Re: Fwd: New Version Notification for draft-kazuho-httpbis-incremental-http-00.txt

Hi Kazuho,

Interesting proposal, especially given some of the sharp edges. 

Specifically, the configuration of non-buffered message content and how proxies might operate, so let me respond to that bit in-line. 

Otherwise, I think the is a topic worth discussing in this venue.

On Tue, Oct 15, 2024, at 14:35, Kazuho Oku wrote:
> Hello folks,
> 
> Tommy Pauly, Martin Thomson, and I have submitted a new I-D, titled “Incremental HTTP Messages.”
> 
> The draft can be found at the following locations, but please let me introduce the draft.
> * https://datatracker.ietf.org/doc/draft-kazuho-httpbis-incremental-http/
> * https://kazuho.github.io/draft-kazuho-httpbis-incremental-http/draft-kazuho-httpbis-incremental-http.html
> 
> 
> This draft defines the “Incremental” HTTP header field, which allows senders of HTTP messages to request that intermediaries forward portions of the HTTP message body as they arrive, instead of buffering the entire message before forwarding.
> 
> The goal is to reduce friction between endpoints running applications that want incremental delivery and intermediaries that tend to buffer messages.
> 
> As you may know, several HTTP applications expect incremental delivery, including those mentioned in the draft (Server-Sent Events and Chunked OHTTP). These applications often don’t work as intended when intermediaries are involved, as intermediaries frequently buffer entire requests or responses before forwarding them downstream.
> 
> It’s worth noting that intermediaries may have good reasons for this behavior. For example, reverse proxies tend to buffer entire requests [1] to reduce request concurrency on application servers behind them (as a defense against the Slowloris attack).
> 
> Currently, the only way to address this issue is by manually configuring intermediaries to forward HTTP message bodies incrementally - this must be done per intermediary instance, per origin, or even per URI.
It's implicit in what you've said here but a intermediary platform (e.g. a CDN) likely has other config and DoS stuff going on that a single operator reverse proxy might not.

> 
> This approach is tedious, unreliable, and doesn’t scale.
> 
> Hence, our proposal.
> 
> Endpoints sending HTTP messages can include the Incremental header field to indicate that they want incremental delivery. Intermediaries can check for this header and, if present, either forward the message incrementally or reject it.

I looked for text on this topic in the I-D and couldn't find it. I'm a little concerned that this where the design could unravel.

Specifically two scenarios immediately come to mind

1) A client request includes Incremental. Proxy understands but wants to buffer for whatever reason. The operation is _improved_ by not buffering but can succeed without it. If a server *has* to reject this request, that's potential worse than today. 

2) An origin response includes the Incremental header, Proxy understands but wants to buffer. Does it have to 5xx? This might be objectively worse than today especially if the origin already kicked off an expensive task.

For these reasons, as much as i hate tk suggest complexity, I wonder if your proposal might not benefit from some additional indicators of 

a) how critical it is that Incremental be acted on - endpoints can suggest how they'd like a proxy to react 

b) whether the proxy supports Incremental for the specific resource. This presumes the proxy has made a decision already about what policy to apply. Then the origin could decide if it wants to bomb out serving or not.

Cheers
Lucas

> 
> Because the Incremental header field acts as a signal on a per-HTTP message basis, intermediaries can still buffer ordinary HTTP messages to minimize downstream concurrency, while forwarding messages incrementally when requested.
> 
> This way, we can eliminate the need for configuring intermediaries for each deployment.
> 
> In short, the introduction of the Incremental HTTP header field eliminates the need of configuring intermediaries to support incremental delivery, achieves better interoperability, and improves security.
> 
> We’d love to hear your thoughts. Thank you in advance.
> 
> PS. The observations and opinions expressed in this email are my own and haven’t been reviewed by my coauthors.
> 
> [1] Nginx by default buffers the entire request; see http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_request_buffering
> 
> ---------- Forwarded message ---------
> From: <internet-drafts@ietf.org>
> Date: 2024年10月15日(火) 21:32
> Subject: New Version Notification for draft-kazuho-httpbis-incremental-http-00.txt
> To: 奥 一穂 <kazuhooku@gmail.com>, Martin Thomson <mt@lowentropy.net>, Tommy Pauly <tpauly@apple.com>
> 
> 
> A new version of Internet-Draft draft-kazuho-httpbis-incremental-http-00.txt
> has been successfully submitted by Kazuho Oku and posted to the
> IETF repository.
> 
> Name:     draft-kazuho-httpbis-incremental-http
> Revision: 00
> Title:    Incremental HTTP Messages
> Date:     2024-10-15
> Group:    Individual Submission
> Pages:    6
> URL:      https://www.ietf.org/archive/id/draft-kazuho-httpbis-incremental-http-00.txt
> Status:   https://datatracker.ietf.org/doc/draft-kazuho-httpbis-incremental-http/
> HTML:     https://www.ietf.org/archive/id/draft-kazuho-httpbis-incremental-http-00.html
> HTMLized: https://datatracker.ietf.org/doc/html/draft-kazuho-httpbis-incremental-http
> 
> 
> Abstract:
> 
>    This document specifies the "Incremental" HTTP header field, which
>    instructs HTTP intermediaries to forward the HTTP message
>    incrementally.
> 
> Discussion Venues
> 
>    This note is to be removed before publishing as an RFC.
> 
>    Discussion of this document takes place on the HTTP Working Group
>    mailing list (ietf-http-wg@w3.org), which is archived at
>    https://lists.w3.org/Archives/Public/ietf-http-wg/.
> 
>    Source for this draft and an issue tracker can be found at
>    https://github.com/kazuho/draft-kazuho-httpbis-incremental-http.
> 
> 
> 
> The IETF Secretariat
> 
> 
> 
> 
> --
> Kazuho Oku