- From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
- Date: Tue, 7 Oct 2014 10:01:40 +0000
- To: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
- CC: Mike Bishop <Michael.Bishop@microsoft.com>
>From the prior knowledge failure perspective my only comments are editorial in nature. Explicitly stating the possibility of using GOAWAY(HTTP_1.1_REQUIRED) in section 3.4, may be helpful. Paragraph 3 begins the discussion on prior knowledge failure, so adding a sentence such as below would achieve my suggestion. "In the event of prior knowledge connection failure, a server might use a connection error of type HTTP_1.1_REQUIRED to request the client fallback to HTTP/1.1." -----Original Message----- From: Mark Nottingham [mailto:mnot@mnot.net] Sent: 07 October 2014 07:30 To: HTTP Working Group Cc: Mike Bishop Subject: #496: Feedback on Fallback There hasn't been much feedback on this. Any more comments on Mike's proposal (specifically, <https://github.com/MikeBishop/http2-spec/commit/cebb0385f188ddcaf75ec3a7811b836c770e7fdb>)? Regards, On 23 Sep 2014, at 5:24 am, Mike Bishop <Michael.Bishop@microsoft.com> wrote: > Just to recap this suggestion, we're not suggesting that any class of traffic should be bulk-relegated to HTTP/1.1 - we're suggesting the addition of a widely-recognized error code to smooth transitions. Burning a round-trip isn't ideal, but it's a mitigation strategy for limitations on either the client or the server. In particular, a later thread (http://lists.w3.org/Archives/Public/ietf-http-wg/2014JulSep/1894.html) raised the use of such an error code in a GOAWAY as a good hard-coded response to a client that attempts to connect with prior knowledge and gets it wrong. A server that's aware of HTTP/2 but doesn't support it can generate an appropriate GOAWAY and close the connection. > > I submitted a pull request adding the error code at https://github.com/http2/http2-spec/pull/599 -- are there any comments on this change or is this editor-ready? > > From: Mike Bishop > Sent: Thursday, August 14, 2014 3:56 PM > To: HTTP Working Group > Subject: Feedback on Fallback > > Going into WGLC, we committed to implementations and taking changes based solely on implementation experience and real-world data. Based on our experience so far, Microsoft's first piece of WGLC feedback is to replace Mark's Over-Version draft with an error code in the spec. Our reasoning follows. > > As we continue to work on HTTP/2, one item that has come up repeatedly is the need to force clients back to HTTP/1.1 for various reasons. We've all pushed hard against bulk-relegating any class of HTTP usage into the "They should just use 1.1" bucket, but it's becoming clear that there will occasionally be situations where a server needs a client to fall back. > > Some apps we support depend on the ability to emit raw HTTP protocol text. Others require client certs as a matter of local law and we don't have a way to retrieve the client cert without renegotiation. Others are strictly situational, features that require adaptation work we haven't gotten to yet. > > These assorted situations motivated the Over-Version draft which Mark published after the NYC Interim. 505 was already defined as meaning the server was unable/unwilling to use the current HTTP version to serve the request the client made; Mark's draft added semantics to inform a client what version would be acceptable, if any, so that an intelligent client could transparently retry over the correct HTTP version (be it 1.1 or 3.5). > > We've found a couple limitations with this approach: > * As Jeff pointed out in NYC, returning a 5XX looks bad in server logs. This isn't actually a server "failure" per se, we just used it because the status code already exists in the 5XX range. Not a technical issue, but definitely an operational one. (Jeff noted in NYC that there are other 5XX status codes that Twitter non-standardly recasts in other ranges for this reason. New 4XX and 3XX codes were proposed as part of this discussion, demonstrating that the concept doesn't bucket well as a status code.) > * Once the HEADERS frame with :status is sent, we're locked in to that response. You can't subsequently change the :status to 505. Some of these situations can occur when the response is partially-generated, which leaves us stuck unless we buffer all responses until they're complete (unacceptable for perf). > * Because Over-Version is optional, clients are not guaranteed to support it. An unsupporting client will just retry the same request over HTTP/2 again and never be able to obtain an actual response from the server. Including a response body with the 505 telling clients to turn off HTTP/2 in their browser is definitely not a direction we want to go in these situations, and I don't expect clients to have a "turn off HTTP/2 for this request only" button. > > On the other hand, a new error code doesn't suffer from these issues. A RST_STREAM can be sent at any point and doesn't necessarily confuse existing heuristics. A GOAWAY with the same error code provides a clean way for the server to transition a client to HTTP/1.1 entirely, if necessary. If it's in the base spec, we can be assured that any client will be able to understand it and respond appropriately. > > Thus, we think an "HTTP/1.1 Required" error code will be a better option than proceeding with the Over-Version draft. -- Mark Nottingham https://www.mnot.net/
Received on Tuesday, 7 October 2014 10:02:17 UTC