Re: [Resource Timing] Why does connectEnd exclude the SSL Handshake? from Nic Jansma on 2013-04-10 (public-web-perf@w3.org from April 2013)

From: Nic Jansma <nic@nicj.net>
Date: Wed, 10 Apr 2013 11:05:35 -0400
To: "Austin,Daniel" <daaustin@paypal-inc.com>
CC: James Simonsen <simonjam@google.com>, Andy Davies <dajdavies@gmail.com>, "public-web-perf@w3.org" <public-web-perf@w3.org>
Message-ID: <51657FBF.1000107@nicj.net>

NavigationTiming and ResourceTiming differ in how connectEnd is defined:

NavigationTiming (http://www.w3c-test.org/webperf/specs/NavigationTiming/):

    connectEnd
    <https://dvcs.w3.org/hg/webperf/raw-file/tip/specs/NavigationTiming/Overview.html#dom-performancetiming-connectend>
    *must include *the time interval to establish the transport
    connection as well as other time interval such as SSL handshake and
    SOCKS authentication.

ResourceTiming (http://www.w3c-test.org/webperf/specs/ResourceTiming/):

    connectEnd
    <http://www.w3.org/TR/resource-timing/#dom-performanceresourcetiming-connectend>
    must include the time interval to establish the transport
    connection. *It must not include other *time interval such as SSL
    handshake and SOCKS authentication.

IMO the NT spec has the better definition, as 
secureConnectionEnd==connectEnd in this case (which is why 
secureConnectionEnd was omitted from both of the specs).  Also, the 
'TCP' phase in the images in both NT and RT specs shows connectEnd 
including SSL/SOCKS.


- Nic
http://nicj.net/
@NicJ

On 4/10/2013 10:45 AM, Austin,Daniel wrote:
> There is no such animal as 'SecureConnectionEnd', in either nav or res 
> timing. It's a significant flaw in the model. Also missing are details 
> about the underlying OCSP calls. This significantly reduces the 
> utility of the spec, IMHO.
>
> R,
> D-
>
> Sent from my iPhone
>
> On Apr 10, 2013, at 3:56 AM, "James Simonsen" <simonjam@google.com 
> <mailto:simonjam@google.com>> wrote:
>
>> I can only guess it's because that's covered by sslConnectStart/End. 
>> But in the case of browsers that don't provide that, it seems like 
>> they should fall back to including it connectStart/End. Anyone else 
>> have an opinion?
>>
>> James
>>
>>
>> On Tue, Apr 9, 2013 at 12:16 PM, Andy Davies <dajdavies@gmail.com 
>> <mailto:dajdavies@gmail.com>> wrote:
>>
>>     I understand why the spec states that connectEnd excludes SOCKS
>>     authentication etc., but don't quite understand why it excludes
>>     the SSL Handshake
>>
>>     "connectEnd must include the time interval to establish the
>>     transport connection. It must not include other time interval
>>     such as SSL handshake and SOCKS authentication."
>>
>>     I've had a hunt back through the archives but I couldn't find any
>>     reference as to why.
>>
>>     Is anyone able to explain?
>>
>>     Thanks
>>
>>     Andy
>>
>>

Received on Wednesday, 10 April 2013 15:06:05 UTC