IETF Logo Mail Archive

Re: [Webpush] Require the TTL header

Costin Manolache <costin@gmail.com> Sat, 06 February 2016 22:04 UTC

Return-Path: <costin@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A895B1B3439 for <webpush@ietfa.amsl.com>; Sat, 6 Feb 2016 14:04:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NlvEG498FbnD for <webpush@ietfa.amsl.com>; Sat, 6 Feb 2016 14:04:05 -0800 (PST)
Received: from mail-ob0-x230.google.com (mail-ob0-x230.google.com [IPv6:2607:f8b0:4003:c01::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68D9D1B3437 for <webpush@ietf.org>; Sat, 6 Feb 2016 14:04:05 -0800 (PST)
Received: by mail-ob0-x230.google.com with SMTP id is5so116429556obc.0 for <webpush@ietf.org>; Sat, 06 Feb 2016 14:04:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=3ncMxXWBPJTn9J+4CPVd3Qq86fewXfXXyV/TZL8bYNQ=; b=dfZNME72xOUACgRzmzpQ32vHFE5Olqo+yzOuRe1lzrlHU8b4ZxMwXo8J9JJacgt4yn Bmt9A6U5boQ3OIs48n7wNy8QjaVOtmen4e51ppxbX00brmxp++PjEg6eEceDyWQUKyIQ 22dvXeInYXBSsKnpmjnzMO20RWY5J/uTpt8mIUxhvuAAJ7ydCRdZIIQyh75+IQW38boI jvzYUIZCZ7RZ+ABu7olwBqj7JFiaKmzKHWvfnBiqGzEVwHiu3XC7Bx6+YjiFmUvbZLdy 8ysDLU0MrqcJB5EpFRV8A+6KycZu50X+AKIN2UKucbocVvQ8HzVtN5bASqLS+f9AJTS1 0qog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=3ncMxXWBPJTn9J+4CPVd3Qq86fewXfXXyV/TZL8bYNQ=; b=i2CrtT4o9nYlP5N/In3OLG8RMcY8/cA55ySYF6WhoYYlCzXfHJfp6KDkP/zSJqXjRG MJZCSEvpcrC8VqgWQj6BoLHBTcCqO6boGdCwpU9inyo1hpvvblgWAMCDcXqFgSWU2g4K VQzgtGnMJsZCkCpKH4jpzLarrqJyC32w4IuQv89Z7nroljYsVyAXxtPXPPdpRhtRvJrc pFG1tSlrhO1WU+Vr8FQoMNK/4hpSWW9K3olDyheOs4VENs1onUkULRPeQM9S09GmzYqO dLUs/yhQ5jhpDhr2UG7qDGZLp4XaxzaKoZcX02MDBtew35U93U4XRwCst27N8Ce5D/T3 H+AA==
X-Gm-Message-State: AG10YOSBccWu/VVsboI5JW0o8etA3h29jhcOzetSAcCOjUEXcEkLZfUUrXyzsWMdsyg1sHC6ywVonJFL82prhQ==
MIME-Version: 1.0
X-Received: by 10.60.47.195 with SMTP id f3mr18205494oen.1.1454796244812; Sat, 06 Feb 2016 14:04:04 -0800 (PST)
Received: by 10.76.8.74 with HTTP; Sat, 6 Feb 2016 14:04:04 -0800 (PST)
In-Reply-To: <CABp8EuLkh9VyE2+Bj8Lhi_FvXxX45hT-Tjfd4GewpVqQZ+bW7Q@mail.gmail.com>
References: <CABp8Eu+oBj8XKWbqd9ypT_mQWzMxXDe+cBR_vqk=rJ=6tM3tFA@mail.gmail.com> <BY2PR0301MB06477C93FA8937F0ABD4393383D20@BY2PR0301MB0647.namprd03.prod.outlook.com> <CABp8EuJFn+e8ParLY5+SLRVA-_8XgFgp5k8a2W2Ejir35hucxA@mail.gmail.com> <BY2PR0301MB064705934B6DE1B371E1301D83D20@BY2PR0301MB0647.namprd03.prod.outlook.com> <CABp8EuJQ_KXSs6Zz-fbhPcrnYymk14tShu4ukATX9GJ9J3PMjQ@mail.gmail.com> <CAP8-FqnzSukVkkiBv8F19NH-uTdtRM2rXuQyA1Ng52c4KczDTg@mail.gmail.com> <CABp8EuLkh9VyE2+Bj8Lhi_FvXxX45hT-Tjfd4GewpVqQZ+bW7Q@mail.gmail.com>
Date: Sat, 6 Feb 2016 14:04:04 -0800
Message-ID: <CAP8-Fqkj++qFCteM5zs4BTa=FecqDRbQrKH-_ezFcdTsAo-=_Q@mail.gmail.com>
From: Costin Manolache <costin@gmail.com>
To: Benjamin Bangert <bbangert@mozilla.com>
Content-Type: multipart/alternative; boundary=001a11c3029e648e3a052b2125fe
Archived-At: <http://mailarchive.ietf.org/arch/msg/webpush/UCQm5OiCLCNUBTZQBanLBJhbwug>
Cc: Brian Raymor <Brian.Raymor@microsoft.com>, "Martin Thomson \(martin.thomson@gmail.com\)" <martin.thomson@gmail.com>, "webpush@ietf.org" <webpush@ietf.org>
Subject: Re: [Webpush] Require the TTL header
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Feb 2016 22:04:07 -0000

On Sat, Feb 6, 2016 at 1:40 PM, Benjamin Bangert <bbangert@mozilla.com>
wrote:

> On Sat, Feb 6, 2016 at 12:47 PM, Costin Manolache <costin@gmail.com>
> wrote:
>
>> +1 on requiring ttl, and returning a Location even for TTL=0
>>
>
> I realized on more careful reading that to return a 201, a Location must
> accompany it, so our implementation was wrong in this regard.
>
> However receipt behavior is a bit tricky. The service may 'delete
>> immediately' ( which is the same with
>> not storing it in the first place ), but the delivery receipts should
>> still be returned when the device
>> acks.
>>
>> The push service may believe the device is connected, and call send - but
>> in many cases send
>> will succeed even if the other end is gone - TCP will do its retry and
>> eventually will timeout and
>> close the connection, but it takes some time and it's well after send.
>>
>> I assume 202 (Accepted) would be better for TTL=0 if the service is not
>> actually storing the message.
>>
>
> I'd be in favor of that, not sure if there's any relevant privacy
> implications from immediately indicating that a user is offline. And as you
> note, it still leaves open the possibility of returning a 201 with the
> belief the client is connected before it times out on the TCP retries. So
> all the 202 indicates in this regard is that the client is definitely not
> connected, nor has been recently enough for a stale connection to be
> present.
>

What I meant is: if TTL=0, don't store the message, and return 202
(Accepted) regardless of user status, since
no resource is actually created. However in order to return a delivery
receipt, it needs to have an identifier.

Regarding privacy implication - the delivery receipt has the same
characteristics, if you send a message and later
get a delivery receipt, it implies the user recently connected, and you can
estimate how long he was offline.
It's not very precise - at least GCM batches and may delay receipts, I
don't think the draft requires immediate
delivery of a receipt.

In either case - a very useful feature would be to reject a message if user
has not been connected for a 'long' time -
I think this is covered implicitly by the expiration of the subscription.



>
>
>> GCM ( and I assume other services ) may also optimize small TTLs by not
>> persisting - so
>> it may make sense to indicate this with 202, and not require in the spec
>> that the service is persisting
>> all messages.
>>
>
> Yep, we don't store TTL=0 messages at all.
>

I suspect nobody will, one of the benefits of TTL=0 is that it's likely to
be cheaper and faster in most
implementations.

Costin


>
>
>> Finally, it is very impractical for us to determine if the user agent is
>> available at the time of the send
>> (replication and cross-DC latency, plus the TCP retries)
>>
>> Costin
>>
>
> Cheers,
> Ben
>

v2.8.7 | Report a Bug | By Email