IETF Logo Mail Archive

Re: [Webtransport] Confirming consensus calls from today's WebTransport interim

Eric Kinnear <ekinnear@apple.com> Thu, 03 June 2021 18:17 UTC

Return-Path: <ekinnear@apple.com>
X-Original-To: webtransport@ietfa.amsl.com
Delivered-To: webtransport@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 757273A1282 for <webtransport@ietfa.amsl.com>; Thu, 3 Jun 2021 11:17:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.793
X-Spam-Level:
X-Spam-Status: No, score=-2.793 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYR2gy8MfI0g for <webtransport@ietfa.amsl.com>; Thu, 3 Jun 2021 11:17:25 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp01.apple.com (ma1-aaemail-dr-lapp01.apple.com [17.171.2.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E89D93A127D for <webtransport@ietf.org>; Thu, 3 Jun 2021 11:17:24 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp01.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp01.apple.com (8.16.0.42/8.16.0.42) with SMTP id 153IDrvA015940; Thu, 3 Jun 2021 11:17:19 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=content-type : content-transfer-encoding : from : mime-version : subject : message-id : date : cc : to; s=20180706; bh=InfCTHRT3Qx+OmkvaG29IfGmA5HeoakcdGOEh4KgBjI=; b=gHVWZsA0/uTpIye2Ci1ILmcQ/tZ+6eeVGX3Q46WAoOfRcZIH3qJjc4vCSqLs4hIbHnI6 HZBxiEWj2tAAFwXcZjF5FHN+XV4/PDouCe4C/K1E6Af4Us1Yx7mLdSxmrfONp3Nr4cdv PtzJyhB5Rv2lIfKEzWm2fFoUtVfwamn8FiViYjknLpjtknYQCeHYqbZ7GduBm0hA7Xo0 +KyKvkmY9jMS6QC+q+jMhfFEi2Ng+YzlhZzSXcGJRfzshWCWB+/EUon4FpXGp3j0hpOo j0xezqwJ38ovJUYE0OwMncIfPLLQ4rUjSU7W9W4VIaffFehVwwKvPJsik8KoDEy6K/gM OQ==
Received: from ma-mailsvcp-mta-lapp04.corp.apple.com (ma-mailsvcp-mta-lapp04.corp.apple.com [10.226.18.136]) by ma1-aaemail-dr-lapp01.apple.com with ESMTP id 38um947h58-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 03 Jun 2021 11:17:19 -0700
Received: from ma-mailsvcp-mmp-lapp01.apple.com (ma-mailsvcp-mmp-lapp01.apple.com [17.32.222.14]) by ma-mailsvcp-mta-lapp04.corp.apple.com (Oracle Communications Messaging Server 8.1.0.9.20210415 64bit (built Apr 15 2021)) with ESMTPS id <0QU5009O71GUPL00@ma-mailsvcp-mta-lapp04.corp.apple.com>; Thu, 03 Jun 2021 11:17:18 -0700 (PDT)
Received: from process_milters-daemon.ma-mailsvcp-mmp-lapp01.apple.com by ma-mailsvcp-mmp-lapp01.apple.com (Oracle Communications Messaging Server 8.1.0.9.20210415 64bit (built Apr 15 2021)) id <0QU500S00118LL00@ma-mailsvcp-mmp-lapp01.apple.com>; Thu, 03 Jun 2021 11:17:18 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 8154b23b3511e33f7d3c4e1c60118686
X-Va-E-CD: 3a9f8742fe417345fd085d88c18259b7
X-Va-R-CD: 34a0388f460ef2b7e3117bdb230280d5
X-Va-CD: 0
X-Va-ID: 6b5a4b10-1b7d-4b68-84e8-8cc5612f7d58
X-V-A:
X-V-T-CD: 8154b23b3511e33f7d3c4e1c60118686
X-V-E-CD: 3a9f8742fe417345fd085d88c18259b7
X-V-R-CD: 34a0388f460ef2b7e3117bdb230280d5
X-V-CD: 0
X-V-ID: 87a4238b-50bb-40e8-b508-a5b65b231b58
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-06-03_12:2021-06-03, 2021-06-03 signatures=0
Received: from smtpclient.apple (unknown [17.10.131.213]) by ma-mailsvcp-mmp-lapp01.apple.com (Oracle Communications Messaging Server 8.1.0.9.20210415 64bit (built Apr 15 2021)) with ESMTPSA id <0QU50081A1GTXW00@ma-mailsvcp-mmp-lapp01.apple.com>; Thu, 03 Jun 2021 11:17:18 -0700 (PDT)
Content-type: multipart/alternative; boundary=Apple-Mail-6A880F41-721F-4355-9C6D-A5E5573766A6
Content-transfer-encoding: 7bit
From: Eric Kinnear <ekinnear@apple.com>
MIME-version: 1.0 (1.0)
Message-id: <7D4F22BF-6910-4E45-BC27-F395461B603C@apple.com>
Date: Thu, 03 Jun 2021 14:17:16 -0400
Cc: David Schinazi <dschinazi.ietf@gmail.com>, Victor Vasiliev <vasilvv@google.com>, WebTransport <webtransport@ietf.org>, Alan Frindell <afrind@fb.com>, Martin Thomson <mt@lowentropy.net>
To: Ian Swett <ianswett=40google.com@dmarc.ietf.org>
X-Mailer: iPad Mail (19A266a)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-06-03_12:2021-06-03, 2021-06-03 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/webtransport/bFXYYmIsnWMeFFO0TfkdJoR9mlc>
Subject: Re: [Webtransport] Confirming consensus calls from today's WebTransport interim
X-BeenThere: webtransport@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <webtransport.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webtransport>, <mailto:webtransport-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webtransport/>
List-Post: <mailto:webtransport@ietf.org>
List-Help: <mailto:webtransport-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webtransport>, <mailto:webtransport-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2021 18:17:30 -0000

I think the question of HTTP/1.1 is an interesting one: we’ve so far been operating with the view that falling back from QUIC to TLS/TCP might enable significantly more folks to participate, but that the delta between HTTP/1.1 and HTTP/2 would not be as significant.

I don’t have massively strong opinions in terms of how we go about addressing that, beyond the earlier concerns about additional effort required to cover HTTP/1.1 vs. expected gain, but if the expected gain goes up, then perhaps that changes things sufficiently. 

It seems that some of that thinking has come from the observations made about _who_ is in control of the versioning; if your network operator does not allow QUIC then that’s less under your control than whether HTTP/2 is supported (although, as Ian mentioned, there’s a population with middleboxes that force you down to HTTP/1.1, which might or might not support CONNECT anyways). 

Would it be possible to gather some data about the relative size of these different populations? I’m not sure there’s anyone in a great position to do that, at least for CONNECT specifically if it’s not already possible/in-use, but perhaps data about other H1 vs. H2 vs. H3 usage would be interesting.

We know that, at least on iOS, HTTP/2 is in use in a higher percentage for web browsing use cases than for other application use cases.

> On Jun 3, 2021, at 12:41 PM, Ian Swett <ianswett=40google.com@dmarc.ietf.org> wrote:
> 
> Thanks David,
> 
> I was thinking of corporate networks with MITMs that inspect HTTP 1.1 in a limited way, but it sounds like those may not be very common, so there's no way to make WebTransport work anyway.
> 
> If so, making WebTransport HTTP/2 specific is fine with me.
> 
> I still think apps that want to work close to 100% of the time won't be able to depend upon WebTransport always working, but maybe that's just the state of the internet.
> 
> Ian
> 
> On Thu, Jun 3, 2021 at 12:28 PM David Schinazi <dschinazi.ietf@gmail.com> wrote:
>> Can you provide an example of a network that would benefit from this scope increase? I've yet to see a network that MITMs TLS but allows all HTTP/1.1 through unmodified. The ones that MITM and downgrade to h1 generally do it because they then inspect and/or modify the request and response, so getting something with WebTransport semantics to work there at all isn't guaranteed to be possible. Perhaps a good step forward is for us to build a version of WebTransport over h2 and then look at deployment data and feedback to decide if another version is needed.
>> 
>> David
>> 
>> On Thu, Jun 3, 2021 at 8:56 AM Ian Swett <ianswett@google.com> wrote:
>>> 
>>> 
>>> On Thu, Jun 3, 2021 at 11:38 AM David Schinazi <dschinazi.ietf@gmail.com> wrote:
>>>> Hi Ian,
>>>> 
>>>> Can you elaborate on what use-case would be solved by having WebTransport support HTTP/1 ?
>>>> - We know there are networks that block QUIC and/or UDP, those will be well served by HTTP/2.
>>>> - We know there are networks that MITM TLS then force a transparent HTTP/1 proxy, those won't allow CONNECT nor any other form of WebTransport anyway.
>>>> I'm failing to see a use-case where WebTransport over HTTP/1 would be useful. Can you provide an example?
>>> 
>>> I think there's evidence that those two sets of networks are very similar today, and over time I expect the set of networks that block QUIC but don't block HTTP/2 to be tiny(ie: <1%).
>>> 
>>> But I could be wrong.
>>>> 
>>>> Thanks,
>>>> David
>>>> 
>>>> On Thu, Jun 3, 2021 at 6:57 AM Ian Swett <ianswett=40google.com@dmarc.ietf.org> wrote:
>>>>> I definitely agree with 1a, with the caveat that the TCP version is lower priority than the HTTP/3 version.
>>>>> 
>>>>> I'm slightly less concerned about the stream state machine than Martin, but I think it's definitely a real concern and I think it makes sense to have a solution fairly well fleshed out before adopting the direction and document.
>>>>> 
>>>>> I'm slightly more concerned about creating a TCP fallback that doesn't work over HTTP/1.  If we're building a fallback, it seems like these people shouldn't be excluded, since that means developers will have to build and maintain a 3rd fallback that's not WebTransport based.  If the dream is to be able to develop apps for WebTransport and not have a non-WebTransport fallback, I don't see how we accomplish that without an option over HTTP/1?
>>>>> 
>>>>> Possibly this is a forcing function to convince customers to upgrade their middleboxes to ones which support HTTP/2 and HTTP/3, but if so I'd like to call that out explicitly.
>>>>> 
>>>>> Or maybe the physical office with its corp middleboxes is dead and my concern is an unfounded anachronism?
>>>>> 
>>>>> Ian
>>>>> 
>>>>> On Tue, May 25, 2021 at 5:36 PM Alan Frindell <afrind=40fb.com@dmarc.ietf.org> wrote:
>>>>>> I think the fundamental discussion here is about whether we want to modify/extend the HTTP/2 state machine to handle WebTransport streams, or whether we should build an entirely separate stream state machine for them, and leave the H2 machinery untouched.

This sounds about right to me, if we think that the mapping of H3 onto H2 is not how we’d want it to be, we’ve evolved it significantly so far, and I don’t see any reason why we can’t continue to do so.
>>>>>> 
>>>>>> Martin may be right that there be dragons down the path of modifying the H2 state machine.  The alternative strikes me as an awful lot of duplication -- it's close to implementing H2 again over a single HTTP stream, minus header processing.  That said, I think either approach can be made to work, we just need to choose the tradeoffs we want.  
>>>>>> 
>>>>>> I am remiss in not addressing the feedback regarding unidirectional stream resets.  I think that it got lost during the bizarre hours of the last IETF.  I filed an issue in the draft repo to track it (https://github.com/ekinnear/draft-webtransport-http2/issues/17).  I think the right solution is to keep the unidirectional reset functionality, and implement it in the H2 draft using either new frames or messages, depending on the direction we take regarding the state machine.
>>>>>> 
>>>>>> During the interim, we expressed our flexibility to adapt the design here as the H3 design evolves (eg: stream limits), new tools become available (eg: CAPSULE) and as we gather implementation experience.
>>>>>> 
>>>>>> While I think it is important we address this design decision as soon as possible, I don't know that it needs to block adoption. 

I’d agree, I support adoption (as an author), and with that I’d very much like to sit down and make sure we’re covering Martin’s feedback here — I know parts of it were also raised at 110 prior to the interim and we haven’t all synced up to make sure it’s sorted out. That might result in minor changes to the document, it might result in major changes to the document — either is fine from my perspective.

Thanks,
Eric


>>>>>> 
>>>>>> Thanks
>>>>>> 
>>>>>> -Alan
>>>>>> 
>>>>>> On 5/23/21, 6:48 PM, "Webtransport on behalf of Martin Thomson" <webtransport-bounces@ietf.org on behalf of mt@lowentropy.net> wrote:
>>>>>> 
>>>>>>     On Sat, May 22, 2021, at 02:06, Victor Vasiliev wrote:
>>>>>>     > On Thu, May 20, 2021 at 9:37 PM Martin Thomson <mt@lowentropy.net> wrote:
>>>>>>     > > I'm opposed to adoption of this document.  I don't believe that it can be made so due to some fundamental differences in how HTTP/2 and QUIC stream states.
>>>>>>     > > 
>>>>>>     > > If this problem was acknowledged, then I have every confidence that the people listed as authors are able to find a solution.  But generally adoption is about the document more than the people.  Adoption means agreeing that the document contains approximately the right shape for a solution.  I can't agree with that in this case.
>>>>>>     > 
>>>>>>     > Hi Martin,
>>>>>>     > 
>>>>>>     > Could you elaborate on the specific differences between HTTP/2 and QUIC 
>>>>>>     > stream state machines that you are concerned about?  The only one I am 
>>>>>>     > aware of is unidirectional versus bidirectional reset, and last time we 
>>>>>>     > discussed this, the easiest solution was to make HTTP/3 behave like 
>>>>>>     > HTTP/2, which would mean there's nothing HTTP/2 draft would do to 
>>>>>>     > address that.
>>>>>> 
>>>>>>     That's the one I'm most concerned about, but there is also the whole mess around inventing semantics for unidirectional streams that needs to be worked into the state machines.
>>>>>> 
>>>>>>     For reset, sure, you could make the HTTP/3 draft worse to deal with the problem.  Why would you want that?  QUIC has a much better set of semantics here than HTTP/2.
>>>>>> 
>>>>>>     There is also the stream state management disconnect for server-initiated streams, which currently is only used for server push.  The draft currently doesn't say anywhere near as much as it would need to in order to specify that part.
>>>>>> 
>>>>>>     And managing allocation of stream limits is a little scant on detail in the same way.  I thought we wanted independent limits, which means defining new accounting systems.  (Yes, this is a criticism of the HTTP/3 draft also, but the additional effort required to use QUIC streams is entirely justified in that case, because you are getting something in exchange.)
>>>>>> 
>>>>>>     Why bother with all of that when you can just import QUIC frame semantics and then serialize them on the same stream?
>>>>>> 
>>>>>>     Yes, this all boils down to a fairly central question: do we build the same thing for HTTP/2 and HTTP/3?  I'm not sure that we want that.  We need to do a whole bunch of stuff to use QUIC (BTW, Roberto gets to say "told you so" again here), but doing that same work for HTTP/2 doesn't make sense unless the changes are minimal.  I'm suggesting that the changes aren't as minimal as the rough sketches of protocols we have might imply.
>>>>>> 
>>>>>>     If you conclude that there are more functions needed, as I have done, then you might also conclude that building those same functions into two different protocols is not desirable, especially when there are no benefits to doing so for one of those protocols.
>>>>>> 
>>>>>>     -- 
>>>>>>     Webtransport mailing list
>>>>>>     Webtransport@ietf.org
>>>>>>     https://www.ietf.org/mailman/listinfo/webtransport 
>>>>>> 
>>>>>> -- 
>>>>>> Webtransport mailing list
>>>>>> Webtransport@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/webtransport
>>>>> -- 
>>>>> Webtransport mailing list
>>>>> Webtransport@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/webtransport
> -- 
> Webtransport mailing list
> Webtransport@ietf.org
> https://www.ietf.org/mailman/listinfo/webtransport

v2.8.7 | Report a Bug | By Email