Re: #158: Proxy-Connection and Keep-alive from Willy Tarreau on 2011-12-03 (ietf-http-wg@w3.org from October to December 2011)

From: Willy Tarreau <w@1wt.eu>
Date: Sat, 3 Dec 2011 08:22:17 +0100
To: Mark Nottingham <mnot@mnot.net>
Cc: Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
Message-ID: <20111203072217.GI27965@1wt.eu>

Hi Mark,

On Sat, Dec 03, 2011 at 11:21:17AM +1100, Mark Nottingham wrote:
> 
> On 29/11/2011, at 5:01 PM, Amos Jeffries wrote:
> 
> > How about is for prose:
> > "
> > Proxy-Connection is now obsolete. Clients must not produce it on HTTP/1.1 requests or responses.
> 
> Yes, with editorial niggles. I think this is roughly what we have now.
> 
> > NP: existing software still uses a mixture of HTTP/1.0 and obsolete Proxy-Connection keep-alive mechanisms which differ in behaviour from HTTP/1.1. Clients should always explicitly send Connection: keep-alive or Connection: close when contacting servers having HTTP/1.0 or unknown HTTP version numbers.
> 
> That's too strong; we shouldn't require use of HTTP/1.0 mechanisms, as some implementations might make reasonable decisions to not use pconns with 1.0 servers. Besides, connection: close is the default with 1.0 anyway, so there's not reason to mention it here.
> 
> I'd really rather not get into specifying the keep-alive mechanism in HTTP/1.1, because it's deprecated, and difficult to correctly specify. Mentioning it is fine, but putting requirements around it is too much.

But if we want Proxy-Connection to disappear, we need to indicate what else
to do, as simply removing it *will* lead to persistent connections being
disabled at many workplaces where proxies still apply 1.0 semantics. And
this is not only a performance issue but a connectivity issue, since these
workplaces sometimes make use of NTLM auth, which authenticates the connection
instead of the request, and does not work without persistent conns.

That's why I agree with Amos that we need to state something for clients
which currently make use of Proxy-Connection. In fact, a number of them
already emit both "Connection: keep-alive" and "Proxy-Connection: keep-alive"
but I'm not certain at all this is the case for all of them, and helping
them not getting trapped will save them from reverting their change when
they get breakage reports.

Maybe instead we should suggest the following :

  The Proxy-Connection header was completely obsoleted by the Connection
  header. Therefore, clients must not emit it and must use the Connection
  header instead, even with proxies running an unknown HTTP version.

I'm insisting on this point because it's not necessarily obvious that a
"Connection: keep-alive" header must be sent in an HTTP/1.1 request when
the proxy's version is unknown or 1.0.

Regards,
Willy

Received on Saturday, 3 December 2011 07:23:26 UTC