams, or

As above regarding reference to "parts".

> @@ -1718,8 +1713,8 @@ extension is disabled if the setting is omitted.
 The security considerations of HTTP/3 should be comparable to those of HTTP/2
 with TLS.  Note that where HTTP/2 employs PADDING frames and Padding fields in
 other frames to make a connection more resistant to traffic analysis, HTTP/3 can
-rely on QUIC PADDING frames or employ the reserved frame and stream types
-discussed in {{frame-grease}} and {{stream-grease}}.
+either rely on transport-layer padding or employ the reserved frame and stream
+types discussed in {{frame-grease}} and {{stream-grease}}.

Aside: we should probably have a conversation about the trade-offs with padding.  Transport-layer padding is in some ways superior, like in how it can be granular to a single byte, which reserved streams and frames cannot do.  But PADDING frames at the transport aren't retransmitted when lost, which could lead to some interesting attacks if packets can be suppressed by an attacker.  If retransmissions aren't padded, boom.

> @@ -345,6 +345,31 @@ the relative priority of streams.  When deciding which streams to dedicate
 resources to, the implementation SHOULD use the information provided by the
 application.
 
+## Required Operations on Streams
+
+There are certain operations which an application MUST be able to perform when
+interacting with QUIC streams.  This document does not specify an API, but
+any implementation of this version of QUIC MUST expose the ability to perform
+the operations described in this section on a QUIC stream.
+
+On the sending part of a stream:
+
+- Attempt to write data, understanding when stream flow control credit

List construction here implies continuation of a sentence, but the capital letter doesn't fit and there is no joiner.

I think that you want:

> On the sending part of a stream, application protocols need to be able to:
> * write data, understanding when .... ({{frame-stop-sending}});
> * end the stream, ....; and
> * reset the stream ... was already ended.


> @@ -345,6 +345,31 @@ the relative priority of streams.  When deciding which streams to dedicate
 resources to, the implementation SHOULD use the information provided by the
 application.
 
+## Required Operations on Streams
+
+There are certain operations which an application MUST be able to perform when
+interacting with QUIC streams.  This document does not specify an API, but
+any implementation of this version of QUIC MUST expose the ability to perform
+the operations described in this section on a QUIC stream.
+
+On the sending part of a stream:
+
+- Attempt to write data, understanding when stream flow control credit
+  ({{data-flow-control}}) has successfully been reserved to send the written
+  data or possibly discovering that the stream has been closed because the peer

I think that you might remove this "possibly discovering" clause.  Then add a new separate paragraph after the lists that says that application protocols will want to be informed about stream state changes and events, including when data is available, when the stream ends, is reset, or reading has been aborted by a peer, and when new streams are created by a peer.

As a general rule, I don't like having sections end on a list, so that would help with my little compulsion too.

> @@ -1101,6 +1126,38 @@ suggested structure:
 -->
 
 
+## Required Operations on Connections
+
+There are certain operations which an application MUST be able to perform when
+interacting with the QUIC transport.  This document does not specify an API, but
+any implementation of this version of QUIC MUST expose the ability to perform
+the operations described in this section on a QUIC connection.
+
+When implementing the client role:

Same list construction comment as above.

> @@ -1101,6 +1126,38 @@ suggested structure:
 -->
 
 
+## Required Operations on Connections
+
+There are certain operations which an application MUST be able to perform when
+interacting with the QUIC transport.  This document does not specify an API, but
+any implementation of this version of QUIC MUST expose the ability to perform
+the operations described in this section on a QUIC connection.
+
+When implementing the client role:
+
+- Open a connection, which begins the exchange described in {{handshake}}

Add: to enable 0-RTT, and to be informed when 0-RTT has been either accepted or rejected by a server.

> +interacting with the QUIC transport.  This document does not specify an API, but
+any implementation of this version of QUIC MUST expose the ability to perform
+the operations described in this section on a QUIC connection.
+
+When implementing the client role:
+
+- Open a connection, which begins the exchange described in {{handshake}}
+
+When implementing the server role:
+
+- Listen for incoming connections, which prepares for the exchange described in
+  {{handshake}}
+- If Early Data is supported, embed application-controlled data in the TLS
+  resumption ticket sent to the client
+- If Early Data is supported, retrieve application-controlled data from the
+  client's resumption ticket and approve/veto accepting Early Data

and enable rejection of 0-RTT based on that information

I don't like "veto" much here.  And we don't need to have an active acceptance involved.

> +
+- Open a connection, which begins the exchange described in {{handshake}}
+
+When implementing the server role:
+
+- Listen for incoming connections, which prepares for the exchange described in
+  {{handshake}}
+- If Early Data is supported, embed application-controlled data in the TLS
+  resumption ticket sent to the client
+- If Early Data is supported, retrieve application-controlled data from the
+  client's resumption ticket and approve/veto accepting Early Data
+
+In either role:
+
+- Configure minimum values for the initial number of permitted streams of each
+  type, as communicated in the transport parameters ({{transport-parameters}})

I think that there is a more general point, which basically means controlling resource allocation of all types, including streams and flow control.

The point you are looking at here - setting a minimum on the number of streams - is something HTTP needs, so I would add rather than replace.

> +
+- Listen for incoming connections, which prepares for the exchange described in
+  {{handshake}}
+- If Early Data is supported, embed application-controlled data in the TLS
+  resumption ticket sent to the client
+- If Early Data is supported, retrieve application-controlled data from the
+  client's resumption ticket and approve/veto accepting Early Data
+
+In either role:
+
+- Configure minimum values for the initial number of permitted streams of each
+  type, as communicated in the transport parameters ({{transport-parameters}})
+- Keep a connection from silently closing, either by generating PING frames
+  ({{frame-ping}}) or by requesting that the transport send additional frames
+  before the idle timeout expires ({{idle-timeout}})
+- Cease issuing credit for new streams via MAX_STREAMS frames

See the above point about controlling resource allocation.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2857#pullrequestreview-255536084