Re: The "trusted" / "explicit" proxy discussion

Eliot,

On 25 Feb 2014, at 6:09 pm, Eliot Lear <lear@cisco.com> wrote:

> Mark,
> 
> Yes, let's clarify a few things.
> 
> If what you are asking for is for people to read up before they post,
> well that would be great, but there's a lot of reading.  If what you are
> asking for is for people to refrain from discussion on developing
> Salvatore's draft, I would take issue with this,

I’m asking for people to have some perspective when discussing this issue, in that we haven’t decided to do *anything* here yet, so picking apart the minutia of a particular proposal is premature, given that we don’t yet have agreement as to what the requirements, goals and constraints are. I’m also asking people to consider the impact that such discussions will have on the work we’re supposed to be doing here.

On the topic of making the discussion more efficient —  someone would do the WG a great service to survey the space and explain the tradeoffs. I attempted to start this in <http://tools.ietf.org/html/draft-nottingham-http-proxy-problem>, but it’s fallen behind the discussion. If someone wants to update it, please get in touch, I’d love the help.


> because it is directly
> relevant to both HTTP2 and the proxy model in general that needs to
> evolve if HTTP2 is to be used atop TLS (e.g, with the http: URI).

That is your assertion. As things stand, extra work on proxies is decoupled from the specifics of HTTP/2, and I’ve seen others assert that doing so is a feature, since such changes aren’t specific to the new protocol.


> I will also add that you yourself have revisited issues, and that this
> should be allowed as and when an issue ripens.

It should be considered when consensus shifts; issues are not fruit. 


> We specifically said in
> Zürich that we needed to talk about this very thing because proposals
> were not yet well developed, especially as regards to user interface.

That doesn’t mean that we can or should allow that development process to interfere with our chartered goals. I am not saying that *any* discussion of proxies would do so; I am expressing concern that unguided back-and-forth over the same topics will, especially given the external attention that this issue has recently gained.

Regards,


> 
> Eliot
> 
> 
> 
> On 2/25/14, 3:46 AM, Mark Nottingham wrote:
>> Salvatore's draft <http://tools.ietf.org/html/draft-loreto-httpbis-trusted-proxy20> has had a lot of attention recently, and has spawned some good discussion, as well as brought a few more people to the group (welcome!).
>> 
>> First, to clarify a few things that should be apparent to folks who have been here for a while, but perhaps not to all:
>> 
>> 1) While we appreciate the effort Salvatore and his co-authors have put into it, this draft is NOT a Working Group product, draft, or standard; it's a proposal to the group. This is how the IETF works; we allow anyone to propose things as drafts, and then we discuss their merits.
>> 
>> 2) We've been talking about proxies for some time now, and so I'd encourage those new to the conversation to read existing drafts (look for "proxy" at the bottom of <http://tools.ietf.org/wg/httpbis/>) as well as discussion on this list over the last few months. Doing so will save new folks a lot of time, and save those who have been here longer the need to re-hash old discussions.
>> 
>> 3) We discussed the need for "explicit" proxies in HTTP/2 at the Zurich meeting <https://github.com/http2/http2-spec/issues/316>, and decided that it wasn't in-scope for that effort; while the WG *might* do something there (see next point), we're not going to put them into the HTTP/2 spec.
>> 
>> 4) We could potentially start work on new kinds of proxies or modifications/extensions to how HTTP proxies work in general (because our charter allows us to identify and embark on HTTP-related work when the Chair (me) and the Area Director (Barry) agree to do so; see <http://datatracker.ietf.org/wg/httpbis/charter/>), but that hasn't happened yet.
>> 
>> 5) Before (and if) we do that, there needs to be agreement about what the goals of such an effort would be, since it is an obviously contentious area to work within. That discussion won't be about a particular proposal, but instead about what requirements a proposal must meet, and what constraints it has to operate within. 
>> 
>> So, at this point, we have some people in the WG who are interested in refining and extending what a proxy is in HTTP, but it is not a formal work item for the group. While discussing this is on-topic for the Working Group mailing list, we can't allow this kind of exploration to distract us from our chartered work -- defining HTTP/2 well and on schedule.
>> 
>> To that end, I'm asking people to refrain from getting into back-and-forth discussions about these proposals on-list; if you have questions or concerns, please make sure that they haven't already been covered before, and consider communicating directly with the draft authors, rather than on-list. That's not to say that discussion of proxies is prohibited; I'm just concerned about the flood of messages, and am asking for people to think before hitting 'send', because we're entering a critical period of the work on HTTP/2.
>> 
>> I'll also observe that clarity on requirements, goals and constraints would help move the discussion forward a lot more than proposing specific mechanisms without that context would.
>> 
>> Thanks,
>> 
>> 
>> --
>> Mark Nottingham   http://www.mnot.net/
>> 
>> 
>> 
>> 
>> 
>> 
> 

--
Mark Nottingham   http://www.mnot.net/

Received on Tuesday, 25 February 2014 08:12:07 UTC