Re: issue 381: Discovery of the support of the HTTP2 protocol: DNS-based Upgrade from Martin Thomson on 2014-02-20 (ietf-http-wg@w3.org from January to March 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 20 Feb 2014 09:21:17 -0800
To: Eliot Lear <lear@cisco.com>
Cc: Mark Nottingham <mnot@mnot.net>, IETF HTTP WG <ietf-http-wg@w3.org>
Message-ID: <CABkgnnXRMzSQQTdq9jh8fg_j4bk5CedwNxnFo_ZBtgV=p=FSOg@mail.gmail.com>

On 20 February 2014 08:26, Eliot Lear <lear@cisco.com> wrote:
>
> On 2/20/14, 10:23 AM, Mark Nottingham wrote:
>> On 18 Feb 2014, at 8:52 pm, Eliot Lear <lear@cisco.com> wrote:
>>
>>> Replying to myself, I'd like to make one point clear:
>>>
>>> It is ABSOLUTELY okay to use SRV so long as we accept that in some
>>> circumstances there will be some performance degradation, and that we
>>> will need to sort versioning beyond h2.  That latter issue implies some
>>> IN BAND upgrade mechanism for h2->hN.  In the case of TLS, we might
>>> simply handle this with ALPN, but someone from the TLS side should think
>>> about this in the context of a fast restart.
>> This is what’s concerned me in the past. We’ve made a lot of decisions based upon the assumption that introducing h3…hn (as well as other protocol identifiers) won’t require adding more round trips.
>>
>> Now, with ALPN, that may be OK, but it doesn’t help for non-TLS deployments, such as they are.
>
> Well, the round trip is hidden in a TLS capabilities exchange and I
> really would like to hear how it plays in the context of fast restart.

I don't know what you mean by "fast restart" here, but looking at some
of the proposed TLS 1.3 cases for fast handshakes, and session
resumption, you end up in a state where the choice from the last
session is maintained by default.  A client can of course opt to use
the longer handshake form in an attempt to move to another selection;
similarly the server can reject the resumption/fast handshake and fall
back to a complete negotiation.

There's a risk there that any choice becomes excessively "sticky" over
time, by which I mean that a choice to use "h2" could persist longer
than would otherwise be ideal.  I'm inclined to rely on operational
guidance (deploy "h3", reject resumptions or shortened handshakes from
prior to when the deployment occurred) rather than build additional
protocol machinery.  After all, that same guidance is going to be
necessary for cipher suite selection and other things as well.

Received on Thursday, 20 February 2014 17:21:46 UTC