http status report
play

HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair - PowerPoint PPT Presentation

Dec 26, 2022 •252 likes •624 views

HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair <mnot@mnot.net> Principal Technical Yahoo! <mnot@yahoo-inc.com> Hidden Agenda Inform what HTTP (the protocol) can do Inform what implementations can't (yet) do

  1. HTTP Status Report Mark Nottingham IETF HTTPbis WG Chair <mnot@mnot.net> Principal Technical Yahoo! <mnot@yahoo-inc.com>

  2. Hidden Agenda • Inform what HTTP (the protocol) can do • Inform what implementations can't (yet) do • Encourage implementers to close the gap

  3. Status of the Standards

  4. HTTP circa 1996 • HTTP/0.9 fading quickly • HTTP/1.0 taking off • HTTP/1.1 to contain the damage • virtual hosting • persistent connections • caching • HTTP-NG discussions already underway

  5. HTTP circa 1996 • Typical use • Browser client, static or CGI content • GET, POST • WebDAV: Glimmer in Whitehead’s eye • Services: huh?

  6. 2002: BCP56 • “On the use of HTTP as a Substrate” • Reasonable advice for the IETF community, but failed to foresee “services” and “Web 2.0” • Codified distaste with non-browser uses • A new port for every app • Probably a new URI scheme too • Currently being considered for deprecation

  7. HTTP in 2008 • HTTP/2.0 didn’t happen • WS-* debacle unfortunately did • PEP turned into SOAP • “RESTful” APIs • HTTP as Protocol Construction Toolkit • Big surprise: Atompub • Pressure to extend • Explosion of implementations • new servers, clients • new frameworks, APIs

  8. HTTPbis • IETF Working Group to • incorporate errata • clarify ambiguities • document extensibility • improve interoperability • I.e., writing the recipe down more clearly • Specifications need to outlive their creators • NOT to extend HTTP (but wait...)

  9. HTTPbis: specs • Problem: RFC2616 is 176 pages of text/plain • Solution: split it up • p1: messaging • p2: semantics • p3: payload • p4: conditional requests • p5: ranges • p6: caching • p7: authentication

  10. HTTPbis: fixing... • Currently 139 issues, like • ABNF conversion • Whitespace between header name and colon • Registries for status codes, methods... • Vary corner cases • Clarify handling of bodies on GET requests • Header i18n and folding • ETags on PUT responses • Get rid of 305 Use Proxy • Clarifying the cache key

  11. HTTPbis Status • Currently on draft -05 • Major editorial rewrites starting • p1 messaging • p5 caching • After that, most should be downhill • “six months”

  12. Status of the Implementations

  13. Implementations • Clients • IE, Mozilla, Opera, Safari, wget, curl, serf, Perl, Python, Ruby, Java • Abstractions: XmlHttpRequest, Prototype.js, Flash APIs • Servers • Apache, IIS, Lighttpd, your router, phone and fridge • Abstractions: filesystems, CGI, WSGI, Servlet • Intermediaries • Squid, Network Appliance, ISA, HAProxy, tinyproxy, load balancers, firewalls • Not many abstractions (yet) • 20%-30% of Web traffic goes through a proxy • Caches in clients and intermediaries • starting to show up in Python, Ruby...

  14. HTTP V ersions • Most everything these days is HTTP/1.1, except... • Squid (full 1.1 coming) • wget • a few libraries • very old browsers, servers, libraries • That’s OK

  15. Core Methods • GET, POST - universally supported • PUT, DELETE • A few clients can’t generate (e.g., Safari2 XHR) • Intermediaries can be configured to block, but usually aren’t (except the paranoid and mobile) • Biggest limitation is W3C languages • XSLT, HTML forms • Result: X-HTTP-Method header (Google) or query params (e.g., ?real-method=POST)

  16. “ Advanced” Methods • OPTIONS • Hard to configure in servers • Isn’t cacheable... oops. • Result: only used for esoteric protocols (*dav) • Extension methods - FOO • A number of clients don’t allow (e.g., XHR) • Intermediaries often block (e.g., Squid, L4 balancers) • Result: This probably isn’t so horrible

  17. URIs • Mobile clients limit to as small as 256 • Browsers • IE: ~2k • The rest: really really big • Intermediaries are OK up to about 4k; some go higher • Servers can be configured (or replaced) • Result: people putting queries in POSTs • application-specific and frameworks • frameworks doing this leads to gratuitous tunnelling • HTTPbis recommendation likely to be around 8k

  18. Headers • Some length limits (e.g. 20k total in Squid) • Almost no-one handles line continuations • Result: effectively profiled out • Disallowed by latest HTTPbis changes • Connection header control: not great • Result: extending protocol difficult • Trailers aren’t well-supported at all • Result: debug, status more difficult

  19. Partial Content • Content-Range / 206 • Biggest use: PDF • Some caches don’t store partial content • e.g., Squid • Flash URL API can access ranges, but VideoPlayer, etc. don’t use it • Result: $vidID = $_GET["vidID"]; $vidPosition = $_GET["vidPosition"];

  20. Redirection • Most* current browsers will redirect POST when they get a 307 Temporary Redirect • ... but not PUT or DELETE • ... and not a 301 or 302 • * except Safari - it doesn’t even do 307 • This is relatively new • Result: login and lose your POST body

  21. Caching • Basic conformance is there • max-age, no-cache, no-store, Expires, IMS, INM • Invalidation isn’t implemented* • Result: don’t see your blog comments • Updating headers on 304 and HEAD is spotty • Warnings aren’t generated • Curl sends Pragma: no-cache by default • Result: Opportunity cost

  22. Connection Handling • Browsers limited to two concurrent connections to each server • ouch! • Result: BATCH, hosting on multiple names, etc. • Being fixed in HTTPbis

  23. Pipelining • Clients • Only Opera does by default (lots of heuristics) • The brave can turn it on in Mozilla • A few libraries allow (e.g., Serf) • Most intermediaries will be OK with it, but won’t forward • Many servers handle it just fine; a few don’t • Risks: interleaved or out-of-order responses • Predominant use today: SVN (thanks to Serf) • Result: “waterfall” of requests; CSS spriting

  24. The Cookie Cesspit • There is no cookie specification. • Netscape isn’t complete • RFC2109 doesn’t reflect current practice • Opera only major implementation of RFC2965 • Parsing raw dates is painful • Set-Cookie: a=1; Expires=Thu, 24 July 2008 00:00:00 • requires special case handling • Result: libraries required.

  25. Where Next for HTTP?

  26. Tests, tests, tests • Most knowledge today is ad hoc • Some tools (e.g., co-advisor) • Needed: • open source test framework • common test corpus • messaging, semantics... • For clients, intermediaries, servers and caches

  27. Authentication • Basic is interoperable, but not secure • Digest is more secure, but not terribly interoperable • Many newer requirements not addressed • Phishing • Delegated auth • OAuth BoF last week in IETF Minneapolis • Other efforts still coalescing

  28. Better T ransport • head-of-line blocking STILL an issue • Pipelining isn’t well-supported, and doesn’t completely solve the problem • HTTP doesn’t guarantee integrity • except with Content-MD5 (which no one does) • HTTP-over-SCTP • Great for lossy / long-distance networks • proxy-to-proxy overlays • uDel, Cisco

  29. PATCH • “Restful” APIs are starting to abuse PUT • “update that with this...” • PATCH allows you to apply a diff to a resource • Currently an Internet-Draft

  30. Prefer Header • Lets a client state what it wants; • Full content in response body • Status message in response body • No response body • E.g., POST /order-handler • Currently a (quiet) Internet-Draft

  31. Link Header • Under-developed part of the Web arch: typed links • Advertise/discover links in HTTP headers • “this invalidates <foo>” • “the previous one is <bar>” • “edit this over at <baz>” • In RFC2068, taken out of RFC2616 • Bringing back as an internet-draft

  32. Caching Refinements • stale-while-revalidate • hide server latency from clients • stale-if-error • hide server errors from clients • Out-of-band change monitoring • Using resource relationships to invalidate • Explicit cache key

  33. HTTP Software • Higher-level (but still RESTful) abstractions • e.g., webmachine • Better feature set coverage • e.g,. Rack::Cache • Intermediary building blocks • high performance/concurrency • e.g., xLightweb

  34. A W ord on O2.0 • OpenID, OAuth, XmlHttpRequest, HTML5, Comet, “reliable” HTTP, BATCHing, Gears... • General tendency to • use least-common-denominator tech • use familiar tools • ignore intermediaries • fail to consider overall architecture • High opportunity cost

  35. Take - Aways • Implementations are (obviously) usable, but • They sometimes impose arbitrary limits • They don’t expose some important controls • Developers will always take the easiest path • Not implementing because no-one uses it is a self-fulfilling prophesy • HTTPbis is an opportunity to • get implementers together • clarify ambiguities • improve interop • make HTTP a more stable basis for the next 10+ years

  36. Resources • http://tools.ietf.org/wg/httpbis/ • http://tinyurl.com/65e9lb [ implementation sheets ] • http://coad.measurement-factory.com/ • http://www.mnot.net/blog/2007/06/20/proxy_caching • http://www.mnot.net/blog/2006/05/11/browser_caching

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Key Experiments Key Experiments and Simulation: and Simulation: Status Report Status Report

Key Experiments Key Experiments and Simulation: and Simulation: Status Report Status Report

Key Experiments Key Experiments and Simulation: and Simulation: Status Report Status Report E.Farnea INFN Sezione di Padova, Italy AGATA Week, Strasbourg, November 24 th , 2005 Outline Outline Performance of the Demonstrator Some

317 views • 19 slides
NMRG Status Report 2006 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de

NMRG Status Report 2006 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de

NMRG Status Report 2006 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de International University Bremen Campus Ring 1 28725 Bremen, Germany http://www.ibr.cs.tu-bs.de/projects/nmrg/ slides.tex NMRG Status Report 2006

470 views • 10 slides
NMRG Status Report 2004 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de

NMRG Status Report 2004 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de

NMRG Status Report 2004 J urgen Sch onw alder j.schoenwaelder@iu-bremen.de International University Bremen Campus Ring 1 28725 Bremen, Germany http://www.ibr.cs.tu-bs.de/projects/nmrg/ slides.tex NMRG Status Report 2004

288 views • 10 slides
HTTP status code 451 : Hackathon Overview and Human Rights Considerations Outline Last

HTTP status code 451 : Hackathon Overview and Human Rights Considerations Outline Last

HTTP status code 451 : Hackathon Overview and Human Rights Considerations Outline Last weekends hackathon overview Best New Work Introduction to HTTP 451 status code Hackathon implementations Implementation Report

382 views • 24 slides
TGeo/CAD Interface Status Report C inzia Luzzi - C E R N Objective of the work Write the

TGeo/CAD Interface Status Report C inzia Luzzi - C E R N Objective of the work Write the

TGeo/CAD Interface Status Report C inzia Luzzi - C E R N Objective of the work Write the prototype of an interface between the TGeo geometrical modeler from Root (http://root.cern.ch) and the CATIA system (http://www.3ds.com/products/catia)

570 views • 23 slides
Report from the 2013 Committee of Visitors 28 January 2013 2013 COV Status Report 1 28 January

Report from the 2013 Committee of Visitors 28 January 2013 2013 COV Status Report 1 28 January

Report from the 2013 Committee of Visitors 28 January 2013 2013 COV Status Report 1 28 January 2013 2013 COV Status Report 2 2013 Committee of Visitors Membership Joseph Arango JLAB Site Office Kelly Beierschmitt ORNL Elizabeth Beise

415 views • 7 slides
Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

The 16 th Meeting of the ISC: Activity Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics Participants Working Group Workshops &amp; Activities Stock Status &amp; Conservation Advice Interactions

350 views • 17 slides
Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

The 16 th Meeting of the ISC: Activity Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics Participants Working Group Workshops &amp; Activities Stock Status &amp; Conservation Advice Interactions

408 views • 20 slides
CSE Accreditation Status Report Steven Skiena Department of Computer Science State University of

CSE Accreditation Status Report Steven Skiena Department of Computer Science State University of

CSE Accreditation Status Report Steven Skiena Department of Computer Science State University of New York Stony Brook, NY 117944400 http://www.cs.sunysb.edu/ skiena Schedule Fall 2003: Simulated ABET visit DONE Spring 2005: Write

503 views • 16 slides
Progress Report June 27, 2013 FOR TONIGHT Status report to public and T.C. 11

Progress Report June 27, 2013 FOR TONIGHT Status report to public and T.C. 11

Progress Report June 27, 2013 FOR TONIGHT Status report to public and T.C. 11 alternatives reviewed 3 finalists selected We want Input on finalists Questions Please hold until the end See our full report at

759 views • 26 slides
Programme Update Status Update, Six Month Report &amp; Change Request Status Update Lake

Programme Update Status Update, Six Month Report &amp; Change Request Status Update Lake

Programme Update Status Update, Six Month Report &amp; Change Request Status Update Lake Rotorua Low Nitrogen Land Use Fund Round 2 Recommendations. Incentives Scheme 20T Achieved, 25T in pipeline. Strategic Review for new

149 views • 12 slides
Status Report for George Beckett (UKQCD) ILDG 15, 4th December 2009. Infrastructure Status

Status Report for George Beckett (UKQCD) ILDG 15, 4th December 2009. Infrastructure Status

Middleware Working Group, Status Report for George Beckett (UKQCD) ILDG 15, 4th December 2009. Infrastructure Status Core services are operational: Metadata catalogue, file catalogue, VO, storage elements, and monitoring service.

96 views • 6 slides
Status Report from Metadata Working Group D. Pleiter (NIC/DESY Zeuthen) Status Schemata

Status Report from Metadata Working Group D. Pleiter (NIC/DESY Zeuthen) Status Schemata

Status Report from Metadata Working Group D. Pleiter (NIC/DESY Zeuthen) Status Schemata Current revision: QCDml1.1 No changes since ILDG5 Schemata stable Still no (serious) problems found! How many real ensembles have been marked-up?

176 views • 7 slides
THE INTERNET &amp; JURISDICTION GLOBAL STATUS REPORT 2019 INTERNET &amp; JURISDICTION GLOBAL

THE INTERNET &amp; JURISDICTION GLOBAL STATUS REPORT 2019 INTERNET &amp; JURISDICTION GLOBAL

THE INTERNET &amp; JURISDICTION GLOBAL STATUS REPORT 2019 INTERNET &amp; JURISDICTION GLOBAL STATUS REPORT 2019 WHY THE REPORT? In response to the urgent call for mapping of global initiatives by over 250 senior-level stakeholders from 50

169 views • 16 slides
Status Report on the Event Generator WHIZARD Jrgen R. Reuter, DESY J.R.Reuter Status Report on

Status Report on the Event Generator WHIZARD Jrgen R. Reuter, DESY J.R.Reuter Status Report on

Status Report on the Event Generator WHIZARD Jrgen R. Reuter, DESY J.R.Reuter Status Report on WHIZARD ALCW 2015, KEK, 21.4.2015 The WHIZARD Event Generator Universal event generator for lepton and hadron colliders Modular package:

630 views • 47 slides
Coastwide Reference Monitoring System - Wetlands Status Report for the CWPPRA Technical Committee

Coastwide Reference Monitoring System - Wetlands Status Report for the CWPPRA Technical Committee

Coastwide Reference Monitoring System - Wetlands Status Report for the CWPPRA Technical Committee March 15, 2005 1 CRMS- - Wetlands Wetlands Status Report Status Report CRMS Outline Outline BACKGROUND and APPLI CATI ONS BACKGROUND and

898 views • 60 slides
CONDENSED MATTER: PCES 16.8 towards Absolute Zero We have seen the voyages to inner &amp;

CONDENSED MATTER: PCES 16.8 towards Absolute Zero We have seen the voyages to inner &amp;

CONDENSED MATTER: PCES 16.8 towards Absolute Zero We have seen the voyages to inner &amp; outer space in physics. There is also a voyage to the ultra-cold, which is now within 10 -10 K of absolute zero (see left). One can never reach

566 views • 7 slides
UDT 2020 Missionized Riptide Unmanned Underwater Vehicles J. E. Filiberti 1 and R. M. Carvalho

UDT 2020 Missionized Riptide Unmanned Underwater Vehicles J. E. Filiberti 1 and R. M. Carvalho

UDT 2020 UDT Extended Abstract Unmanned, Remotely Piloted &amp; Autonomous Systems UDT 2020 Missionized Riptide Unmanned Underwater Vehicles J. E. Filiberti 1 and R. M. Carvalho Jr. 2 1 Senior Principal Scientist, BAE Systems FAST Labs,

556 views • 7 slides
Phase-Charge Duality in a Josephson Junction coupled to an electromagnetic environment Silvia

Phase-Charge Duality in a Josephson Junction coupled to an electromagnetic environment Silvia

Phase-Charge Duality in a Josephson Junction coupled to an electromagnetic environment Silvia Corlevi, David B. Haviland Nanostructure Physics, Royal Institute of Technology Stockholm, Sweden Wiebke Guichard, Frank W. J. Hekking Universite

578 views • 30 slides
Application Characteristics that Best Fit the CernVM FileSystem and the Frontier Distributed

Application Characteristics that Best Fit the CernVM FileSystem and the Frontier Distributed

Application Characteristics that Best Fit the CernVM FileSystem and the Frontier Distributed Database Caching System Dave Dykstra (Fermilab) Rene Meusel (CERN) EGI Community ForumSpring 2014 Outline Introduction to

568 views • 14 slides
RM Cell Test Chip Photomicrographs Michael Frank, Rupert Lewis, Nancy Missert This work is

RM Cell Test Chip Photomicrographs Michael Frank, Rupert Lewis, Nancy Missert This work is

RM Cell Test Chip Photomicrographs Michael Frank, Rupert Lewis, Nancy Missert This work is supported in part by the Laboratory Directed Research and Development (LDRD) program at Sandia National Laboratories. Part of this work is also sponsored

331 views • 6 slides
fs123 A scalable, read-only, network filesystem with pervasive caching John Salmon D. E. Shaw

fs123 A scalable, read-only, network filesystem with pervasive caching John Salmon D. E. Shaw

fs123 A scalable, read-only, network filesystem with pervasive caching John Salmon D. E. Shaw Research PDSW 2019 November 18, 2019 1 PDSW 2019, 18 Nov 2019 The Problem We have &gt;15 petabytes of simulation data and &gt;1 terabyte of

416 views • 10 slides
Go based content filtering software on FreeBSD Ganbold Tsagaankhuu, Mongolian Unix User Group

Go based content filtering software on FreeBSD Ganbold Tsagaankhuu, Mongolian Unix User Group

Go based content filtering software on FreeBSD Ganbold Tsagaankhuu, Mongolian Unix User Group Esbold Unurkhaan, Mongolian University of Science and Technology Erdenebat Gantumur, Mongolian Unix User Group AsiaBSDCon Tokyo, 2015 Content

1.04k views • 42 slides
PROOF OF CONCEPT THIN FILMS AND MULTILAYERS TOWARD ENHANCED FIELD GRADIENTS IN SRF CAVITIES Rosa A.

PROOF OF CONCEPT THIN FILMS AND MULTILAYERS TOWARD ENHANCED FIELD GRADIENTS IN SRF CAVITIES Rosa A.

PROOF OF CONCEPT THIN FILMS AND MULTILAYERS TOWARD ENHANCED FIELD GRADIENTS IN SRF CAVITIES Rosa A. Lukaszew , Douglas B. Beringer, William M. Roach, College of William and Mary , Williamsburg, Virginia, USA Grigory V. Eremeev, Charles E. Reece,

709 views • 49 slides

More recommend