- From: Greg Wilkins <gregw@intalio.com>
- Date: Fri, 4 Jul 2014 11:41:16 +1000
- To: Nicholas Hurley <hurley@todesschaf.org>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAH_y2NHQ6EfWt3ooaF_ovjOoH6ghLFCoMp00ixvaMuvJQSBsFw@mail.gmail.com>
On 4 July 2014 03:54, Nicholas Hurley <hurley@todesschaf.org> wrote: > I'm not convinced this is the case, though. If you have some bad (or at > least selfish) actor that is already shoving data into headers to avoid > flow control, then I would imagine this situation would make them want to > shove even MORE data into headers, since it's still not flow-controlled, > but harms their data. What's the "best" way around that for one of those > actors? Put it ALL in headers. Perhaps I'm just more pessimistic than you > are, though :) I've thought about these type of malevolent actors also. I think that there is nothing in the current draft that prevents them from acting in this way in any case. If they want to write custom clients to write IPoverHTTPv2Headers, they can and probably will. But my thought bubble is aimed more at naive actors, who are using normal clients, but who's cookies are getting large or are including big kerberos keys etc. etc. Just because their headers creep up to 32KB say, should not mean that they get 50% more fair share than a stream that has no headers. cheers -- Greg Wilkins <gregw@intalio.com> http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales http://www.webtide.com advice and support for jetty and cometd.
Received on Friday, 4 July 2014 01:41:44 UTC