IETF Logo Mail Archive

Re: [Webpush] When UA should send an acknowledgement?

Martin Thomson <martin.thomson@gmail.com> Wed, 08 June 2016 07:38 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB05312D18D for <webpush@ietfa.amsl.com>; Wed, 8 Jun 2016 00:38:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAU9W1bUkYLc for <webpush@ietfa.amsl.com>; Wed, 8 Jun 2016 00:38:33 -0700 (PDT)
Received: from mail-qg0-x234.google.com (mail-qg0-x234.google.com [IPv6:2607:f8b0:400d:c04::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 093DC12D0A1 for <webpush@ietf.org>; Wed, 8 Jun 2016 00:38:33 -0700 (PDT)
Received: by mail-qg0-x234.google.com with SMTP id p34so15418qgp.1 for <webpush@ietf.org>; Wed, 08 Jun 2016 00:38:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ZGuNT4WvTneWpiSpfsc90Sep/I1Lc5n+cNmtetVnSVM=; b=TGBsSES036hFji1P4bl4ODrZzYwDNQD7f4e9z3N4cr1C7nqnalUW0RlVns3zfK4oGe 2zxzgWiZJ6PFjluHyIHaB0ey7iI2tTeSbMGLe++XSgc99uvnx8opsixv7If0Ozojuvqb JvzhtHPKDtElvfLLsA9mI9sb/hE2g2Co7ERJUFNbwhg+gXH9uUpfDHbv1Ka5eJnGv4et kTbj8ByXeEsZvNcsK3/S7FeF0goS3okNmbefl+YMSA3v2La1ylmlAz5JkiMgTCQAqE6q S4h9NYNQG/LZv6y5Y1wVpnQG0eueFxWHtFIY2DeP9+guILahTFd6K0M3kP47eMcxDOyo wbHg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ZGuNT4WvTneWpiSpfsc90Sep/I1Lc5n+cNmtetVnSVM=; b=huhrPf9oUE/IjkgsldFpQXAB7SXWIwLL3shAeUdsv3XcBPtMiu7AJ2xlZaCOzhKzvi VoKaTAVy3D27TMyUm1GMPFrjZKSBK8f/gg8RvD4P7XW1prmgy5NUiFMnne3AYjRTV0vG 3B8l/VLGaRMd+qcCkL+tSatc0nacLR8+F9htoIISe8v0CX084Ti/TYLfkS5jXp0hkWG1 O77ULg3yKrU6/b/HrcrVPbyFFvYsqwZEJasBBujeMq/pSyPxFfBIxQixKacLjXD1LdDq mHCjFm6ZH8aDeg3O5qKLAOJBcvBZ15VMdVFGmPzvG+ZmG424tNacWoRemiL3Z0WbO0EH KGCQ==
X-Gm-Message-State: ALyK8tIRdw9pda1yBxW0eJxoG63dmxjqOIqVaY2S8IeE7u2n03NZYG8eX0MKwo9J6FYAZ5LdfSPUwbN2RdPJWg==
X-Received: by 10.140.163.65 with SMTP id j62mr3303831qhj.40.1465371512076; Wed, 08 Jun 2016 00:38:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.104.110 with HTTP; Wed, 8 Jun 2016 00:38:31 -0700 (PDT)
In-Reply-To: <CABp8EuKAcA9Vx3RO997MY3-niAgaNf_MZ3xjDW+zFE=7Hb_rbQ@mail.gmail.com>
References: <CAN+BUJpdSB-HvT6VQzVcAPqzwb_pn=HzLOC3r4ntSKjDh3ffLA@mail.gmail.com> <CABkgnnVSrKp8sf31qpBztp1FH=AQHFCoAH9XVQx6JyU4BoEQaQ@mail.gmail.com> <CABp8EuLYHufcLSnJjCvKGsCqgXDeAzrwn3N2XdoK4x6Px+0w5w@mail.gmail.com> <CABkgnnVcyFcd2MPUFKORkkyHpMDfALjAP34ByVJpLBEMSiZ=ZA@mail.gmail.com> <CABp8EuKAcA9Vx3RO997MY3-niAgaNf_MZ3xjDW+zFE=7Hb_rbQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 8 Jun 2016 17:38:31 +1000
Message-ID: <CABkgnnXAqnY3sSzU67vLf3SS-RXcoF-Uq=KT+hyPOu5ATV+bSw@mail.gmail.com>
To: Benjamin Bangert <bbangert@mozilla.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/WXDx9YuMWfCAj3CU-LtUd1zp13o>
Cc: "webpush@ietf.org" <webpush@ietf.org>, Idel Pivnitskiy <idel.pivnitskiy@gmail.com>
Subject: Re: [Webpush] When UA should send an acknowledgement?
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2016 07:38:35 -0000

I'm sorry, I'm confused by your message.  I can't decide if you want
at-least-once, or at-most-once.  End-to-end ack, i.e., ack after
successful processing, is in support of at-least-once, which I think
is consistent with other decisions we've made in the overall design.

On 8 June 2016 at 15:15, Benjamin Bangert <bbangert@mozilla.com> wrote:
> On Tue, Jun 7, 2016 at 9:36 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
>> On 8 June 2016 at 13:17, Benjamin Bangert <bbangert@mozilla.com> wrote:
>>> For our implementation, we will actually never send more notifications
>>> until all sent ones are ack'd. This means if a message is malformed or
>>> causes a UA error in a UA that actually follows the DOM spec, it will
>>> never get a notification again (except the notification it won't ack).
>>
>>
>> This is fine, as long as you regard unacknowledged messages that you
>> thought were delivered as poisonous after a certain amount of time (or
>> retries, if you do that).  If you follow that advice, then progress
>> will eventually be made.
>
> This recommendation isn't in the WebPush spec. By mandating that the UA
> MUST ack every message it's clear that failure to ack a message should
> result in redelivery attempts.
>
> If it's intended that a UA does not need to ack every message, the WebPush
> spec should be updated to reflect that. I could see a PS reasonably
> considering messages dead if other messages were ack'd or some other
> command came over the connection such that the server knew that
> the client is alive and likely processed it.
>
> Automatically ack'ing a message in this manner for the PS has as many
> problems if not more than requiring the UA to ack every message though.
> It also introduces a lot of complexity into the PS and may result in very
> long message delivery times should a UA get bogged down with many
> improperly encrypted messages.
>
>>
>> I expect that Costin will agree with you, but we've discussed this in
>> the past.  The problem here is that an acknowledgment from the user
>> agent doesn't constitute a useful signal.  You have moved the problem
>> to a second middle-man.  When the user agent acknowledges prior to
>> processing the message, how will the application know that it was
>> processed?  Can you guarantee that?  When the browser crashes, your
>> message is still lost.
>
> Why not change the DOM spec to indicate that if a message was
> processed and failed for some reason it should still be ack'd?
>
> If the same message consistently crashes the browser, I would expect
> the browser to track that fact and avoid the message again in the future.
>
> Clearly we have the choice of guaranteeing that a message will be
> processed at-most-once, or at-least-once, since a crash immediately
> after processing could stop the ack from making it back. If the desire
> is at-most-once, then the UA should ack immediately upon receipt of
> the message (or the PS can consider it ack'd if a PING frame is
> returned after sending a message, etc.).
>
> The Push DOM spec seems to favor the at-least-once model, in which
> case it would be appropriate for the UA to always ack a message even
> if it decrypts improperly, or the SW throws an exception, etc.
>
>>
>> The only way for this to be a good signal is to have the
>> acknowledgment be end-to-end.
>>
>> (p.s., I don't know if your assertion is true or not.  I don't think
>> that it matters.  I should know that code, but it's an absolute rats
>> nest, despite Kit's recent efforts at cleanup.)

v2.8.7 | Report a Bug | By Email