W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Large Frame Proposal

From: Johnny Graettinger <jgraettinger@chromium.org>
Date: Mon, 7 Jul 2014 18:39:36 -0400
Message-ID: <CAEn92ToAwPCLgwPRg+p7bKqJ4dv4qHka5neW3pZBdDP=F0uPWQ@mail.gmail.com>
To: Greg Wilkins <gregw@intalio.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
>
> This is orthogonal to CONTINUATION (and could also be addressed by
>> pre-pending the encoding length within the HPACK encoding, as has been
>> suggested). The problem with doing so is that it precludes the possibility
>> of streaming HPACK.
>>
>
> Streaming HPACK is already not possible as it creates DoS vectors.
> Either we fix that problem - ie make header blocks able to be fragmented
> and interleaved,  or we have to face up to the fact that we already have
> jumbo header frames.
>

It's not possible in the general case for a proxy with no application
knowledge of what it's proxying and/or reason to distrust it's peers.
That's not the same as saying that streaming HPACK isn't possible anywhere,
ever.


 It's not a requirement that an endpoint close the connection after
>> deciding that headers on a particular stream are too large. It does require
>> that the endpoint be willing to incrementally process header block
>> fragments as they arrive, to avoid unbounded buffering. With that, it's
>> fully possible for an endpoint to tightly bound it's memory commitment in
>> the face of large headers on a stream, without tearing down the connection.
>>
>
> Indeed - but a lot of work for nothing. Best just to tell the peer not to
> send them in the first place.
>


I believe this isn't true, but am restricting that conversation to the
#541: CONTINUATION thread. *tl;dr*: You're gonna have to do it anyway.


Yes, this is a concern, but is easily solved (and is why Chromium is
>> emitting smaller continuation frames to ensure good interop coverage within
>> h2-13).
>>
>
> Which is precisely the reason I have moved from the
> I-can-live-with-CONTINUATIONS-because-I-can-ignore them camp, back to the
> I-can-not-live-with-CONTINUATIONS camp.      Several proposals have been
> made to make them ignorable for small headers, but as they have not been
> accepted then it looks like we all must support continuations and
> implementations that do not will be hunted down and excluded from
> interoperability, even if they never ever need large headers.
>
> Mark - can you open an issue for this one-   CONTINUATIONS looks like it
> is only needed for large headers, but it is actually a non optional part of
> the specification.
>
> cheers
>
>
>
> --
> Greg Wilkins <gregw@intalio.com>
> http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that
> scales
> http://www.webtide.com  advice and support for jetty and cometd.
>
Received on Monday, 7 July 2014 22:40:05 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC