Re: Proposal: a new WRAP UP capsule
David Schinazi <dschinazi.ietf@gmail.com> Tue, 09 July 2024 17:41 UTC
Received: by ietfa.amsl.com (Postfix) id A9A33C1519A2; Tue, 9 Jul 2024 10:41:20 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8B4AC151992 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 9 Jul 2024 10:41:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.756
X-Spam-Level:
X-Spam-Status: No, score=-2.756 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, TRACKER_ID=0.1, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="DAku9Sn1"; dkim=pass (2048-bit key) header.d=w3.org header.b="NvFBhmqS"; dkim=pass (2048-bit key) header.d=gmail.com header.b="NnWMvUKv"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I_dLK1ojhTmP for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 9 Jul 2024 10:41:16 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE296C151991 for <httpbisa-archive-bis2Juki@ietf.org>; Tue, 9 Jul 2024 10:41:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=qf4NpTrsQ8UN+/Fdi3j89VKsNaXzb5pMtIzO+Wld31c=; b=DAku9Sn1n6NlKmaiN9yJ/9yCXR kc3zS/rJYGVH0vAU0dkAjzdT914W2ShnQic9vOKW4p6Oxb9Wivwdei+7ceVDYIzaay/9TGo23DtH/ I2ImVRzoDKEmXXlRG1h2s9jq0Tp06hPeweYcbBGzvL+oANNkkCXGnNtma/Zi7ej0vZ51XOqghcRmK u9wICvp/x2ebuqK9od4KSwYO8rcc3gwizmV7YgasM5k+9LrFkdevJ9ZauXjgJHO+n4STssJNX7cGq QeucOL3E9l8AZ5mrGSqJmWI/for0EXsitwjO3DNPdUwEG4zwjtouBr7ZKnejivfGJY3FcN9reGnK1 Rf5CgSzQ==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sREov-00Dq5M-2i for ietf-http-wg-dist@listhub.w3.org; Tue, 09 Jul 2024 17:40:05 +0000
Resent-Date: Tue, 09 Jul 2024 17:40:05 +0000
Resent-Message-Id: <E1sREov-00Dq5M-2i@mab.w3.org>
Received: from ip-10-0-0-144.ec2.internal ([10.0.0.144] helo=pan.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sREou-00Dq41-0S for ietf-http-wg@listhub.w3.internal; Tue, 09 Jul 2024 17:40:04 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=qf4NpTrsQ8UN+/Fdi3j89VKsNaXzb5pMtIzO+Wld31c=; t=1720546804; x=1721410804; b=NvFBhmqSNJ/6oO6iddfRXVTNaqFQsj1gB/zv7SbqnMtgn08/IWa6Cr5abDFJ2ypCTympGQwgr1a 11y70/PgsFGsN3ZFIOPOuN2SWz8lckJRFtY6+wIkGKozF1i0fhlme8ofYWazv5IR/poAearnwDB5I KV5YD+ld6UnQ+D4vunabXVML+icsjdssNn6ymhBN3SvKomZQJ02QduaJi5OZkrjUCKn2OQjcsA8oR zniYH9Io33Dyt/tmXocAXyIBGiOwu/YDfI+for3MNae4i+smqII517VLNDO1rg0lIJIcQUd+5sC1Q QaFFbJ4TvpLL2aCDsGCoAofAWFFWoDUDF0sg==;
Received-SPF: pass (pan.w3.org: domain of gmail.com designates 2a00:1450:4864:20::132 as permitted sender) client-ip=2a00:1450:4864:20::132; envelope-from=dschinazi.ietf@gmail.com; helo=mail-lf1-x132.google.com;
Received: from mail-lf1-x132.google.com ([2a00:1450:4864:20::132]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sREot-006fKG-11 for ietf-http-wg@w3.org; Tue, 09 Jul 2024 17:40:04 +0000
Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-52ea34ffcdaso5237293e87.1 for <ietf-http-wg@w3.org>; Tue, 09 Jul 2024 10:40:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1720546799; x=1721151599; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=qf4NpTrsQ8UN+/Fdi3j89VKsNaXzb5pMtIzO+Wld31c=; b=NnWMvUKvXXho2Kj5nVan2NnbeY6K5Qw3qST7GbTtPCUJ19SfWkPsKSOWoofbZ3xtbf Nxg0bbQMBP7YvWwKWQsOVT/6FkN8fW+62yB5GP+s0VXlhtIisZBTukqkAgf+04ixgvGV Q+574uevHQOYgEk68jn6aAecTaLVV8GBGdGUPcxRLIH23pZUw0qCjnMhl5gA9TfDezHx ctTkpFjWNjQllO8nYnKf3/1/sf9D7j0bn2KilraRqB4eygLwZu/fHsyRM4ahPytxtrpQ BOL5a8nSNajndT5jP+U2ZnPGF6KbPxAcO5j5qOEZPAMIQDgxudIoD+NwknVSnlArLwzY +jDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720546799; x=1721151599; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qf4NpTrsQ8UN+/Fdi3j89VKsNaXzb5pMtIzO+Wld31c=; b=ZwBQm4Ue+oqNEf24ndnGOUBMaNpY4t/vCYQ3liuWoCHq4v+ELxCrPm505oea+YemDb tqajS2VHzfiAId2k4HZLOtKqF3fWyYLMEo/zcSykQYdMdbqMTrzRwIhJivVhbsGz3Nmu Z5AK3VBx9uj1+bfHmus5hExSlYWpCtGufx3ke6Fred54BgX8ggECiLsq1ENnyZ82dCJ5 D4o8wqk+5Jiy0MQF1XcoecGROWb0/H64Pakn6ZUApfiNJnjEB6OTcDnvxRM2hVcLeDjj Bf5h3V5MpACL+Ut1HbJIRQ5YBAGh6akdFFlV+xpcGPwSGBKYeJAxodyrnjMNJZB6yCYT MNLQ==
X-Forwarded-Encrypted: i=1; AJvYcCVVp/kMUwbYHUupUKvW7ZNR1cK4P3VJQrt8ZmTgGecNpD8GAJ6F3t5mft83qhXARiLd1/78sJXO2dgrilCTyGarK6RE
X-Gm-Message-State: AOJu0Yw4QF6TpRqCkipP+7oFnfC6XJkHfGBk0BgIra75H+Pvfc32ggkY Oi5UbIvzLtn/7+2dsxjXHfX4DAEMqv/4ryMTyhMLK3WlLuRIhgr3AEcIR8kp42iHcIXlZEGDBEt tdM4LKgYdj7OL0tjMc3QkYfArKcI=
X-Google-Smtp-Source: AGHT+IG5JnlfFxeqGdwrkQ4XJ1xdor+Fmwd1Pb87fZaRsFVHcX0m9YTZSN7Zwzi1JGpgtUhMqAoiuS9kQHV4NuA9sKk=
X-Received: by 2002:a05:6512:1391:b0:52d:6663:5cbe with SMTP id 2adb3069b0e04-52eb9990ebemr2340819e87.12.1720546798589; Tue, 09 Jul 2024 10:39:58 -0700 (PDT)
MIME-Version: 1.0
References: <CAPDSy+5UU=GSFWTdrkHW7RXNL8pr5KWtLfp8zjExsZvvGczfEw@mail.gmail.com> <SA1PR15MB4370BBF870827575AA1C05A8B3DF2@SA1PR15MB4370.namprd15.prod.outlook.com> <8ada24df-9941-4a37-b79b-8ef471c5459d@app.fastmail.com>
In-Reply-To: <8ada24df-9941-4a37-b79b-8ef471c5459d@app.fastmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Tue, 09 Jul 2024 10:39:47 -0700
Message-ID: <CAPDSy+6dg9BN7GfBi7RezHLim-cDOTJnusPaRNegcQQ=2KoT4g@mail.gmail.com>
To: Lucas Pardue <lucas@lucaspardue.com>
Cc: Ben Schwartz <bemasc@meta.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000bfe1be061cd40446"
X-W3C-Hub-DKIM-Status: validation passed: (address=dschinazi.ietf@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.3
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, TRACKER_ID=0.1, URIBL_BLACK=1.7, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1sREot-006fKG-11 0e14bec6430953c3e66b01663234e401
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Proposal: a new WRAP UP capsule
Archived-At: <https://www.w3.org/mid/CAPDSy+6dg9BN7GfBi7RezHLim-cDOTJnusPaRNegcQQ=2KoT4g@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52060
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Thanks all. Regarding adding a signal to indicate client support, I agree with Lucas: the policy will enforce a hard limit set by policy, no matter what the client does. I don't think the proxy would change its behavior if it knew whether the client supported this. Regarding capsule vs h2/h3 frame, that's an interesting question. Fundamentally, this signal is intended to flow from proxy to client - even if it has to go through intermediaries between the proxy and client. If we use an h2/h3 frame, we would have to define it such that intermediaries need to understand it and forward it down the chain. We'd also lose h1 support. And intermediaries that use h1 on the back end aren't uncommon these days. Because of these reasons, I think a capsule makes more sense. That said, this does require the capsule protocol to be in play. I think this ties in to the conversation we've been having around connect-tcp and whether to use capsules there. In terms of my token-limited use case, I think the best design for large uploads/downloads is to use multiple separate proxied requests leveraging range requests or resumable uploads. The alternate REFRESH_TOKEN design would work too, but it has the downside of not working when the proxy is going down for maintenance. David On Tue, Jul 9, 2024 at 8:38 AM Lucas Pardue <lucas@lucaspardue.com> wrote: > > > On Sat, Jul 6, 2024, at 01:03, Ben Schwartz wrote: > > I think this is a reasonable idea. Two questions come to mind: > > 1. Should this have a signal? Right now there's no indication from the > client about whether it supports this frame. That makes it difficult for > the server to understand whether the frame is working as intended. Did I > not give a long enough grace period, or are these clients running long > because they don't recognize the capsule? > > I think the outcome is the same either way, a proxy can give a hint to a > client using the capsule and it might not be able to do anything with it > anyway even if understood. The proxy still needs to enforce its policy on > when to shut the thing down. > > > > 2. Should this be a stream-scoped HTTP/2+3 frame type? There are lots of > cases of streaming requests and responses that might encounter some kind of > limit in HTTP, including WebSocket, WebTransport, and even plain old POST > and GET. Should "this stream is getting too long for me" be a built-in > function of HTTP? > > I'm not sure. I think it depends on the direction of nessage travel and > what the limit applies to. > > One example we have is in resumable uploads, where we've defined an > upload-limit header [1] that applies to resources, not streams. An upload > can span multiple requests, and we indicate the limits of individual > requests and aggregate size > > What single transaction cases would a frame help? For a large download, > telling the client to wrap up isn't much good because it cant do anything, > you could just reset the stream. > > WebSocket is a bidi pipe and similar to MASQUE flows., I could see wrap up > applying there. The capsule seems like it would work too. > > [1] > https://httpwg.org/http-extensions/draft-ietf-httpbis-resumable-upload.html#section-8.2 > > --Ben > > ------------------------------ > > *From:* David Schinazi <dschinazi.ietf@gmail.com> > *Sent:* Friday, July 5, 2024 6:29 PM > *To:* HTTP Working Group <ietf-http-wg@w3.org> > *Subject:* Proposal: a new WRAP UP capsule > > Hi HTTP enthusiasts, Over in MASQUE land, as we're deploying our two-hop > proxies, we decided we needed to put a cap on how many bytes we'd allow per > token-authenticated connect-udp tunnel. Enforcing a hard limit is easy, but > the issue > ZjQcmQRYFpfptBannerStart > This Message Is From an External Sender > > > ZjQcmQRYFpfptBannerEnd > Hi HTTP enthusiasts, > > Over in MASQUE land, as we're deploying our two-hop proxies, we decided we > needed to put a cap on how many bytes we'd allow per token-authenticated > connect-udp tunnel. Enforcing a hard limit is easy, but the issue is that > if the proxy aborts the tunnel halfway through, the web browser could be > halfway through a proxied request. Since the browser doesn't know if the > half-finished request was acted on or not, it can't retry it, so it has to > surface the error to the user. Instead, we want the proxy to be able to > warn the browser that this will happen soon, so that the browser can > establish a new tunnel with a new token, and start sending new requests > there. Conceptually this is a little like GOAWAY, but instead of "please > wrap up this connection", it's "please wrap up this tunnel stream". It uses > capsules, since this is a message from proxy to client. Here's a draft with > diagrams: > > https://datatracker.ietf.org/doc/draft-schinazi-httpbis-wrap-up/ > > https://davidschinazi.github.io/draft-schinazi-httpbis-wrap-up/draft-schinazi-httpbis-wrap-up.html > > I'd love to hear your thoughts. > > Thanks, > David > > >
- Proposal: a new WRAP UP capsule David Schinazi
- Re: Proposal: a new WRAP UP capsule Martin Thomson
- Re: Proposal: a new WRAP UP capsule Ben Schwartz
- Re: Proposal: a new WRAP UP capsule Valentin Gosu
- Re: Proposal: a new WRAP UP capsule Lucas Pardue
- Re: Proposal: a new WRAP UP capsule David Schinazi
- Re: Proposal: a new WRAP UP capsule Dustin Mitchell
- Re: Proposal: a new WRAP UP capsule Ben Schwartz
- Re: Proposal: a new WRAP UP capsule Lucas Pardue
- Re: Proposal: a new WRAP UP capsule David Schinazi
- Re: Proposal: a new WRAP UP capsule Tommy Pauly
- Re: Proposal: a new WRAP UP capsule David Schinazi