[08:53:37] roberto_peon joins the room
[08:56:45] ilari.liusvaara joins the room
[09:04:42] mcmanus joins the room
[09:06:11]  o/
[11:10:08] Bill Hulley joins the room
[11:11:17] plh joins the room
[11:18:16] plh leaves the room
[11:34:47] mcmanus leaves the room
[12:01:32] wseltzer joins the room
[12:41:47] Dirk-Willem van Gulik joins the room
[12:44:01] jimsch joins the room
[12:55:30] Rhys joins the room
[12:56:30] bartosz.balazinski joins the room
[13:00:31]  And it has begun...
[13:00:44]  tap tap tap
[13:01:21]  We hear ya fine Mark.
[13:01:33]  Its tonight for me :)
[13:01:41] ted.h joins the room
[13:01:49] jjrh70 joins the room
[13:01:56] SM joins the room
[13:01:58]  o/ Ted.
[13:02:15] ted.h feels underdressed
[13:02:22] Leif Hedstrom joins the room
[13:02:24] jjrh70 leaves the room
[13:02:24] roberto_peon feels invisible
[13:02:24] jjrh joins the room
[13:02:48] Barry Leiba joins the room
[13:02:50]  Remote participant here. 
[13:02:54]  o/ Barry
[13:02:57] tony.l.hansen@gmail.com joins the room
[13:03:03] loreto.salvatore joins the room
[13:03:08]  Hiya, Roberto.
[13:03:19] Julian joins the room
[13:03:19] Julian leaves the room
[13:03:25]  Yo. I get my chance to see what remote participation is like today :)
[13:03:35] Julian joins the room
[13:03:36]  Feedback welcome.
[13:03:50]  we should have asked for a meetecho support
[13:03:50] Adam Bishop joins the room
[13:04:09]  I'm sure it'll work out.
[13:04:58] teole05 joins the room
[13:05:27] Eliot Lear joins the room
[13:05:42] mcmanus joins the room
[13:05:46]  hi- if you have comments for the microphone, please preface with MIC:
[13:05:57] Wolfgang Beck joins the room
[13:06:05]  now on http/1.1- julian speaking
[13:06:18] mdonnelly joins the room
[13:06:37] Eliot Lear leaves the room
[13:06:40] Eliot Lear joins the room
[13:06:59] nakakura joins the room
[13:07:07] wseltzer joins the room
[13:07:09] frodek joins the room
[13:07:48] wseltzer leaves the room
[13:07:52] thomas.mangin joins the room
[13:08:28] hiro1017 joins the room
[13:09:35]  now on slide 9
[13:09:38] m&m joins the room
[13:10:16] Joe Hildebrand joins the room
[13:10:23] Joe Hildebrand is now known as hildjj
[13:13:07]  Yeay Julian, Roy, Mark, et al!
[13:13:11] npdoty joins the room
[13:14:24]  now on zurich interim
[13:14:34]  Are there slides?
[13:14:43]  (checking)
[13:16:40]  not that i see: https://datatracker.ietf.org/meeting/89/materials.html#wg-httpbis
[13:17:13]  now on http://www.ietf.org/proceedings/89/slides/slides-89-httpbis-2.pdf
[13:17:24] kmurchison joins the room
[13:17:27]  Hirotaka speaking
[13:18:03] Dirk-Willem van Gulik is struggling to find a URL to these slides
[13:18:07]  correction- not hirotaka but his co-author
[13:18:19]  Dirk: http://www.ietf.org/proceedings/89/slides/slides-89-httpbis-2.pdf
[13:18:24] Adam Bishop leaves the room
[13:18:38] Wolfgang Beck leaves the room
[13:18:48]  Eliot: thanks - it showed up empty - but a cmd-reload seem to fare better.
[13:18:56]  slide 7 noiw
[13:19:04]  8
[13:19:09]  thanks!
[13:19:25]  "HPACK Test Case"
[13:21:03] m&m leaves the room
[13:21:06] m&m joins the room
[13:21:19]  lovely
[13:21:26]  MIC: Very cool guys!
[13:22:23]  now on martin
[13:22:28]  http/2
[13:23:25] Jxck joins the room
[13:23:34] hiro1017 leaves the room
[13:23:38]  design issues remaining
[13:25:31]  hpack security
[13:25:34]  priority
[13:26:05]  28 issues, 18 design
[13:27:02]  alpn update, Andrei
[13:27:37]  is peter lepeska in the room?
[13:27:53]  - now on "Changes since IETF88" on TLS
[13:28:30] adamb joins the room
[13:29:19]  now on "ALPN Deployment"
[13:30:10] hiro1017 joins the room
[13:31:57] Eliot Lear leaves the room
[13:32:04] Eliot Lear joins the room
[13:32:12]  hmm - a fire alarm ?
[13:32:13] npdoty leaves the room
[13:32:13] ted.h leaves the room
[13:32:14] m&m leaves the room
[13:32:14] Leif Hedstrom leaves the room
[13:32:15] loreto.salvatore leaves the room
[13:32:15] Barry Leiba leaves the room
[13:32:16] thomas.mangin leaves the room
[13:32:16] adamb leaves the room
[13:32:17] nakakura leaves the room
[13:32:21]  oh god a fire alarm.
[13:32:21] frodek leaves the room
[13:32:21] mcmanus leaves the room
[13:32:23]  we have been asked to evacuate
[13:32:23] Julian leaves the room: Computer went to sleep
[13:32:25] Eliot Lear leaves the room
[13:32:26] hildjj leaves the room
[13:32:27] bartosz.balazinski leaves the room
[13:32:29] tony.l.hansen@gmail.com leaves the room
[13:32:30]  very polite brittisch :)
[13:32:39]  that was fast.
[13:32:46] Jxck leaves the room
[13:32:55]  That is a first:)
[13:32:59] teole05 leaves the room
[13:33:06]  MIC: This effort is going so fast, its almost, but not quite on fire.
[13:34:00] Joe Hildebrand joins the room
[13:34:33] loreto.salvatore joins the room
[13:34:35] ted.h joins the room
[13:34:43] thomas.mangin joins the room
[13:34:45] npdoty joins the room
[13:34:45] nakakura joins the room
[13:35:08] wseltzer joins the room
[13:35:16] Barry Leiba joins the room
[13:35:18] teole05 joins the room
[13:35:18] wseltzer leaves the room
[13:35:20] frodek joins the room
[13:35:42] Dirk-Willem van Gulik  joins the room
[13:35:48] Dirk-Willem van Gulik leaves the room
[13:36:10] m&m joins the room
[13:36:48] adamb joins the room
[13:36:53] Leif Hedstrom joins the room
[13:37:31] mdonnelly leaves the room: Disconnected: Replaced by new connection
[13:37:34] Julian joins the room
[13:37:40] mdonnelly joins the room
[13:37:46] ted.h leaves the room: Replaced by new connection
[13:37:47] ted.h joins the room
[13:38:37]  MICL: This is an issue for the registry.
[13:38:48] jimsch leaves the room
[13:38:55] tony.l.hansen@gmail.com joins the room
[13:39:09]  MIC; Thus not for us?
[13:39:23] jimsch1 joins the room
[13:39:40]  mic: correct.
[13:40:29] g.e.montenegro joins the room
[13:40:53]  mic: I'm concetrned that this will be used for more thyan just http...
[13:40:54] bartosz.balazinski joins the room
[13:41:28]  micL: I don't want structured stuff...
[13:41:47]  mic: but I am worried about what happens when it is used for more than what we ahve now.
[13:41:56] hiro1017 leaves the room
[13:42:42] Jxck joins the room
[13:43:02] Joe Hall joins the room
[13:43:46] dougt joins the room
[13:44:21] mcmanus joins the room
[13:44:54] loreto.salvatore leaves the room
[13:45:34] loreto.salvatore joins the room
[13:45:43]  mic: We can do it in a new codepoint if necessary.
[13:45:59]  mic: or request such from the tls group in the future.
[13:46:08] Joe Hildebrand leaves the room
[13:46:30] m&m leaves the room
[13:46:34] m&m joins the room
[13:47:28]  mic: no objection
[13:48:02]  sgtm
[13:48:10]  So relayed; no need to have it on mic.
[13:48:18]  *nod* new to this :)
[13:48:38] hiro1017 joins the room
[13:48:58]  we're missing the part that says: don't send this scheme to me again at the http2 layer
[13:49:01] ekr@ecotroph.net joins the room
[13:50:26]  very difficult to hear this speaker in the back of the room, not matter which mic he chooses
[13:50:53]  You're in the room and can't hear him?
[13:51:20]  Did that help?
[13:51:22]  Oh god, yuck
[13:52:13]  Martin's suggestion seems good.
[13:52:35]  yes
[13:52:39]  thank you, Barry
[13:52:51]  does it make it easier for a passive attacker to correlate the traffic if a fuller set of settings/headers is sent every time?
[13:53:40]  MIC: I like Martin's suggestion
[13:54:20] dcollange joins the room
[13:54:21]  Join
[13:55:33] wmills_92105 joins the room
[13:55:35]  MIC: If we find that ALPN doesn't work well enough, we can define a new codepoint. 
[13:55:43]  sound is not loud at the back of the room, for any speaker
[13:57:23]  We need an error code on RST that says that the scheme is denied and the remote endpoint shouldn't send it.
[13:58:56]  This is likely to take a lot of time to talk about, and this should probably be tabled until the end of the issues.
[14:00:27] loreto.salvatore leaves the room
[14:00:41]  roberto_peon: that would be totally satisfactory to me
[14:01:50] ricgold joins the room
[14:02:34]  ya
[14:02:53] roberto_peon bows
[14:03:50] loreto.salvatore joins the room
[14:03:59] npdoty is not quite willing to just starting twiddling with the knobs in the sound system, for fear of creating a feedback loop
[14:04:54] Joe Hall well, it's just gain and you can dial it back… prolly will work better than people trying to remember not to speak so softly
[14:05:24] npdoty will blame Joe Hall if I screw something up
[14:05:53]  mic: no.. I was an advocate for having options open later. I do NOT want to change what we're doing right now.
[14:06:30]  yes, ok with having alpn identifiers righ tnow.
[14:06:47]  and. sorry, the audio is delayed, and I have to type my answers, so some delay.. :/
[14:06:48] Joe Hall that's amazingly better!
[14:07:07] npdoty success!
[14:07:08] Joe Hall will buy you your weight in beer
[14:07:12]  yes, sound is much better in the room now
[14:07:18]  yes
[14:07:18]  reminder: the front mic is CH01
[14:07:23] wseltzer thanks, Nick!
[14:08:31] geir joins the room
[14:09:59]  This follows the security discussion.
[14:10:06]  defer, please.
[14:11:10]  http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p1-messaging-26.html#establishing.authority
[14:12:37] Eliot Lear joins the room
[14:13:39] dougt leaves the room
[14:14:14]  There was good information posted about deflate having problems, and thus preferring gzip.
[14:14:18]  which sgtm
[14:15:26] > client has to support; server not — consequence on the client only
[14:15:43]  good luck with that :)
[14:18:48] Eliot Lear leaves the room
[14:19:07]  MIC: This requirement for static data is so fundamental to performance that HTTP/1 would likely be faster if we denied its use in HTTP/2
[14:20:18] Dan York joins the room
[14:21:36]  yes.
[14:21:46]  This was originally intended to be symmetric.
[14:21:58]  wondering if EKR is worried about implementers thinking GZIP is a security tool when it's not
[14:22:20]  No, I'm worried that compression of dynamic content is a security threat
[14:22:25]  ah
[14:22:28]  because it is :)
[14:22:40] > Joe — no the issue is that compression itself is a security issue. 
[14:22:56]  no-- compression of content with mixed authors is a security issue.
[14:23:04]  authors/origins/blah blah
[14:23:45] > we know deflate can be an issue (beast, crime) - we do not (yet) know for gzip.
[14:23:50]  is the risk to confidentiality of the content, or some other security risk?
[14:23:52]  roberto: I don't disagree with your characterization
[14:23:53]  they are the same
[14:23:59]  Thanks for clarifying
[14:24:06]  gzip/deflate are the same risk. NP ekr. :)
[14:24:23] > roberto - violently agree - any compression really.
[14:24:37] > dynamic traffic over tls is the crux.
[14:24:55]  mostly-- LZ77 based compressors are better at leaking info than others.
[14:24:56] > that is where the extra risk originates imho. so the sec-considerations should highlight this.
[14:25:02]  yes
[14:25:08]  gzip: yes
[14:26:04]  which issue?
[14:26:14]  I think we are back on the same issue
[14:26:47]  decopmpression is often cheaper than IO.
[14:27:34]  the nuance for body vs. header+body compression as it interacts with encryption is interesting, but I'd much rather see the info leakage just get solved.
[14:27:59] michael.r.sweet joins the room
[14:28:26] Joe Hall leaves the room
[14:28:29] Joe Hall joins the room
[14:28:33]  Agree with roberto that multiple authors is the issue, but info reflected off the server by the attacker can also be a problem.
[14:29:43]  MIC: WS and other protcols, and at least as interestingly, loadbalance them all. We'd need the RST for unsupported scheme thing.
[14:31:03]  maybe julian could do the editorial work now that he's got time on his hands :)
[14:31:44] dcollange leaves the room
[14:32:28]  RST error code at the HTTP2 layer
[14:32:35]  NOT an http error code.
[14:32:45]  you got it right.
[14:33:23] Julian leaves the room
[14:35:06] Julian joins the room
[14:35:32]  correct. 
[14:35:56]  You don't want the client to waste time on sending the server a scheme it will not support (ostensibly because it doesn't have code to support it)
[14:38:45]  WS doesnt' use HTTP status codes.
[14:40:22]  MIC: no no.. careful Will, when we talkeda bout this we required structure!
[14:40:26] sftcd joins the room
[14:40:33]  mic: And we don't want to require structure now.
[14:40:42]  (for ALPN I mean)
[14:43:19]  I hope I got that to the mic for you roughly in time.
[14:45:50]  mic: In all cases on out-of-band knowledge, the browser or client MUST be willing to learn that it now fails. DNS is no different from having learnt from a prior connection in-band. 
[14:45:56] tony.l.hansen@gmail.com leaves the room
[14:45:57]  yes, you got it in time, thanks :)
[14:46:01]  +1 to roberto
[14:46:53]  I don't see any reason it should block.
[14:47:13]  however...
[14:47:39]  dude....  you need a robo-telepresence
[14:47:40]  .. we do need to suggest at least how http/2 should fail if it is not successful.
[14:47:42]  :)
[14:47:49] cyrus joins the room
[14:47:56]  I'd have been there, as usual, but had family obligations :/
[14:47:58]  want me to take that to the mic?
[14:48:02]  yea
[14:48:03]  thanks :)
[14:50:13]  If you believe you can connect via HTTP/2, and you fail to negotiate http/2
[14:50:37]  .. then what does the client do? That is the question to which we should suggest an answer. I.e. the client should either be prepared to fall-back or not.
[14:52:13]  or the server reboots...
[14:52:19]  yes.
[14:52:29]  jsut discuss the failure case more. this is independent of dns.
[14:52:42]  I don't think this question is DNS-only; isn't it true for any other source of prior knowledge?
[14:53:43]  yes. that is what I was trying to say waaaaay above.
[14:55:28] hiro1017 leaves the room
[14:57:07] Julian leaves the room
[14:58:22] m&m leaves the room: Disconnected: closed
[14:58:30]  not right now
[14:58:38] tony.l.hansen@gmail.com joins the room
[14:59:03]  ambivalence.
[14:59:43]  Hey, I imlpement it :)
[15:00:49] sftcd leaves the room
[15:01:10] Joe Hall leaves the room
[15:01:49] frodek leaves the room
[15:01:57] loreto.salvatore leaves the room
[15:01:58] ted.h leaves the room
[15:02:03] adamb leaves the room
[15:02:04] ted.h joins the room
[15:02:05]  bye all!
[15:02:06] thomas.mangin leaves the room
[15:02:09] geir leaves the room
[15:02:13] jimsch1 leaves the room
[15:02:13] cyrus leaves the room
[15:02:16] roberto_peon leaves the room: offline
[15:02:16] Barry Leiba leaves the room
[15:02:25] SM leaves the room
[15:02:25] Jxck leaves the room
[15:02:32] Leif Hedstrom leaves the room
[15:02:36] bartosz.balazinski leaves the room
[15:02:41] tony.l.hansen@gmail.com leaves the room
[15:02:47] nakakura leaves the room
[15:02:47] Rhys leaves the room
[15:02:49] mcmanus leaves the room
[15:04:32] ricgold leaves the room
[15:04:35] nakakura joins the room
[15:06:25] Dan York leaves the room
[15:06:33] ekr@ecotroph.net leaves the room
[15:08:25] ted.h leaves the room
[15:09:10] michael.r.sweet leaves the room
[15:10:18] kmurchison leaves the room
[15:10:53] nakakura leaves the room
[15:14:37] wmills_92105 leaves the room
[15:14:49] npdoty leaves the room
[15:15:46] thomas.mangin joins the room
[15:17:51] metricamerica joins the room
[15:18:27] Dan York joins the room
[15:18:47] ekr@ecotroph.net joins the room
[15:19:14] thomas.mangin leaves the room
[15:19:38] mdonnelly leaves the room: Disconnected: Replaced by new connection
[15:19:41] mdonnelly joins the room
[15:20:15] Joe Hall joins the room
[15:20:31] Dan York leaves the room
[15:20:34] adamb joins the room
[15:20:48] teole05 leaves the room
[15:21:03] Joe Hall leaves the room
[15:21:19] wseltzer leaves the room
[15:22:15] ted.h joins the room
[15:24:28] geir joins the room
[15:24:40] thomas.mangin joins the room
[15:25:01] geir leaves the room
[15:25:05] nakakura joins the room
[15:25:06] loreto.salvatore joins the room
[15:25:40] wmills_92105 joins the room
[15:25:49] wmills_92105 leaves the room
[15:25:55] ted.h leaves the room: Replaced by new connection
[15:25:56] ted.h joins the room
[15:26:03] sftcd joins the room
[15:26:09] sftcd leaves the room
[15:26:56] mdonnelly leaves the room: Disconnected: Replaced by new connection
[15:27:00] mdonnelly joins the room
[15:27:00] thomas.mangin leaves the room: Disconnected: Replaced by new connection
[15:27:01] thomas.mangin joins the room
[15:31:04] thomas.mangin leaves the room: Disconnected: closed
[15:31:05] thomas.mangin joins the room
[15:31:18] loreto.salvatore leaves the room
[15:31:22] mcmanus joins the room
[15:31:58] mcmanus leaves the room
[15:32:04] adamb leaves the room
[15:32:38] frodek joins the room
[15:33:49] nakakura leaves the room
[15:34:15] nakakura joins the room
[15:34:24] loreto.salvatore joins the room
[15:34:57] tony.l.hansen@gmail.com joins the room
[15:35:02] wseltzer joins the room
[15:35:35] frodek leaves the room
[15:37:06] loreto.salvatore leaves the room
[15:40:34] ted.h leaves the room
[15:45:11] nakakura leaves the room
[15:46:49] mdonnelly leaves the room: Disconnected: Replaced by new connection
[15:46:52] mdonnelly joins the room
[16:00:09] npdoty joins the room
[16:00:38] thomas.mangin leaves the room: Disconnected: Replaced by new connection
[16:00:38] thomas.mangin joins the room
[16:00:47] npdoty leaves the room
[16:02:55] loreto.salvatore joins the room
[16:04:08] thomas.mangin leaves the room: Disconnected: Replaced by new connection
[16:04:55] Bill Hulley leaves the room
[16:05:16] jjrh leaves the room
[16:05:54] thomas.mangin joins the room
[16:13:06] m&m joins the room
[16:13:19] m&m leaves the room
[16:13:23] m&m joins the room
[16:13:59] Dirk-Willem van Gulik  leaves the room
[16:15:45] m&m leaves the room
[16:18:26] loreto.salvatore leaves the room
[16:19:05] thomas.mangin leaves the room: Disconnected: closed
[16:19:07] thomas.mangin joins the room
[16:20:57] thomas.mangin leaves the room: Disconnected: Replaced by new connection
[16:20:58] thomas.mangin joins the room
[16:29:34] tony.l.hansen@gmail.com leaves the room
[16:31:20] ekr@ecotroph.net leaves the room
[16:31:49] thomas.mangin leaves the room
[16:40:16] tony.l.hansen@gmail.com joins the room
[16:42:20] wseltzer leaves the room
[16:42:47] tony.l.hansen@gmail.com leaves the room
[16:43:08] tony.l.hansen@gmail.com joins the room
[16:47:40] mdonnelly leaves the room: Disconnected: Replaced by new connection
[16:47:43] mdonnelly joins the room
[16:54:36] tony.l.hansen@gmail.com leaves the room
[16:54:49] ilari.liusvaara leaves the room
[16:56:50] metricamerica leaves the room
[17:08:23] Eliot Lear joins the room
[17:19:36] nakakura joins the room
[17:23:24] Eliot Lear leaves the room
[17:34:33] mdonnelly leaves the room
[17:34:59] Eliot Lear joins the room
[17:54:29] teole05 joins the room
[18:04:02] tony.l.hansen@gmail.com joins the room
[18:10:00] loreto.salvatore joins the room
[18:10:17] tony.l.hansen@gmail.com leaves the room
[18:33:51] wseltzer joins the room
[18:33:56] Eliot Lear leaves the room
[18:33:58] Eliot Lear joins the room
[18:51:09] loreto.salvatore leaves the room
[18:56:17] nakakura leaves the room
[19:24:18] metricamerica joins the room
[19:33:10] Eliot Lear leaves the room
[19:33:19] Eliot Lear joins the room
[19:33:31] metricamerica leaves the room
[19:33:33] metricamerica joins the room
[19:52:49] teole05 leaves the room
[20:14:43] Eliot Lear leaves the room
[20:16:02] wseltzer leaves the room
[20:21:48] metricamerica leaves the room
[22:29:43] nakakura joins the room
[22:34:40] wseltzer joins the room
[23:35:24] teole05 joins the room
[23:46:05] Eliot Lear joins the room
[23:53:47] Eliot Lear leaves the room