W3C home > Mailing lists > Public > public-bpwg-ct@w3.org > January 2008

RE: ACTION-604 ACTION-615 Proposed Treatment of Bryan's Contribution in Preparation for a New Draft CT

From: Sullivan, Bryan <BS3131@att.com>
Date: Tue, 22 Jan 2008 11:05:52 -0800
Message-ID: <8080D5B5C113E940BA8A461A91BFFFCD05D93EB3@BD01MSXMB015.US.Cingular.Net>
To: <public-bpwg-ct@w3.org>

Jo,
Comments to
http://www.w3.org/2005/MWI/BPWG/Group/TaskForces/CT/editors-drafts/Guide
lines/071124. Some of the items from my earlier contribution don't
appear to be covered but I will circle back as needed in the next draft.

Re 2.1 Requirements "I'm not actually sure how useful this is any more,
I think it may have served its purpose in stimulating debate and
thought": I think the section is useful. It helps set the context for
the reader.

Re 2.4 Proxy States "This must steer clear of recommending a deviation
from the HTTP spec which I don't think is acceptable. However there are
parallels with the operation of e.g. child protection mechanisms?": I
think we are OK referring to any case in which a proxy modifies content,
causing that proxy to be considered non-transparent for that particular
request. We might mention that there may be cases where the reason for
transformation overrides the objectives in this document (e.g.
compliance to no-transform directives), and that even in those cases the
other requirements in this document should apply (e.g. disclosing that
the content had been transformed).

3.1 Client Origination of Request 
Re "The client may request that the Content-Type and Content-Encoding
must not be altered in the response by setting the Cache-Control:
no-transform directive.": maybe reword as "The client may set the
Cache-Control: no-transform directive to request that the Content-Type
and Content-Encoding must not be altered in the response." 

Re the "The client may add an..." statements: We should mention which of
these are new parameters (defined here).

Re "[It would be nice if the client were able to indicate what type of
presentational capabilities it has, for example, zoom, linearize,
keyhole ... @@@ client-feature indication]": these should supported via
a DDR ala the DDWG is working on.

Re "[It would also be useful if the client were able to turn off the
User Interaction features of the proxy via HTTP]": do you mean via an
HTTP header, or via a web-based CT user control interface, or both? It
begins to get complicated if we start talking about stateful
requirements on turning features on and off, so I recommend we start at
least with a stateless assumption, i.e. the directives relate to the
current request only. See comments to 3.2.3 below; I have atttempted to
address this but you can see it will get complex.

As I provided in my contribution, do we want to address "A CT proxy MAY
enable a user to select preferences for user agent identification and
capabilities disclosure to CP.", or is that going to far functionally?

3.2 Proxy Receipt, Forwarding or response to a Request
Re "Irrespective of the presence of the no-transform directive, the
proxy must behave transparently (q.v.) if it detects that the user agent
is not a browser [@@open question as to how it does that].": I recommend
we say "CT proxies MUST be capable of recognizing browsers and
non-browsers via the User-Agent header.". We could leave other methods
unspecified.

Re "Proxies must not intervene in HTTPS requests and should not
intervene in methods other than GET and HEAD." We should explain why.
I'm not sure of the reason for restricting POST.

3.2.3 Proxy Interaction with the User when Active

Re "If neither a no-transform nor a [@@ct-aware] directive is present in
a request from the client, the proxy must offer a means of interacting
with it to provide at least basic control (the ability to transition the
proxy to passive role) of its services. Proxies may in addition offer
user interaction when those directives are present - i.e. interaction
with the user is not prohibited if the client is aware of the
conventions of this document, unless the client has requested disabling
them.": I suggest to reword this, as it currently states a general
capability requirement in the context of a particular event. The general
capability requirement needs to be stated first, followed by the
requirements in the specific case. Here is the way I would write the
requirements in this section:

"CT proxies MUST offer a means of user control for CT services for users
of non-CT aware browsers, via a web-based user preferences interface or
through preselection via the CP proxy operator (e.g. by proxy
administration)."

"CT proxies MUST offer a means of user control for CT service related to
the current request".

"CT proxies MAY offer a means of user control for CT service via
persistent CT service preferences, which upon selection, apply to all
requests, unless overridden by client request."

"CT proxies MAY offer a means to scope user control preferences for CT
service to specific domains or other criteria, e.g. for specific content
types."

"If neither a no-transform nor a [@@ct-aware] directive is present in a
request from the client, and no persistent preference for CT services is
defined, CT proxies MUST provide a web-based means of user control for
CT service related to the current request."

(remaining requirements can stay as-is, unless they need to be modified
to be consistent with the above)

3.3 Server Response to Proxy
Re "Servers should distinguish URIs that are intended for access only by
HTTPS from those that are intended for insecure access in order to be
able to detect and reject requests that should have been submitted by
HTTPS but have been re-written in contravention of its directives.":
Note in most cases the proxy will never see the URI anyway as most
clients (especially mobile ones) should be using HTTP CONNECT (if they
are aware that they are using a proxy, otherwise the SSL connection is
direct and the proxy doesn't apply anyway).

Re "If the response contains URIs with the scheme https and the server
is content to allow the scheme to be re-written as the http scheme then
it must indicate this using the [@@allow-https-rewrite] directive,
otherwise rewriting is inhibited.": I don't think its necessary or good
to open this box, as there are serious security implications. The only
valid reason I see for rewriting HTTPS URIs is so that the resource can
appear to be hosted on the CT proxy itself. Even so it should still be
rewritten as a secure URI. Thus the CT proxy recreates the WAP gap in
the interest of transforming content sent over two secure connections in
which it provides the bridge. At least there, the actual request
transmission is secure over each hop.

Re "Note that including a no-transform directive may [@@should actually]
disrupt the behavior of WAP/WML proxies, because this inhibits such
proxies from converting WML to WMLC (because this is a content-encoding
behavior). Adding [@@allow-recoding] or [@@allow-compression] is
unlikely to be recognized in the short-term by such proxies which
predate these guidelines." Note by the time this gets implemented there
are likely to be *very few* WAP1 devices still out there, and you can
count on two things as a result:
1) Most devices support text WML directly, and compression occurs
through GZIP (we are already nearing 95% WAP2 on our network, and this
is the case across the board for WAP2 devices).
2) The vendors and operators of WAP1 proxies will be loathe to make
*any* changes to these products at this time, as there is little value
and a lot of risk (to the stability of the WAP1 gateway functions
overall, since most bugs are unintended side-effects). Also, because any
CT proxy other than a WAP gateway would be on the CP side of the
gateway, its non-conversion of WML would be irrelevant as the WAP1
gateway would still do it.

Re "The server should not choose a Content-Type for its response based
on its assumptions about the heuristic behavior of any intermediaries.
(e.g. it should not choose content-type: application/vnd.wap.xhtml+xml
solely on the basis that it suspects that transforming proxies will
apply heuristics that make them not restructure it).": Maybe rephrase
this, exactly what it means is unclear to me.

Re "406 Response - Note that some clients (MSIE for instance) don't
display the body of a 406 response, this is in contravention of HTTP/1.1
as far as I can see.": Also, most mobile browsers don't actually display
the body of error responses either. This has been a problem since day
one; it has been impossible to create a consistent user experience for
error handling, even when we sent so far as to customize the response
body for compatibility with the clients (which was the main reason that
most ignored it from the beginning).

Can you tell me how you address in this section, the statement I had in
my contribution: "A CT proxy SHALL be capable of detecting CT-awareness
in CP and browsers." Maybe we can add "A CT-aware server MUST indicate
that it understands the conventions of this document by including a
[@@ct-proxy-aware directive] in responses."

Best regards,
Bryan
-----Original Message-----
From: public-bpwg-ct-request@w3.org
[mailto:public-bpwg-ct-request@w3.org] On Behalf Of Jo Rabin
Sent: Thursday, January 17, 2008 8:27 AM
To: public-bpwg-ct@w3.org
Subject: ACTION-604 ACTION-615 Proposed Treatment of Bryan's
Contribution in Preparation for a New Draft CT


Hi folks

I have done a write through of Bryan's proposed "requirements" to fit in
with the style of the rest of the document and to make it a little more
discursive, as discussed on various calls. Before weaving this into the
current draft in various places I thought I would put it to the group
for comments and to see if there are any major objections. If not I will
create a new draft tomorrow afternoon (Friday) for discussion on the
call Tuesday.

I have tried to cross reference the section numbers from the present
draft to make sure everything is covered. I know I've missed a couple of
references out accidentally and there are a couple of sections I don't
think fit, exactly, and I have noted those below. I've also included
Bryan's original contribution for easy reference.

thanks
Jo

Current Draft:
http://www.w3.org/2005/MWI/BPWG/Group/TaskForces/CT/editors-drafts/Guide
lines/071124

ACTION-604 ACTION-615

Control of Proxy

A proxy may be active or passive. When active, a proxy offers various
[@@] features involving the transformation of content and manipulation
of HTTP headers. When passive a proxy may alter content and headers only
in the respects described in [HTTP] as if a Cache-Control: no-transform
directive were present (with the exception of "Dangerous Content"
below).

[Note: In practice a proxy may be made passive by configuration of the
network such that it is by-passed]

A proxy MUST offer basic control of its features to users, clients and
origin servers and MAY offer more advanced control [2.1.1 MAY-> MUST].
Basic control means transitioning between active and passive roles.  

When active, proxies MUST offer basic control on a per request basis and
MAY allow the registration of persistent user preferences [2.1.1
MUST->MAY].

Behavior When Active

A proxy SHOULD NOT alter HTTP requests unless not doing so would result
in the users request being rejected by the CP [this includes 406 as well
as 200 Your browser is not supported][2.1.4]

A proxy should only alter the format, layout, dimensions [@@how to
better express this] to match the capabilities of the client [2.1.2
"highest Quality"]. For example, when resizing images, they should only
be reduced so that they are suitable for the specific client, and should
not be done on a generic basis.
 
Proxies MUST NOT alter URIs with the https scheme unless specific
consent is granted by both the user and the origin server. [@@How in the
case of the origin server).
 

Interaction with the User (when Active)

If the client is known not to conform to this specification CT Unaware
[@@by ...] the proxy MUST offer a means of interacting with it to
provide at least basic control of its services. Proxies MAY in addition
offer user interaction via CTAware browsers.

Proxies MUST offer, via this interaction, a means of rendering itself
passive for [@@does the following make sense?] the following request
[2.2.2], for the current domain and for all future requests [2.2]. The
proxy MAY offer further features which SHOULD be offered on the same
basis (current domain, all future requests, etc.). Proxies MAY also
offer this interaction to browsers that do conform to this specification
but MUST offer a means of disabling it [@@by interaction as well as via
HTTP? If the latter need further cache control directive]

If content has been transformed proxies MUST indicate this to the user
[2.5.3] and MUST provide a means of retrieving the original content.
Proxies MAY provide a cached copy of the response prior to
transformation in fulfilling this requirement. [@@ should this be
available by some HTTP mechanism too [2.5.4] says yes which requires
further elaboration of current section 4.1]

Note: Further user control of the proxy MAY also be achieved by
administrative means, by providing a specific proxy configuration
facility or by other means.

The proxy MAY annotate hyperlinks with the https scheme noting that it
is unable to offer active service on such a request.

Dangerous Content

[@@note that this must steer clear of recommending a deviation from the
HTTP spec which I don't think is acceptable. However there are parallels
with the operation of e.g. child protection mechanisms]

Proxies MAY offer a feature when passive which MUST be under control of
the user [2.3.1][2.5.1] to block or transform content which it has been
determined would cause serious mis-operation of the client, such as
causing it to crash.

===

2.1.3 detection of CT-awareness
[JR: not sure why is this necessary]

A CT proxy shall be capable of detecting CT-awareness in CP and
browsers.

===


2.4 CT proxy capabilities disclosure to CP [This should be covered in
section 4.2 of the earlier draft ...]

A CT proxy shall disclose its CT capabilities to CT-aware CP without
affecting user agent identification or capabilities disclosure.

===

2.5.2 CT proxy capabilities disclosure to CT-aware browser [This should
covered in section 4.5 of the earlier draft]

A CT proxy shall disclose its CT capabilities to CT-aware browsers
without affecting CP-provided headers.


===

2.7 non-browser user agents

[JR I don't think I understand how the proxy would know this -
especially as non browser user agents would typically masquerade as
browsers so as not to get blocked by proxies]

A CT proxy should be capable of detecting non-browser user agents.

A CT proxy shall be capable of bypassing CT service for detected
non-browser user agents.

=============

Bryan's original text

CT = Content Transformation, CP = Content Provider(s)

An entity that is "CT-aware" is assumed to be specifically designed to
use or provide CT service per these guidelines. A "CT proxy" is assumed
to be CT-aware. A "non-CT proxy" is assumed to be CT-unaware. Browsers
and CP may be CT-aware or CT-unaware.
2.1 general requirements
2.1.1 preferences

A CT proxy may enable a user or user agent to select preferences for CT
service features.

A CT proxy that offers preference selection shall be capable of
retaining the selections.
2.1.2 provision of highest-quality content

When selecting a content representation by default, CT proxies shall
provide the highest-quality representation compatible with the browser.

"Compatible" in this requirement means a representation that the browser
supports, and results in a usable user experience.
2.1.3 detection of CT-awareness

A CT proxy shall be capable of detecting CT-awareness in CP and
browsers.
2.1.4 user agent identification and capabilities disclosure

A CT proxy may enable a user to select preferences for user agent
identification and capabilities disclosure to CP.

A CT proxy shall forward requests to CP without affecting user agent
identification or capabilities disclosure, except as necessary to
provide a user-selected content representation, or as otherwise
specified by user preferences.
2.1.5 original representation availability

A CT proxy shall provide availability of the original representation for
a CP response.

A CT proxy may support local caching of CP responses in their original
representation.
2.2 CT proxy serving CT-unaware CP and browser

A CT proxy shall be capable of providing CT service to CT-unaware CP and
browsers.
2.2.1 CT-unaware browser user selection of content representation

A CT proxy may enable a CT-unaware browser user to select a preference
for a content representation from among those available through the
proxy.

A CT proxy that offers user-selection of content representations should
be capable of user selection of such preferences for specific domains
and globally for all domains.

A CT proxy that offers user-selection of content representations should
be capable of offering the user the ability to switch representations
when viewing a page.
2.2.2 CT-unaware browser user selection of original content
representation

A CT proxy should support the ability of a CT-unaware browser user to
select the original representation for a CP response.
2.2.3 CT-unaware browser user selection of alternate content
representation

A CT proxy shall support the disclosure of available alternate
representations for a CP response to a CT-unaware browser user.

A CT proxy shall support the ability of a CT-unaware browser user to
select an alternate representation for a CP response.
2.3 CT proxy serving CT-aware CP and CT-unaware browser
2.3.1 CP directives

A CT proxy shall recognize and honor CP directives for supported CT
services.

As an exception to the previous requirement, a CT proxy should deny CP
directives that would result in dangerous markup being sent to the
browser.

A CT proxy may enable a user to select preferences for error handing
related to CP directives.
2.4 CT proxy capabilities disclosure to CP

A CT proxy shall disclose its CT capabilities to CT-aware CP without
affecting user agent identification or capabilities disclosure.
2.5 CT proxy serving CT-aware CP and CT-aware browser
2.5.1 browser directives

A CT proxy shall recognize and honor browser directives for supported CT
services.

As an exception to the previous requirement, a CT proxy should deny
browser directives that would result in dangerous markup being sent to
the browser.
2.5.2 CT proxy capabilities disclosure to CT-aware browser

A CT proxy shall disclose its CT capabilities to CT-aware browsers
without affecting CP-provided headers.
2.5.3 CT actions disclosure to CT-aware browser

A CT proxy shall disclose CT actions taken on CP responses to CT-aware
browsers.
2.5.4 CT-aware browser selection of original content representation

A CT proxy shall support the disclosure of the original representation
for a CP response to a CT-aware browser.

A CT proxy shall support the ability of a CT-aware browser to select the
original representation for a CP response.
2.5.5 CT-aware browser selection of alternate content representation

A CT proxy shall support the disclosure of available alternate
representations for a CP response to a CT-aware browser.

A CT proxy shall support the ability of a CT-aware browser to select an
alternate representation for a CP response.
2.6 security considerations

A CT proxy shall not rewrite secure links as a way to enable CT service
for those links, without the consent of the CP and user.

A CT proxy that does not support or is not allowed to provide CT service
for secure links should disclose to the user that the CT service will be
unavailable for those links.
2.7 non-browser user agents

A CT proxy should be capable of detecting non-browser user agents.

A CT proxy shall be capable of bypassing CT service for detected
non-browser user agents.
Received on Tuesday, 22 January 2008 19:06:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 22 January 2008 19:06:54 GMT