Re: HTTP router point-of-view concerns from Roberto Peon on 2013-07-11 (ietf-http-wg@w3.org from July to September 2013)

From: Roberto Peon <grmocg@gmail.com>
Date: Thu, 11 Jul 2013 13:34:46 -0700
To: James M Snell <jasnell@gmail.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAP+FsNdt+wm_LsWXh_O3s2xFTTGahqdwb83xCNQ=A68bfvyF3A@mail.gmail.com>

yup!
-=R


On Thu, Jul 11, 2013 at 1:29 PM, James M Snell <jasnell@gmail.com> wrote:

> Yes, and I'm saying that, the way the mechanism is currently defined,
> as soon as you set the size to zero, those "free" items are removed
> from the table and you no longer get them for "free"... so there is a
> certain amount of state that *is* allocated per connection (even if
> it's relatively minor).
>
> Ultimately, the question of whether header compression can be used as
> an attack vector will rest entirely on implementation and
> experimentation.
>
> On Thu, Jul 11, 2013 at 1:07 PM, Roberto Peon <grmocg@gmail.com> wrote:
> > I'm calling that the static table. Those are the elements you get for
> "free"
> > (as in the memory is allocated once in the process, as opposed to for
> every
> > connection).
> >
> > -=R
> >
> >
> > On Thu, Jul 11, 2013 at 1:02 PM, James M Snell <jasnell@gmail.com>
> wrote:
> >>
> >> On Thu, Jul 11, 2013 at 12:35 PM, Roberto Peon <grmocg@gmail.com>
> wrote:
> >> >[snip]
> >> >
> >> > The DoS vector you're talking about is not a DoS vector if the
> >> > intermediary
> >> > resets all streams before the change-of-state-size comes into effect.
> >> > When the state size is 0, one should be able to use some kinds of
> >> > 'indexed'
> >> > representations, so long as those representations refer only to items
> in
> >> > the
> >> > static tables. Why do you believe that this would use more or less
> CPU?
> >> > (It
> >> > should use less CPU and less memory...)
> >> > [snip]
> >>
> >> Well, as far as I can tell, according to the current header
> >> compression draft, there is no "static table". The header table is
> >> pre-populated, yes, but those items would fall out of the header table
> >> via eviction as the table fills. There is nothing in the current
> >> header compression draft that says those items are permanent.... Given
> >> that, and given that we've already established that reducing the
> >> header table size forces eviction, setting the size to zero would
> >> cause all of the pre-populated items to be evicted.
> >>
> >> - James
> >
> >
>

Received on Thursday, 11 July 2013 20:35:13 UTC