Re: Activity Identifiers - Draft Submission from Scott Perham on 2019-05-23 (ietf-http-wg@w3.org from April to June 2019)

From: Scott Perham <scott@polystream.com>
Date: Thu, 23 May 2019 17:46:14 +0100
To: Scott Morgan <scott@adligo.com>
Cc: Patrick McManus <mcmanus@ducksong.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <0C934A46-EBCB-4A46-8A71-327BAE3A063E@polystream.com>
Hi Scott,

An “Activity Id”, “Correlation Token”, “Request Id”, etc (I’ve seen the custom header called many things over the years and I will be updating the draft to include specific examples) absolutely _could_ be implemented using cookies, in a similar way that it tends to be implemented using custom headers. However, firstly, my understanding of cookies is that they are meant as a mechanism for storing/maintaining state _across_ stateless requests whereas this use case is more about storing metadata pertaining to the specific request/response pair and secondly this would still require the cookie key to be well-known to the client and all services in the request chain.

I do realise (and it has been pointed out) that my draft lacks some detail, references and examples, which I will rectify 😊 

The primary purpose is to propose a standardised mechanism for API implementers to use as a request flows through potentially a number of services (which often include third-parties that also ask for some form of activity identifier). The value of this header is very typically used in the implementation of idempotent behaviour, request level root cause analysis and activity tracking through services. This _could_ be defined as a well-known cookie, but as this is something that I’ve seen in so many services over the years (almost always implemented as a custom header with an arbitrary name) it feels like it deserves its own, standardised header.

I am, of course, happy to be corrected on any of the above. As I said before, I’m new to this and although I’ve read, referenced and implemented many RFCs over the years, everyone in this WG has _much_ more experience defining and discussing these things than me!

Thanks,
Scott

> On 23 May 2019, at 17:03, Scott Morgan <scott@adligo.com> wrote:
> 
> Hi Scott,
> 
>    It seems to me that an Activity Identifiers is simply another way to track a HTTP Session like a cookie.  What are you trying to accomplish that can't be accomplished with cookies?
> 
>> On Thu, May 23, 2019 at 10:08 AM Patrick McManus <mcmanus@ducksong.com> wrote:
>> Hi Scott.
>> 
>> > I'm unsure of the processes involved in highlighting this to the appropriate people and beginning a discussion, s
>> 
>> welcome. Rest assured that this mailing list is the right forum to see if there is broad interest in your idea. (Its my co-chair job to tell you if you're off topic - you're just fine. thanks for engaging.)
>> 
>> you might look at how it intersects at all with other ongoing efforts https://github.com/httpwg/http-extensions 
>> 
>> protips: as an IETF convention you might name future updates draft-perham-httpbis-activity-identifiers.. as some IETF tooling will flag an individual draft with httpbis in its name as of potential interest to the wg - but that's just a convention and not used by everyone. and lastly, providing some substantive discussion in email rather than just a pointer to the draft is more likely imo to get noticed. again, ymmv.
>> 
>> -Patrick
>> 
>> 
>> 
>> 
>>> On Thu, May 23, 2019 at 6:43 AM Scott Perham <scott@polystream.com> wrote:
>>> Hello everyone,
>>> 
>>>  
>>> 
>>> I’m new to this WG (and all things IETF) so please excuse my naivety!
>>> 
>>>  
>>> 
>>> I have submitted a draft for something that seems to have been an omission in HTTP (at least in my experience) and something that is re-invented over and over again with, generally, no thoughts around standardization.
>>> 
>>>  
>>> 
>>> I’m unsure of the processes involved in highlighting this to the appropriate people and beginning a discussion, so any guidance is much appreciated. It took a good couple of years to muster up the courage to actually tell anyone that I submitted a draft (hence the second revision) but after being part of this mailing list for a little while, everyone seems friendly enough :D
>>> 
>>>  
>>> 
>>> The draft is located here: https://datatracker.ietf.org/doc/draft-activity-identifiers/
>>> 
>>>  
>>> 
>>> Go easy on me :P
>>> 
>>>  
>>> 
>>> Thanks,
>>> 
>>> Scott
>>> 
>>> Scott Perham, Platform Architect
>>> Tel: +44 (0) 7545 826507
>>> Email: scott@polystream.com  
>>> Website: www.polystream.com
>>> 
>>>  
>>> 
> 
> 
> -- 
> Regards,
> Scott Morgan
> President & CEO
> Adligo Inc
> http://www.adligo.com
> https://www.linkedin.com/in/scott-morgan-21739415
> A+ Better Business Bureau Rating
> 
> By Appointment Only: 
> 1-866-968-1893 Ex 101
> scott@adligo.com
> skype:adligo1?call
> Send Me Files Securely: 
> https://www.sendthisfile.com/f.jsp?id=ewOnyeFQM18IDRf7MMIdolfI
> 
> 
>
Received on Thursday, 23 May 2019 16:46:41 UTC