RE: I-D Action: draft-ietf-httpbis-h2-websockets-03.txt

Hmm, quite right. So let me backtrack a bit...

I think the principle of greasing, as opposed to the specific TLS mechanism, could be justified to avoid HTTP/2 and HTTP/QUIC extension mechanism problems.

So this is not just settings but extension frames too. The tricky part is that they are not "negotiated", and work bidirectionally. So a slightly different approach than TLS is probably required. 

Tangentially, Alt-Svc parameters may suffer from extensibility problems too.

From: Martin Thomson []
Sent: 03 May 2018 00:56
To: Lucas Pardue
Cc: Biren Roy; Patrick McManus; HTTP Working Group
Subject: Re: I-D Action: draft-ietf-httpbis-h2-websockets-03.txt

Grease was definitely aimed a faulty servers as well.  There were a couple
of implementations of TLS that choked on new signature algorithms and -
from memory - named groups.  These were the direct motivation for the
grease design.

Sad news about okhttp.
On Thu, May 3, 2018 at 9:13 AM Lucas Pardue <> wrote:

> IMO GREASE was targeted a middleboxes that made assumptions about the way
some bit spaces were used. As an endpoint operator it is difficult to
influence such boxes.

> Incorrectly handling H2 settings is unfortunate but solely in the realm
of endpoints. It's non-compliance and should be fixed.

> A similar class of problems were found with (I think) some python
implementations around the handling of 1xx status codes. The approach was
to fix them.

> Regards
> Lucas
> ________________________________________
> From: Biren Roy []
> Sent: 02 May 2018 23:26
> To: Patrick McManus
> Cc: HTTP Working Group
> Subject: Re: I-D Action: draft-ietf-httpbis-h2-websockets-03.txt

> Not related to the latest draft text, but regarding Websockets over
HTTP/2 generally: we recently discovered that versions of the okhttp client
library before 3.1.0 would send a GOAWAY upon receiving an unknown setting
ID. This is causing us some difficulty as we attempt to perform
interoperation tests with our implementation.

> I've heard a few people suggest that we try something like GREASE<> for HTTP/2 settings,
to expose this type of bug sooner.

> On Wed, May 2, 2018 at 5:24 PM Patrick McManus <
<>> wrote:
> Hey All -

> First, sorry for the churn of publishing -03 and -02 back to back.. I had
fixed a typo as my last change but failed to add it to the repo (left it on
a local branch) before pushing -02.. as I hope this is the LC copy, I
wanted to get it in there. At least we don't have an ID numbering tax

> Anyhow - -03 reflects the resolution of WGLC discussion as best as I can

> -P

> On Wed, May 2, 2018 at 5:05 PM, <<mailto:>> wrote:

> A New Internet-Draft is available from the on-line Internet-Drafts
> This draft is a work item of the Hypertext Transfer Protocol WG of the

>          Title           : Bootstrapping WebSockets with HTTP/2
>          Author          : Patrick McManus
>          Filename        : draft-ietf-httpbis-h2-websockets-03.txt
>          Pages           : 7
>          Date            : 2018-05-02

> Abstract:
>     This document defines a mechanism for running the WebSocket Protocol
>     over a single stream of an HTTP/2 connection.

> The IETF datatracker status page for this draft is:

> There are also htmlized versions available at:

> A diff from the previous version is available at:

> Please note that it may take a couple of minutes from the time of
> until the htmlized version and diff are available at<>.

> Internet-Drafts are also available by anonymous FTP at:

Received on Thursday, 3 May 2018 08:39:54 UTC