W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Do we kill the "Host:" header in HTTP/2 ?

From: Roy T. Fielding <fielding@gbiv.com>
Date: Thu, 31 Jan 2013 05:15:23 -0800
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <EB84D829-9509-4EE0-BE4D-06070E305DB9@gbiv.com>
To: Ted Hardie <ted.ietf@gmail.com>
On Jan 30, 2013, at 1:51 PM, Ted Hardie wrote:

> On Wed, Jan 30, 2013 at 1:31 PM, Adrien W. de Croy <adrien@qbik.com> wrote:
>> 
>> from a proxy POV, it's very useful, nay vital that we can tell the
>> difference between a request that a client thinks it is sending to a proxy,
>> vs a request the client thinks it is sending to a server.
>> 
> 
> So, I remember vividly the meeting at which the Host: header
> discussion occurred, and I have heard John Klensin rant about this
> many times since (he was the APPs AD at the time), so my context on
> this is probably a bit odd.  At the time, we added the host header to
> help stave off the consumption of independent IP addresses for web
> sites that were being served off the same servers and physical
> infrastructure.  Pretty much everyone at the time thought the *right*
> idea was to move to full URLs.  We were reluctant to do so because of
> installed base and, because this could be a "breaking change", the
> consequences of revising the version number.  The questions about the
> HTTP WG minutes on the topic (kicked off by Harald Alvestrand) start
> here:  http://www.hpl.hp.com/personal/ange/archives/archives-96/http-wg-archive/0687.html
> and they are quite amusing to read now.

http://www.hpl.hp.com/personal/ange/archives/archives-96/http-wg-archive/0726.html

> We had no idea how early we were in the popularity curve of HTTP or
> how dominant it would become, but it was clear even then that the
> protocol would be very, very common on the network.  In retrospect, it
> is clear that we shouldn't have looked at the current installed
> base--we should have looked at what we expected eventual use would be.
> That makes "the earlier the better" clear.

I think your memory is a bit hazy there ... HTTP passed all
application protocols other than email in 1995, and by that
time (Mar 1996) was roughly double email traffic, IIRC (this was
before email-based spam became common).  That's why the WG
meeting contained a lot of people who had nothing to do
with developing the Web protocols---there was panic in the air.

I find it amusing that you think we could have proceeded in any
other way without relegating the IETF work to the garbage bin.

> For HTTP 2.0, where we can make non-backward compatible changes, I
> personally think the right thing to do is to drop the Host: header
> (that version shift is what we were waiting for 17 years ago, after
> all).  If there are things folks are getting from side-effects of the
> Host header (e.g. proxy targeting), we put them into the bin of
> potential requirements for HTTP 2.0 *and create mechanisms to meet
> those needs*.
> 
> I think Adrien's proposal for extensions to the host header makes
> clear that the need isn't perfectly met by the host header in any
> case, so mapping out the real aim and meeting that seems like the best
> notion to me.

Oddly enough, waka separates the scheme+host routing information from
the rest of the URI because that works better with multi-argument
methods and message-based encryption. *shrug*

....Roy
Received on Thursday, 31 January 2013 13:15:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 31 January 2013 13:15:52 GMT