Re: HTTP/1.1 pconns to 1.0 servers from Roy T. Fielding on 2006-09-20 (ietf-http-wg@w3.org from July to September 2006)

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 20 Sep 2006 15:17:56 -0700
To: Mark Nottingham <mnot@yahoo-inc.com>
Cc: ietf-http-wg@w3.org
Message-Id: <DDCEE52A-287C-4A4F-82DC-DA7751911592@gbiv.com>

On Sep 20, 2006, at 2:16 PM, Mark Nottingham wrote:

> On 2006/09/20, at 1:29 PM, Roy T. Fielding wrote:
>
>> On Sep 20, 2006, at 10:08 AM, Mark Nottingham wrote:
>>
>>> HTTP/1.0 persistent connections are documented in RFC2068. One  
>>> case that's not explicitly covered is when a HTTP/1.1 client  
>>> sends a request to a HTTP/1.0 server without a Connection: keep- 
>>> alive header.
>>>
>>> My reading of 2068, 2616 and 2145 is that the fact that the  
>>> client indicates HTTP/1.1 in the request advertises their support  
>>> for persistent connections, and a HTTP/1.0 server (whether origin  
>>> or proxy) may safely use a Content-Length delimited persistent  
>>> response.
>>
>> What is an HTTP/1.0 server?
>
> OK, I'll bite. One that claims to conform to RFC1945 by sending the  
> version string "HTTP/1.0" in responses.

Nothing can claim to conform to an informational RFC by sending a  
protocol
version that was in wide use long before the RFC was published.  RFC  
1945
documents (the best I could) the most common and interoperable  
variations
on what people were claiming (at the time) as HTTP/1.0.

>> It was the intent of the WG that folks who claim to be using HTTP on
>> the Internet should be doing so with HTTP/1.1, instead of making
>> silly excuses not to.
>
> If the WG really believed that, why bother with making 1.1.  
> backwards-compatible at all?

To deploy HTTP/1.1.  That was over eleven years ago.

>> Anyone still claiming to use HTTP/1.0 will have
>> to fend for themselves and test against every deployed system, since
>> the only standard is for HTTP/1.1.
>
> Well, that would be nice, but anecdotal evidence says that Squid is  
> one of the most widely-deployed proxies out there, and it's still  
> advertising HTTP/1.0. Saying that Squid has to fend for itself  
> ignores the fact that everyone else has to deal with Squid (as we  
> see with the prevalence of HTTP/1.1 clients sending Connection:  
> keep-alive).

Squid is open source.  If someone thinks it shouldn't be ignored, then
they should update its ancient protocol stack to be compliant with
Internet standards.  In any case, Squid as a proxy that sends HTTP/1.0
responses is irrelevant to the question you asked, because HTTP/1.1
clients are required to ignore keep-alive from HTTP/1.0 proxy servers.
It is only when Squid is used as a gateway (reverse proxy) that the
question might apply here, and in that case the owner of that Squid
instance can fix it themselves.

....Roy

Received on Wednesday, 20 September 2006 22:18:07 UTC