Re: [Webpush] Early TSV-ART review of draft-ietf-webpush-protocol-09
Brian Raymor <Brian.Raymor@microsoft.com> Tue, 04 October 2016 02:33 UTC
Return-Path: <Brian.Raymor@microsoft.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 3E1A6129579;
Mon, 3 Oct 2016 19:33:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.022
X-Spam-Level:
X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001,
RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01,
SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Gx0Ntkw-TB6l; Mon, 3 Oct 2016 19:33:15 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com
(mail-co1nam03on0139.outbound.protection.outlook.com [104.47.40.139])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 8302B1295AC;
Mon, 3 Oct 2016 19:33:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
bh=xsUkgcal8vN+OgtHwQDzNZSoOkHKTVp0BjZfLkbUcNg=;
b=GkjiE/4MRBusk57RkqqII7aF0P1W2fpi9wTsrKH5Q/Ozvktuc2jFKpf1ts6I/oCwgvFQ8Mu6IW9T5xjkdhtppRUi/y8ZNPxgxo0BzmQaqxnnJNOIjQz0W0E6Jp9sWdxh9NmZFCraDI8Uemu0is1xb0GIOPjROSxvOVIlCCoF6UI=
Received: from CY1PR03MB2380.namprd03.prod.outlook.com (10.167.8.6) by
CY1PR03MB2380.namprd03.prod.outlook.com (10.167.8.6) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
15.1.639.5; Tue, 4 Oct 2016 02:33:14 +0000
Received: from CY1PR03MB2380.namprd03.prod.outlook.com ([10.167.8.6]) by
CY1PR03MB2380.namprd03.prod.outlook.com ([10.167.8.6]) with mapi id
15.01.0639.015; Tue, 4 Oct 2016 02:33:13 +0000
From: Brian Raymor <Brian.Raymor@microsoft.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, "tsv-art@ietf.org"
<tsv-art@ietf.org>, "draft-ietf-webpush-protocol@ietf.org"
<draft-ietf-webpush-protocol@ietf.org>, "webpush@ietf.org"
<webpush@ietf.org>, "webpush-ads@ietf.org" <webpush-ads@ietf.org>
Thread-Topic: Early TSV-ART review of draft-ietf-webpush-protocol-09
Thread-Index: AQHSGKne4rZHBz7KIU6jZUnx6IKSHaCXcP9w
Date: Tue, 4 Oct 2016 02:33:13 +0000
Message-ID: <CY1PR03MB23800B9F4C7BEF6137E5EEA483C50@CY1PR03MB2380.namprd03.prod.outlook.com>
References: <1f645188-2344-ebf3-1228-3735bcf81338@ericsson.com>
In-Reply-To: <1f645188-2344-ebf3-1228-3735bcf81338@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is )
smtp.mailfrom=Brian.Raymor@microsoft.com;
x-originating-ip: [174.61.159.182]
x-ms-office365-filtering-correlation-id: 99a905da-651f-4cc2-2c96-08d3ebfeca71
x-microsoft-exchange-diagnostics: 1; CY1PR03MB2380;
6:EnBoUNJnNf15yjQpxxhaTk0+QHPdchO18F1znAMaLOOELMdllM/AVVKbc6qnJZmDo0FNexbmKyeJP7izsARMpX+yhqaD0xAjPxmvL9gXA2XDMeXkCxZDgUz1EToujUGCfeRZ0sorYSPQfO5RDFWhx6wZ4zFxgwek/7bAMZJpDDrojBCDnDgXjWusknrBqDJRfZ8PlpUu8Ek91u0GAgaAaFAPxXB+bwTC/yuiKSnvZFLECwfrZMaCg6U5psNXh0uNS03OP65Rpnymy2+jkM1vKV00xqdcAmMT/poRvmB2s2ImEr/eW7VSZ6LK19tkWD8dyj4JU5PTzLsD1M99e7mIQQ==;
5:xjnzXBcaBZwLmsCLQwlBgqOUbYaFhWDuAIYfWXvu5Pi5UT9z+lJ34RYHv0a68LBcwASteE1fTRkjbpF4KfRe/URKYmx++0IANFPhzA+Cf5LHBTBy/mGLJNnFd3ozBFOBenjHXjsUfGV7vUvydCttew==;
24:icuw+543/6BGl4VFgkCWXMf9GQZzMWv/PVPps0MA0cA9c0SWlAekTH+ITwMHTBBF08HCv7CMYcyhMl1XopOcEtXb6vcT/jh8xOK5P/GZeDw=;
7:XdJkwp0Y1J5uIBRk5Lx7TLwoz17ehrKrkTvz3cne2hZe3cHvjGplI2gQU1wRNcL/rjojR9l+L/3R4wJtK0nXkvqfp6a6+JG4jNOVP54u59OcabgAAlYnYerwJOHC0372jle5gstT7wtCmM7FYr15pacuigXnLqq7HmEcwnYX+ROuTZAChDx1bBKOH2nnvMHowiCe15rDujsBz5oIVUrJ/GrdlIiT04muzXdFhtnm0oO7+f25QDZctnL/wQWDMnFw5MFHITQY6If3db7Yhp1okiU6oIAljk6PD3OteVinVg/Ywf7714dbOEFX5R1mLJyq
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR03MB2380;
x-microsoft-antispam-prvs: <CY1PR03MB2380A3CFC5B4C38DD80A215183C50@CY1PR03MB2380.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(37575265505322)(158342451672863)(72170088055959);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
RULEID:(61425038)(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(61426038)(61427038);
SRVR:CY1PR03MB2380; BCL:0; PCL:0; RULEID:; SRVR:CY1PR03MB2380;
x-forefront-prvs: 00851CA28B
x-forefront-antispam-report: SFV:NSPM;
SFS:(10019020)(6009001)(7916002)(189002)(51914003)(24454002)(51444003)(199003)(377454003)(68736007)(6116002)(50986999)(54356999)(8936002)(77096005)(5005710100001)(106116001)(7846002)(10090500001)(92566002)(76176999)(107886002)(2950100002)(10400500002)(2900100001)(8990500004)(9686002)(66066001)(10290500002)(189998001)(5002640100001)(76576001)(2501003)(97736004)(15975445007)(102836003)(2906002)(5001770100001)(3846002)(74316002)(122556002)(87936001)(8676002)(7696004)(86362001)(19580395003)(33656002)(3660700001)(106356001)(105586002)(99286002)(5660300001)(3280700002)(86612001)(7736002)(81166006)(101416001)(305945005)(586003)(2201001)(81156014)(230783001)(19580405001);
DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR03MB2380;
H:CY1PR03MB2380.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords;
MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate
permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Oct 2016 02:33:13.6764 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR03MB2380
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/BEDjSx9o0F-VLAoJl6x6iWVFRrM>
Subject: Re: [Webpush] Early TSV-ART review of draft-ietf-webpush-protocol-09
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol
<webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>,
<mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>,
<mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Oct 2016 02:33:18 -0000
Magnus - Thanks for the review. I'll have a pull request available tomorrow to address most of your feedback. In the interim, I've shared a few comments and clarifications below. On September 27, 2016 3:28 AM, Magnus Westerlund <magnus.westerlund@ericsson.com> wrote: <snip> > 3. Section 7.2: > To limit the number of stored push messages, the push service MAY > either expire messages prior to their advertised Time-To-Live or > reduce their advertised Time-To-Live. > Do I understand this correctly, that theses options are push service > side actions that is not notified at that point to the application > server? Instead it will have to note that the message was early expired > if it subscribes to delivery receipts? This text should be clarified. There are two cases. First, the push service can only reduce the requested TTL in its response to a request from an application server to deliver a push message: https://tools.ietf.org/html/draft-ietf-webpush-protocol-10#section-5.2 A push service MAY retain a push message for a shorter duration than requested. It indicates this by returning a TTL header field in its response with the actual TTL. This TTL value MUST be less than or equal to the value provided by the application server. Second, if an application server subscribes to delivery receipts it will receive a 410 if the push service does not then honor that TTL: https://tools.ietf.org/html/draft-ietf-webpush-protocol-10#section-6.2 The push service MAY cease to retry delivery of the message prior to its advertised expiration due to scenarios such as an unresponsive user agent or operational constraints. If the application has requested a delivery receipt, then the push service MUST return a 410 (Gone) response to the application server monitoring the receipt subscription. If the application server does not subscribe to delivery receipts, then it's a fire-and-forget scenario. > 4. Dealing with overload situations Could webpush implementers review Magnus's questions below and consider whether there is further general guidance that can be offered based on their early experiences with the protocol? > Reviewing Section 7.1 and other parts I find the discussion of how > overload situations of various kinds are dealt with missing some cases. > So the general handling of subscriptions are covered in Section 7.1 and > with a mitigation of redirecting to another server to handle the new > subscription. > What I lack discussion of are how any form of push back are handled when > first the deliver of push service to UA link is overloaded. Is the > assumption here that as the push service can store messages the delivery > will catch up eventually, or the message expires? Your assumption in this case is basically correct. The push service could also use the acknowledgements from the user agent as an indicator of overload and reduce the rate. > How does one handle a > 0-RTT messages when one has a queue of messages to deliver, despite > having a UA to Push service connection? > The second case is how the push service server can push back on > accepting new message when it is overloaded. To me it appears that the > load on a push service can be very dynamic. Thus overload can really be > periods. Thus, what push back to application servers is intended here? > Just, do a 503 response on the request from the application server? We decided on a 429. See https://www.ietf.org/mail-archive/web/webpush/current/msg00341.html - although it's also possible for the push service to terminate a subscription. https://tools.ietf.org/html/draft-ietf-webpush-protocol-10#section-8.4 A push service MAY return a 429 (Too Many Requests) status code [RFC6585] when an application server has exceeded its rate limit for push message delivery to a push resource. The push service SHOULD also include a Retry-After header [RFC7231] to indicate how long the application server is requested to wait before it makes another request to the push resource. A push service or user agent MAY also terminate subscriptions (Section 7.3) that receive too many push messages. > I do note that RFC 7231 does not appear to have any guidance one how one > sets the Retry-After header to spread the load of the retries. This is a > known issue. And in this context with automated or external event > triggered message creations the push back mechanism needs to be robust > and reduce the issues, not make them worse. > I would recommend that some recommendations are actually included here > for handling overload from application server message submissions. > 5. Life of subscription in relation to transports > I find myself a bit perplexed of if there are any relation between the > subscription and the relation to an existing transport connection and > outstanding request, i.e. the availability to receive messages over > push. I would guess, that there are no strict need for terminating the > subscription even if there are no receiver for an extended time. Especially for mobile and/or battery powered clients, the expectation is that the user agents will be dormant for extended periods of time. > However, from an application perspective there could exists reason for > why a subscription would not be terminated as long as the UA is > connected, while any longer duration of no connections could motivate > the subscription termination. > I personally would like a bit more clarification on this, but seeing how > these issues are usually handled around HTTP, I would guess the answer, > it will be implementation specific? Still there appear to be assumptions > around this, why it wouldn't matter that much, but that is only given > that one follows these assumptions. I think that your assumption is correct. The behavior is specific to the push service. Implementers have requested the ability for a push service to terminate a subscription at will based on its internal policies. Again, I'd ask that the webpush implementers share any general guidance or observations for this case. <snip>
- [Webpush] Early TSV-ART review of draft-ietf-webp… Magnus Westerlund
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Brian Raymor
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Costin Manolache
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Brian Raymor
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Magnus Westerlund
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Alissa Cooper
- Re: [Webpush] Early TSV-ART review of draft-ietf-… Brian Raymor