RE: Alt-Svc usage in HTTP forward proxy implementations from Lucas Pardue on 2017-05-11 (ietf-http-wg@w3.org from April to June 2017)

From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
Date: Thu, 11 May 2017 13:47:58 +0000
To: Ryan Hamilton <rch@google.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <7CF7F94CB496BF4FAB1676F375F9666A3770E53E@bgb01xud1012>

Hi Ryan,

I understand that kind of case, with CONNECT the forward proxy is out of luck. I also appreciate that HTTPS is the direction of travel. However, to clarify my line of thought, I was thinking more the following hypothetical case (I’m using Chrome but it could be any UA):


·         Chrome makes a request to http://example.com/foo.html via a http forward proxy, lets call it Dave.

·         Dave makes the request for http://example.com/foo.html and receives a response that has an Alt-Svc header field such as h2=”:443”.

·         Dave is Alt-Svc aware and h2 capable, it remembers the Alt-Svc for “next time”, and removes it from the response to passed to Chrome.

·         Chrome is not aware that http://example.com has an Alt-Svc

·         Chrome makes subsequent request for http://example.com/bar.html via Dave

·         Dave makes the request to example.com using h2 on port 443

·         Chrome was never clued in to what happened
Lucas

From: Ryan Hamilton [mailto:rch@google.com]
Sent: 11 May 2017 14:25
To: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: Alt-Svc usage in HTTP forward proxy implementations

FWIW, Chrome only honors Alt-Svc for HTTPS requests<https://cs.chromium.org/chromium/src/net/http/http_stream_factory_impl_job_controller.cc?rcl=38ac4c9a36f237bcddf1ae1e723a7ee00c841f64&l=946>. Forward proxies are, basically, out of the loop for HTTPS because they just tunnel the bytes of the CONNECT request. As a result, Alt-Svc does not play a role with forward proxies in Chrome.

On Thu, May 11, 2017 at 4:15 AM, Lucas Pardue <Lucas.Pardue@bbc.co.uk<mailto:Lucas.Pardue@bbc.co.uk>> wrote:
Hello,

I’ve been doing some research on Alt-Svc and HTTP proxies. There is a load of past discussion on this that I do not want to retread over (For reference, I’ve included links to some threads I found interesting at the end of the email), what I’m more interested in is how implementations have chosen to do things.

What I haven’t been able to find much information on is whether there are any forward proxy implementations that make use of Alt-Svc for upstream requests. I was hoping that some of the WG might be able to point me in the right direction of some published details, or perhaps make a comment in reply to this thread.

Kind regards
Lucas


References


1.       alt-svc and proxies<https://www.ietf.org/mail-archive/web/httpbisa/current/msg26397.html>

2.       Intermediaries and Alt-Svc<https://github.com/http2/http2-spec/issues/462>

3.       Alt-Svc related Chromium bug report (proxy related)<https://lists.w3.org/Archives/Public/ietf-http-wg/2014JanMar/1293.html>

4.       Alt-Svc + Proxy Pac<https://www.ietf.org/mail-archive/web/httpbisa/current/msg24781.html>

5.       HTTP/QUIC without Alt-Svc?<https://github.com/quicwg/base-drafts/issues/253>





----------------------------

http://www.bbc.co.uk

This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.

---------------------

Received on Thursday, 11 May 2017 13:53:57 UTC