W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Indicating Chosen Service #443

From: Erik Nygren <erik@nygren.org>
Date: Fri, 25 Apr 2014 15:00:32 -0400
Message-ID: <CAKC-DJh+A2PEWaMLdEtMOf8GQMaE_rY8rWWVY05=xAgK=E2mBA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Consequences of not getting the indicator:
1) We'd likely return another ALTSVC response immediately under some/many
circumstances
2) Some parts of load reporting and load balancing become harder



On Fri, Apr 25, 2014 at 2:40 PM, Martin Thomson <martin.thomson@gmail.com>wrote:

> On 25 April 2014 11:08, Erik Nygren <erik@nygren.org> wrote:
> > Given that the ALTSVC name isn't associated with the cert name, the
> > highentropylabel could exist across multiple labels.  There are also
> > legitimate uses for wanting to know the first domain component (eg, if
> it is
> > routing information or the name of the server cluster the user was sent
> to).
>
> Yes, I thought of that, but there are practical limits to what can be
> done for labels that can't be covered by a wildcard.  It's certainly
> imperfect.
>
> Perhaps the best thing to do is provide security (privacy)
> considerations on the matter.  I think that we can safely scrub the
> expiration time.
>
> I think that ideally, I'd like to make the indicator optional.  What
> are the consequences for you if some clients follow ALTSVC but don't
> provide an indicator?
>
Received on Friday, 25 April 2014 19:00:59 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:30 UTC