Re: Comments on draft-ietf-httpbis-replay-01.txt

On 11/20/2017 11:44 PM, Martin Thomson wrote:
> Proposed changes are here:  https://github.com/httpwg/http-extensions/pull/423

I left a couple of minor notes there.

>
>> S 5.2.
>>    Clients (user-agents and intermediaries) that sent the request in
>>    early data MUST automatically retry the request when receiving a 425
>>    (Too Early) response status code.  Such retries MUST NOT be sent in
>>    early data.
>>
>>    Intermediaries that receive a 425 (Too Early) status code MAY
>>    automatically retry requests after allowing the handshake to complete
>>    unless the original request contained the "Early-Data" header field
>>    when it was received.  Otherwise, an intermediary MUST forward the
>>    425 (Too Early) status code.
>>
>> I am having trouble reading this text. It seems to me that the first
>> graf says that intermediaries MUST retry when I receive 425, and then
>> the second graf says that it MUST instead forward 425 if the
>> Early-Data header was not in the request.
> At Willy's prompting, I removed the parenthetical on the first
> paragraph, but then realized that our recent changes to how this works
> make that first bit quite misleading.  I've changed it to concentrate
> on User Agents instead of clients.  That only helps a little though.
>
> I think that I have something that makes the intermediary text much
> clearer.  That is, concentrate first on forwarding 425.  This is
> always possible because we have taken steps to ensure that early data
> is opt in along the whole intermediary chain.  Then, add a note about
> when it is possible to hold and retry requests at an intermediary, but
> that is the exceptional case.
>
> ~~~
> User agents that send a request in early data MUST automatically retry the
> request when receiving a 425 (Too Early) response status code. Such retries MUST
> NOT be sent in early data.
>
> In all cases, an intermediary can forward a 425 (Too Early) status code.
> Intermediaries MUST forward a 425 (Too Early) status code if the request that it
> received and forwarded contained an `Early-Data` header field. An intermediary
> that receives a request in early data MAY automatically retry that request in
> response to a 425 (Too Early) status code, but it MUST wait for the TLS
> handshake to complete on the connection where it received the request.
> ~~~
>

I think this captures the intended semantics.

-Ben

Received on Tuesday, 21 November 2017 21:52:17 UTC