Re: [IANA #801638] Last Call: <draft-ietf-httpbis-http2-16.txt> (Hypertext Transfer Protocol version 2) to Proposed Standard

On Jan 14, 2015, at 12:48 AM, Amos Jeffries wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 14/01/2015 12:37 p.m., Roy T. Fielding wrote:
>> It should be registered as safe and idempotent (YES to both).
>> 
>> ....Roy
>> 
> 
> Disagree.
> 
> Idempotent requires being repeatable. The client is permitted by
> HTTP/2 to pipeline many requests immediately which may affect the
> server state with HTTP/2 non-idempotent messages before the initial
> SETTINGS arrives from server. PRI is only retriable if the server
> response is an HTTP/1.x format error message indicating an h2 server
> never got the HTTP/2 payload.

The other requests are not part of the PRI method, which is just
being used to snowplow the connection.  The same snowplowing is
done every time the client opens a new connection to the server.
Hence, the request is repeated and has the same effect every time.

> Safe requires no effect on the server, and implies cacheability.

Neither of those assumptions is true, and in any case the PRI
method being defined does nothing and contains nothing.  Whatever
else that is sent on the connection after the initial PRI message
is irrelevant to the semantics of the PRI message, which is to do
nothing but cause an abort (hopefully with 405) from non-compliant
recipients.

....Roy

Received on Wednesday, 14 January 2015 19:40:33 UTC