Re: Encouraging a healthy HTTP/2 ecosystem

In message <CAA4WUYjHU__T9TT868mory=szszgXH3SCbod+F7=qEN--D8zbg@mail.gmail.com>, =?UTF-8?B?V2lsbGlhbSBDaGF
uICjpmYjmmbrmmIwp?= writes:

>Hm, I don't follow. I'm not sure if we disagree in our logical conclusions,
>or that we're starting from different premises and have different
>fundamental assumptions. Let me try the latter. I assume that the inability
>to reliably deploy new TCP options (due to middlebox interference) is a bad
>thing. Do you disagree with this?

A bad analogy is like a wet screwdriver:  TCP options are not
information carrying (unless you're truly evil that is...)

The reason many of the MITM proxies are there, is to filter out
or prevent information not in compliance with a particular policy.

Do you think that policy normally is going to have "allow through
anything I don't understand" clause ?

Have you not noticed how many "guest" WLANs only allow traffic on
port 80 and 443, but not, for instance on port 22 ?

What makes you think HTTP/2 is going to escape that mindset ?

If your attempt to force negotiation of random extensions through
blackmail methods succeeds, it would amount to a "Get out of jail
cards" for any HTTP content filter that bows to your mob rule.

Do you seriously think the library, school, jail or country (UK:
I'm looking at you!) would instantly see the errors of their ways
and remove their illadvised filters ?

I think they'll just ban HTTP/2 from their network until they can
filter it, and that filter is going to nix anything not on its
white-list, no matter what you would like.

There are never any easy techical fixes for hard political problems.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Tuesday, 1 July 2014 23:07:30 UTC