I think that putting SDCH behind a flag -- while a very understandable desire -- would have the effect of discouraging experimentation in this area. I don't believe that having the feature behind a flag in any way helps that situation. Would it make sense to render a more immediate decision here -- either keep sdch support (maybe using something like origin trials to more formally declare that it is a feature being tested) or just remove it from the code base (and use version control history to revive any necessary code if the feature is standardized). At least in my mind either of these options seems better than a flag -- the first option allows more rapid testing, the second relieving the burden of SDCH maintinance more immediately.
Ryan, can you comment on the apparent disagreement between your metrics and those seen by Amazon? Do you believe their experience isn't representative for some reason, or are you measuring different things from them?
Given how hard we're pushing the "every second saved in page load is more money for your site" story (a theme across almost every CDS talk this year and probably the #1 priority for the web platform team overall), it seems to me like it would be a real shame to remove the huge benefits Eric says they see on Amazon - regardless of the reason. Perhaps partnering with Amazon we could make faster progress with the other vendors on an interoperable solution? I'd even be happy partnering with one other major browser engine incubating a specification and interoperable implementation outside the IETF for now if the standards process is slowing things down.
If the data is accurate and businesses can see a "significant improvement in sales" by using SDCH then that should really drive motivation across the browser industry, right? If the business metrics are that good, then perhaps Amazon might even replace it's annoying "Install our native app" mobile interstitial with a "Install our native app or a browser that supports SDHC" one only when running browsers without SDHC. That would create a pretty strong incentive to collaborate between engines I think ;-)
Ben, does Facebook use SDCH? Do you have any metrics you could share?
Given how hard we're pushing the "every second saved in page load is more money for your site" story (a theme across almost every CDS talk this year and probably the #1 priority for the web platform team overall), it seems to me like it would be a real shame to remove the huge benefits Eric says they see on Amazon - regardless of the reason. Perhaps partnering with Amazon we could make faster progress with the other vendors on an interoperable solution? I'd even be happy partnering with one other major browser engine incubating a specification and interoperable implementation outside the IETF for now if the standards process is slowing things down.
, and of the execution, namely, concerns around compression-over-TLS attacks such as CRIME, TIME, and BREACH, which introduce significant security risks to the platform
From the //net team, there's generally strong support for removing support entirely. However, we've heard from other Chromium embedders, both first and third-party, a desire to see the support removed in a way that will allow them to add it back themselves. This creates a bit of an issue - if we don't unship it from the Web Platform, we don't have a good way to move the code while still supporting it in the Web Platform.
So to get there, we first need to signal that Chromium will not continue to support SDCH in it's present form. Further, we'll allow a limited amount of time for proponents of SDCH to attempt to garner standardization and cross-browser support, and allowing down-level Chromium embedders the flexibility to gather the data they need towards that goal. As mentioned, this was recently discussed at IETF97, with a more negative than positive reaction to SDCH specifically, but relative interest in exploring delta encoding if it can be done so securely. However, it also sets the path, as indicated, to be able to move that code outside of being part of Chromium, and leaving it as something that first-party (Google) and third-party (non-Google) Chromium embedders can use.
Do you believe there are risks SDCH has over brotli/gzip?
Do you have examples of these use cases?
What about allowing SDCH to be used in its current form during that period? IE saying "we're going to delete the code from chromium on <date> unless there's substantial forward progress on standardization". That would seem to allow sites like Amazon to continue to benefit (and provide motivating data) while still ensuring that the code gets deleted unless there is a path forward.
On Tue, Nov 22, 2016 at 1:55 PM, <ben.m...@gmail.com> wrote:Do you believe there are risks SDCH has over brotli/gzip?Yes. In particular, SDCH's non-SOP binding means greater chance of cross-origin dictionary issues; the very thing that drives benefits for some implementors (hoping they'll chime in directly on this thread, as they're aware of it)
What about allowing SDCH to be used in its current form during that period? IE saying "we're going to delete the code from chromium on <date> unless there's substantial forward progress on standardization". That would seem to allow sites like Amazon to continue to benefit (and provide motivating data) while still ensuring that the code gets deleted unless there is a path forward.We've been having limited internal and external discussions with some of the parties actively involved in discussing SDCH in the past, and have already been signalling that message for a while. Indeed, this itself was delayed for several months, while we worked towards trying to put together a draft for IETF 97 and discuss more broadly. While the reaction to SDCH itself was more negative than positive, and folks at Mozilla expressed reasonable concern that this is not something that should be on by default, there was still interest in exploring schemes for delta encoding. However, we're at an inflection point where, with the current implementation, we're seeing more sites (like Amazon) adopt Chromium's franken-version of SDCH, and we're concerned that this will further ossify implementations and limit the ability of the spec to respond to the considerations of the community, such as the aforementioned security considerations. For example, we've heard strong negative reaction towards restricting SDCH to same-origin dictionaries, because of concerns that will substantially eliminate the performance gains seen, even if it represents a very reasonable and minimal step towards better security.
There's also the quality of implementation vs surface risk cost. Given that this is exposed and implemented in the browser process, we've seen a variety of novel security issues attacking SDCH support, and similarly, have envisioned several theoretical attacks. Mitigating these requires a lot of time, care, and broader review, and we haven't really seen support for those needs, organizationally or collectively.
How hard would it be to make SDCH enforce CORS headers exist if the resource is cross-origin.
This seems entirely reasonable to ask users to do and seems like it has the same security benefits as same origin. Would this change your stance on the feature?
My personal sense is that SDCH is pretty far off from the ideal production version. I'd love to see SDCH supported -- and my sense is that SDCH is difficult enough to implement that the risk of ossification is somewhat low (as only sophisticated parties can implement it). Personally I believe the most compelling arguments are (1) imminent security risks that can not be easily addressed (2) the burden on the networking team to support the feature.
On Tue, Nov 22, 2016 at 1:16 PM, Rick Byers <rby...@chromium.org> wrote:Ryan, can you comment on the apparent disagreement between your metrics and those seen by Amazon? Do you believe their experience isn't representative for some reason, or are you measuring different things from them?I'm hoping Randy can comment more here on the metrics, as he's been driving the measurements. My understanding is that, unsurprisingly, the nature of the content can affect the savings, and dynamic content receives much less benefit than mostly static content. For a shopping site like Amazon, which has significant areas of static content, this may offer considerably more savings.
One other pitfall I wanted to point out in removing this -- if we want to push people to implement SDCH using service workers, having the ability to do a fair performance comparison of a service worker version of SDCH vs a native one would be a persuasive argument against implementing the feature in-browser. It'd be a shame to lose such an opportunity, especially since it might more permanently relieve the networking team of having to support SDCH like features :-)
One of the biggest is just that the nature of service worker makes it a concern to roll out a site-wide service worker on an established web site that has hundreds or thousands of different applications owned by different teams and with different needs, but hosted on the same domain. If we were starting from scratch today we might start with a rigid policy around subdomain usage or explicit paths for each application, but we don’t have that today and we have 20 years of SEO’d URL’s that aren’t structured in the way that service worker prefers and would allow us to do more isolation. Though even if we could have white lists and black lists they would be extremely difficult to keep up to date just because of the mix of products on a single domain.
Additionally, Service worker is still relatively immature, like the fact that streaming was just recently added, and limits what’s possible compared to native implementation in Chrome. My understanding from talking with Chrome developers over the years is that SDCH required a fair amount of optimization in how and when dictionaries were loaded into memory which would be difficult/impossible with ServiceWorker – so it seems really unlikely we’d be able to get similar performance. I know that currently service workers can have a noticeably negative performance impact on pages if they essentially don’t act on them, which would be a very common situation for us.
It is unsurprising that Amazon was able to see large gains via SDCH, reported elsewhere on this thread. Historically, at Google, when I first implemented SDCH in Chrome while others implemented the server support, and we rolled it out, it provided very significant gains to what was then Google's Desktop Search. At the time, I recall that we could compress roughly 50% of the search results to Chrome (limited mostly by middlebox tampering of HTTP), and the average latency savings for those successfully SDCH compressed search-result payloads was over of 40+ms (which was pretty gigantic at the time, relative to total search response time, and was verified by meticulous A/B tests). The average compressed payload at the time was roughly 40% smaller than mere gzip compression, (due to excellent work by folks generating dictionaries!!) which produced critically large gains for what I'd term "serialization latency." (re: If you send less data, the knot-hole bandwidth limitation can be traversed faster). [Side note: the savings were so significant, it made me push to increase the TCP initial congestion window to fully achieve the potential of this compression, and that too is resolved today]. I believe all of this has been discussed in numerous public forums, but I'm recounting it here to help support the understanding of the value proposition of SDCH on this thread.
...but things have changed in various places....
Today Google search probably doesn't routinely rely on a simple HTTP GET and response result for search, so I don't have any idea what the savings are. I can see in my current Chrome, via about:net-internals, and searching for "content-encoding: SDCH" that Google continues to use SDCH, but I have no idea how often they update their dictionaries to re-push, and I haven't looked deeper to try to evaluate the compression ratios that I'd anecdotally get. Folks at google that generate current dictionaries may be able to comment on the expected current compression rates, but with Google Search being so radically different today (I think), results may be vastly different from what I saw in the past. These changes *might* impact the value appraisal seen in Chrome Histograms, as noted by Randy, but that should not suggest that SDCH less valuable. At a minimum, such histograms should be teased apart to look at performance in places like India, after verifying that Google's dictionaries are currently helpful :-).
Another change in the world is certainly that bandwidth has continued to rise, even though (as I've stressed with QUIC), the speed of light has remained constant, and hence RTTs have not fallen. When we look at geographic areas such as India or Russia, bandwidth might not be growing so fast, RTT times routinely approach 400ms, and worse yet, packet loss can routinely approach 15-20% <gulp!!>. With such long RTTs, and the significant loss rates, the compression rate has an even larger impact on latency than mere "serialization" costs. The more packets you send, the more likely one is to get lost, and the more likely an additional RTT (or 2+!!) will be required for payload delivery. As a result, it is very unsurprising that Amazon sees big savings in the tail of the distribution, when using SDCH in such areas. I'd expect that most any sites that were willing to make the effort of supporting SDCH (and have repeat visitors!!!) have a fine chance of seeing similar significant latency gains (and sites can estimate the compression rate for a given dictionary before wasting the time to ship the dictionary!).
In countries with large RTTs, the background download (of a dictionary) may be a very small price to pay for the reduced page latency that makes a product usable. SDCH sure seems like a big part of that... until we have something notably better. Consistent use of TLS (HTTPS) precludes middle-box-tampering, which was perhaps the hardest obstacle to overcome in the deployment of SDCH (that I worked on). I'm hoping that recent work to allow SDCH to be used over TLS in Chrome will drive us further, and that Mozilla will get on the bandwagon.
SDCH does not solve world hunger, but it sure helps network performance and latency. With current approaches in HTTP/2 and QUIC, to more gracefully handle header compression, a lot of the historical security problems have become manageable (and I think this is then separate from SDCH). Given that it is no longer necessary to shard hostnames (re: HTTP/2 and QUIC allow for large number of pending fetches at a single host), I strongly suspect that SDCH could be trivially tightened up (if need be) to better respond to potential cross-site security issues (i.e., cross site may not be needed anymore!). There may also be an issue with enhancing the identification of the dictionary, as compared with the slightly weaker use of a crypto hash currently... but that sure seems like small potatoes, compared with evolving a really valuable compression scheme... that works.
I hope Chrome doesn't unship it.
YMMV,
Jim
SDCH does not solve world hunger, but it sure helps network performance and latency. With current approaches in HTTP/2 and QUIC, to more gracefully handle header compression, a lot of the historical security problems have become manageable (and I think this is then separate from SDCH). Given that it is no longer necessary to shard hostnames (re: HTTP/2 and QUIC allow for large number of pending fetches at a single host), I strongly suspect that SDCH could be trivially tightened up (if need be) to better respond to potential cross-site security issues (i.e., cross site may not be needed anymore!). There may also be an issue with enhancing the identification of the dictionary, as compared with the slightly weaker use of a crypto hash currently... but that sure seems like small potatoes, compared with evolving a really valuable compression scheme... that works.
I hope Chrome doesn't unship it.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
"For example, the ability to explain SDCH in terms of Fetch seems critically important, but is extremely non-trivial, and would require rearchitecting much of the SDCH design so that it could flow through the layers for Fetch"Emphasis is mine, I'm curious about this particular point.Do we have feedback showing that explaining SDCH in Fetch is critically important?What valuable use cases would this enable?Thanks in advance.
The simplest answer: If any other implementor wants to come and implement, they would either be stuck reversing Chromium's implementation or attempting an ad-hoc, non-interoperable solution. That doesn't seem desirable for anyone.
A more complex, but still localized (to just the existing functionality set), answer: What interaction model should SDCH have with proxies or authentication prompts? Is that expected? Should SDCH requests be accompanied with a CORS preflight? Can cookies be set on SDCH responses? Should they be?
On Dec 1, 2016 8:23 PM, "Jim Roskind" <j...@chromium.org> wrote:
> There were two independent client implementations of SDCH, both done based on the published SDCH proposal. One was for Google Toolbar, and the other was in Chrome. Both of them interoperated beautifully with a single server implementation (still actively hosted by Google). As a result, I don't think reverse engineering is in any way needed for other implementations to proceed.
I appreciate that two clients and one server from the same company, and many of the same engineers, were able to interoperate, but you've misunderstood my concern.
How and when is an SDCH dictionary fetch made, and how does that interact with the web platform?
I appreciate that SDCH is a topic you're passionate about, but SDCH's documentation at no time explained how they worked with the rest of the web platform.
This is precisely why we try to ensure networking-related features in terms of the Fetch spec - so that there can be interoperable solutions, and that the observable behaviour from the server side is consistent across clients, and the observable behaviour is consistent across clients. The toolbar and Chrome implementations were explicitly not consistent in that regard, and similarly, anyone else who wanted to implement SDCH would have to, for example, reverse engineer Chrome to learn whether to send it through Service Workers or preconnects or proxy prompts.
> The SDCH proposal was quite detailed IMO.
Respectfully, I disagree, but I believe the disagreement may be simply a lack of familiarity with Fetch, rather than a fundamental disagreement, based on your follow-up.
> SDCH functions pretty precisely the same as any compression algorithm, such as gzip encoding, and it *only* compresses the body, and not the header. As a result, things like cookies and header contents are seemingly beyond the purview of SDCH.
This is not what I was talking about. Should dictionary requests send cookies? Should they set them? What I'd third party cookies are disabled? Which socket pool should they use?
I am explicitly not talking about compressing cookies, I am talking about the interaction of cookies and dictionary fetches. This is part of what it means to explain something in terms of the Fetch spec.
> Any questions or concerns you provide about SDCH (actually written as content-encoding: sdch,gzip) are equally applicable to gzip, and I'd be more than surprised if you argued to "unship" gzip.
>
Not at all, as explained above.
> If you were asking questions about whether the download of an SDCH dictionary should be allowed to set cookies, I think the answer is a resounding "sure," as the dictionary arrives as content, with headers, etc., and never gets any other special handling with regard to headers.
And where is this specified? (It isn't) And where does Chrome allow this? (It's inconsistent) And does it work with Chrome's extension model or cookie security policy? (It doesn't)
>Since the download of the dictionary is on "optimization," failure to do so (presumably in the "background") for any reason appears to be an issue of "quality of implementation."
These are not quality of implementation issues. They are core, underspecified, interoperability issues, full of subtle edge cases. Like if you see a Get-Dictionary header, SDCH may fail, but if you force an XHR to that dictionary, seeding the cache, subsequent resource loads will work. That is fundamentally surprising and inconsistent, and arguably not desirable. But it's also not speced as such.
> I could probably ponder similar question about near-background download of various images and JS content (although there the necessity of a download seems higher).
Except all of these have described behaviour, or cross browser collaboration to describe and resolve any inconsistencies.
>
> I'm mostly confused by the questions you are posing. They seem pretty scattered, and I'd be sad that asking a list of questions, seemingly almost rhetorically stated, would be used as a justification to unship a feature that has provided significant benefit to numerous large sites (discussed by several vendors on this thread).
I encourage you to read the Fetch spec, because every question I posed is something answered by Fetch, but not at all described by SDCH, and entirely inconsistent and illogical when evaluated against Chrome's current implementation.
Do you have a timeline identified for this pull out (which version of Chrome etc.,)?