- From: Patrick McManus <mcmanus@ducksong.com>
- Date: Fri, 21 Nov 2014 10:20:18 -0500
- To: Martin Thomson <martin.thomson@gmail.com>
- Cc: Mark Nottingham <mnot@mnot.net>, HTTP <ietf-http-wg@w3.org>
- Message-ID: <CAOdDvNoCJMvxoU3J8srkyOzzUjiAcP+tHzjr0p3sPxBrGw-raA@mail.gmail.com>
On Fri, Nov 21, 2014 at 2:19 AM, Martin Thomson <martin.thomson@gmail.com> wrote: > On 20 November 2014 17:28, Mark Nottingham <mnot@mnot.net> wrote: > > <https://github.com/http2/http2-spec/pull/647> > > > > Any thoughts? > > I like the correlation text, that's a real issue. agreed - the term origin might be stronger than 'site' as currently used. > I'm lukewarm on the value of the SETTINGS/PING thing. TCP window > scaling relies on knowing RTT, so another way of measuring it in a > h2 bits are e2e while TCP might not be thanks to CONNECT tunnels. I'm sure you could game it through some kind of flow control back pressure observation, but its not trivial.. tls has stuff to latch onto, but it can be padded by concerned parties.. so I think its harmless and marginally worthwhile to call out the issue with roughly the suggested text. It might be stronger with 'peer' instead of client. Sometimes servers are hiding - geographically speaking, and settings and ping are bi-di mechanisms. > less accurate way is of little intrinsic value. It's certainly > harmless text inasmuch as it is correct, but it is only new if you > consider the layer in isolation and don't assume anything like (say) > lock-step request-response-request. See > https://tools.ietf.org/html/rfc7323#section-3 for lower layers, and > JavaScript in general for higher. > > I guess if you consider this as another hole to plug for the TOR > folks, then yes, but they have very special needs (and the skills to > match, no doubt). > >
Received on Friday, 21 November 2014 15:26:02 UTC