IETF Logo Mail Archive

RE: Rationalise HTTP_WRONG_STREAM and HTTP_UNEXPECTED_FRAME

Mike Bishop <mbishop@evequefou.be> Thu, 08 August 2019 19:15 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 137AC120192 for <quic@ietfa.amsl.com>; Thu, 8 Aug 2019 12:15:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3xL2QWG4Eknr for <quic@ietfa.amsl.com>; Thu, 8 Aug 2019 12:15:54 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-eopbgr810118.outbound.protection.outlook.com [40.107.81.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F84812018E for <quic@ietf.org>; Thu, 8 Aug 2019 12:15:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Tl+OMs2adgSaUSC2WzWSmbtOfCQl1E3V637x1o3K4g7FFmiWRJa1TG2ee7Jt0NxUM6fqhTjgJllfsOlGnV5rqrqEnlS+v5NA3nJ7pOUTUdiSvj7KKw9eTo0GgqgzgJmpzdoK4GJGP35+rEg1Q4k5DQ3ngP2PjKvL6mSAh5lH9dD7nw7mc3obFsGC7qGg0VTwffvqYmZLRHAlzgU4bVxhqVLK/iv39Ibdb+yYf3w3vy+r/K1dPfIapzvLW+3TfNvPzpeMiJT+p7/FhtAYBmZ7PDI8SnSLiBDHErAx7r8Z29q6QBUTSh9+FNQ7vyNLytXaOxwkk3Wg/EJV6IXyKQ9c6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DO1V5MXO0qha0pmsmrJ7UrxIaGtTA8xCoFYuH1eUOvU=; b=aBqH578sI9G3HjqJukDz615hZZMnDWKQL7chdeJYYn97/VMZlXhmR6uSyDAmzLg5/7LPqiaf8xiZnr97xay1K2IlMepnJsBmyPE3CDhLn8onWR4U0jnGBPcKtCE0tgPQiETBRfL2rj0uPL116iiY801wTTqI5IhAJAXJKf9zgG34w6+Yphgs3v7+vlqiEtxkzQbFwfyYReof0Ud+CEOs6CG5D4VL2i4jT35ibgMw+ywCUayU8YAViCBnFkrZ4fjRTW3nGsyqJUpdilreCU03pVwzKnMVZA5euRP5x+a7mdCObr1DQpJOLSUCdWZ6rlvsyHboXqaAiDITj0rXaANmPg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DO1V5MXO0qha0pmsmrJ7UrxIaGtTA8xCoFYuH1eUOvU=; b=doAIwOnN61q3ujHVevIZdwjHS+N3op3pTH0CawSUW8PfowbFgwwIVwrrB0ur71xgeWvNSMxvdh2DjmobthVzzxTfpYNlxpJqZ9zf5mF8MAdB7NVOxNFZslcss2Tfi3BVs6dUD80fSg5L8ryDnz5DRHYLFtTr+xeqc2s7xmQbo+I=
Received: from CY4PR22MB0983.namprd22.prod.outlook.com (10.171.164.151) by CY4PR22MB0792.namprd22.prod.outlook.com (10.171.170.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2157.18; Thu, 8 Aug 2019 19:15:52 +0000
Received: from CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::4190:c9d6:bf3f:2432]) by CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::4190:c9d6:bf3f:2432%4]) with mapi id 15.20.2157.015; Thu, 8 Aug 2019 19:15:52 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Martin Thomson <mt@lowentropy.net>, "quic@ietf.org" <quic@ietf.org>
Subject: RE: Rationalise HTTP_WRONG_STREAM and HTTP_UNEXPECTED_FRAME
Thread-Topic: Rationalise HTTP_WRONG_STREAM and HTTP_UNEXPECTED_FRAME
Thread-Index: AQHVTLOC2OqR449G9kmbKW6d1/yIBKbu1LKAgALMmwA=
Date: Thu, 08 Aug 2019 19:15:52 +0000
Message-ID: <CY4PR22MB098352FA3BDA1AAF6918BA75DAD70@CY4PR22MB0983.namprd22.prod.outlook.com>
References: <CALGR9ob7=MzO5qt987dpBAxBqnsMRvkrgYz7svktKsMNNhjAdw@mail.gmail.com> <608f1832-2ac3-4459-875e-bdc9a86ad8b8@www.fastmail.com>
In-Reply-To: <608f1832-2ac3-4459-875e-bdc9a86ad8b8@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2600:2b00:9323:fe01:b9d1:269e:154e:50a9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f2013293-972e-40ab-3c7e-08d71c34d4a1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:CY4PR22MB0792;
x-ms-traffictypediagnostic: CY4PR22MB0792:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <CY4PR22MB07927705D463A0A5F2334B9EDAD70@CY4PR22MB0792.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 012349AD1C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(39830400003)(396003)(136003)(366004)(13464003)(189003)(199004)(33656002)(99286004)(186003)(81166006)(66556008)(66476007)(76116006)(66946007)(110136005)(64756008)(6246003)(790700001)(53936002)(508600001)(25786009)(6436002)(229853002)(71190400001)(6116002)(9686003)(256004)(54896002)(6306002)(8936002)(14444005)(66446008)(2906002)(81156014)(8676002)(55016002)(74316002)(71200400001)(7736002)(316002)(14454004)(446003)(11346002)(486006)(476003)(2501003)(46003)(86362001)(102836004)(6506007)(53546011)(76176011)(7696005)(5660300002)(52536014); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR22MB0792; H:CY4PR22MB0983.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 8xzgtweHeKNHgqhOccnQG9tnALRIaY14moh4zj3fewG2i93CsAhGqj/e/u6PLRKIb3Ej13nMKNUtLk1J0CSSGR5vCjUyyuBCoOkUUIeJNYuniEisHPEtfhAedJn8Le1FtVARxo/XuulqaCS148WMTbVgNx+zUrT5F2KXjTJEYZs+wZP3aFsEloC41twN1jgH/vg+8NxZXn1pFF0q1NPwYfkAgV+3AQL7F8H3nr7ZZ1qoO2y6JD+yJk3OY3L55xUCPIzS7aTSCwhkbAyA2MCW2fATP4WqPnYoZ5rx1m8XLmGkCN1sFIoWo64epRq5xQLvxX1JPib4VptfIwlPfsk2uqFWbrLLxfOTlMDaL1ZmwsbPavfjOanhoeQnW6A5YcFJY4md3mZYfO34/oL6gAul9Bel14p5e6GAsNuUP9zOfKA=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CY4PR22MB098352FA3BDA1AAF6918BA75DAD70CY4PR22MB0983namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: f2013293-972e-40ab-3c7e-08d71c34d4a1
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Aug 2019 19:15:52.5019 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yjwPk66LV2sgSvxq+5JCobxMhnZsYe2T5KdJEedPEyyzYariFak66xqxyPlxV1OhI4agu1AuQu3G3yzUjKDtbA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR22MB0792
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/zTaY7lrKP1WPdEKYrNF_LMh0U4k>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 19:15:58 -0000

As Lucas said, if you have a separate parser by stream type and the frames defined for other streams simply aren't handled, that would violate the MUST-error requirements we currently have.  You would fail a compliance test.



I see a couple separable questions that we need to answer to move forward here:

  *   Should this even be possible?  QUIC has established a pattern of making it impossible to send invalid values.  An H3 incarnation of that pattern would be to split the frame type spaces so there's no such thing as WRONG_STREAM, just unknown frame types.  Should WRONG_STREAM be possible to express?
  *   If so, is this error easily detectable?  We've established a principle that easily detected protocol violations will be required to generate an error.  The current text reflects this principle, since known frame types and their valid streams are easily detectable.
     *   If the pattern Martin suggests might be common, and therefore this error isn't "easily detected," these would become SHOULD-error instead.
  *   Only then, the original question, is there value in having separate error codes?



I find the separate frame type registries slightly attractive, but unless we cross-reserve values (which defeats the point), we'd be breaking the last vestiges of HTTP/2 resemblance.  It's also a pretty fundamental change for a protocol on the edge of late-stage process.  I don't think I'd want to bite that off unless the working group as a whole feels strongly that it's an improvement, and I'm not seeing that so far.



I tend to think that misuse of known frame types is easily detectable and therefore Martin's hypothetical implementation is simply wrong.  However, the value in the distinction between the two seems minimal.  I'd vote for merging.



-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Martin Thomson
Sent: Tuesday, August 6, 2019 8:29 PM
To: quic@ietf.org
Subject: Re: Rationalise HTTP_WRONG_STREAM and HTTP_UNEXPECTED_FRAME



On Wed, Aug 7, 2019, at 10:03, Lucas Pardue wrote:

> As part of the HTTP error analysis and feedback, in June I created

> issue #2809 "Rationalise HTTP_WRONG_STREAM and HTTP_UNEXPECTED_FRAME"

> [1].



The notion of a signal for "I got a frame that I understood, but it was in the wrong place" is fine.  Good even.  But I don't see a need to have two such signals.  So I'm in favour of collapsing the two.  I don't understand the distinction between these signals as it stands anyway.



However, I'm also concerned that this is going to get wrapped up in the usual compliance test mess.  If I hook up different parsers on different streams and my request stream parser doesn't know about SETTINGS at all, so ignores it when it suddenly appears on a request stream, is the test case going to fail when I don't generate HTTP_FRAME_IN_THE_WRONG_PLACE?

v2.23.0 | Report a Bug | By Email