Mechanism to translate timestamps between globals #29
Conversation
|
I don't have any other feedback other than what's already been mentioned in #22. In particular my proposal in #22 (comment) seems essentially as easy to use for developers, but with none of the privacy issues. But if @martinthomson has no privacy concerns, then I'm fine with this too. |
|
Will review on 7/26 and share feedback then. |
|
Talked with the dev team and we are good with the timeOrigin proposal. We still believe that using a machine-specific timeOrigin is probably a bad idea so we believe a comment should be added that the timeOrigin chosen should not be easily identifiable. (Unix epoch meets this requirement but so does my birthday.) |
|
@toddreifsteck Did you see the updated proposal from @igrigorik at #22 (comment) ? It does not expose any machine-specific information. |
|
Just updated my comment. I believe that proposal does not allow a cloud entity to build the timeline and only allows for client-side coordination. |
|
@sicking By the way, please correct me if I'm mistaken or missing how performance.timeOrigin() at #22 (comment) could be used to create a conslidated timeline in the cloud. |
|
@toddreifsteck you'd have one context gather the timeline from the contexts it cares about, run all the translations locally, and send the merged timeline to the server. |
|
@igrigorik But why force that restriction on the space? We don't have a strong argument for doing so at this point that I'm aware of. |
|
Thinking out loud, and in no particular order... I'm afraid that explicitly linking time-origin and Date.now (e.g. #27) has subtle failure scenarios that will plague both browser and web developers...
Another subtle failure scenario: user loads my site and logs ~timeOrigin + timestamps from multiple contexts; user closes browser. Next, user realizes they forgot something and launches the browser again and repeats same operation.. resulting in another set of metrics sent to the server.
In short, it seems that there are many subtle and not so subtle gotchas with linking hr-time with Date.now, and it'd be nice if we could avoid introducing those into the ecosystem. Conversely, if we force the developer to translate timestamps locally..
|
The returned value is the global time of the "zero time" of the time origin. This allows multiple contexts, each with own time origin, to translate timestamps with sub-millisecond resolution, either by communicating their global time to the other context, or first translating their timestamps against the global time of their time origin. Related discussions in #21 and #22. A polyfill for this is ~: Date.now()-performance.now(), modulo clock skew and adjustments that Date.now() is subject to.
|
Jumped on a call with @toddreifsteck earlier this week to work through above concerns. Long story short, he convinced me that #22 (comment) doesn't win us much and that Preview: https://cdn.rawgit.com/w3c/hr-time/offset/index.html @toddreifsteck can you take a quick pass, does it match what you had in mind? |
How would this work? When would a browser know it was safe to change the zero time of day reference of the monotonic clock (ie that nobody had cached a timeOrigin between documents). One other quick thought here -- is it possible for one to translate time across distinct requests. For example, let's say a SW runs into a situation where it needs to do a full page reload (because the version of code is too far out of sync w the server). Can one redirect to mysite.com/?reload_reason=code_sync&timeOrigin=&navStart=). |
I think one instance would be opening an incognito window: the UA can update its reference for the incognito session. However, you're right, the 'periodically' part is harder to reason about.. I didn't want to rule it out and left if there, but I could be convinced that we should reword that: ~ s/periodically update/update, when possible,/, or some such.
I'm not sure I understand what you're trying to solve... You're reloading the page and passing the previous page's navStart / timeOrigin? Why? |
| the issues summarized in this section by providing a monotonically | ||
| increasing time value in sub-millisecond resolution.</p> | ||
| of usage. The <a>DOMHighResTimeStamp</a> type, <a>performance.now</a> | ||
| method, and <a>performance.timeOrigin</a> attribute of the |
There was a problem hiding this comment.
As discussed on the call today, I don't think we can guarantee the monotonic clock on timeOrign in case the computer is restarted and its clock gets updated before the browser is launched.
There was a problem hiding this comment.
Agreed. timeOrigin is a snapshot that should be taken when first browser context is launched. Then.. it should ideally remain monotonic until all contexts are closed. It could then be possible to snapshot a new timeOrigin that is before the previous context set's timeOrigin used.
|
Sent from my iPhone
|
| between any two chronologically recorded time values returned from the | ||
| <a>Performance.now</a> method MUST never be negative if the two time values | ||
| have the same <a>time origin</a>.</p> | ||
| <p>The time values returned when getting <a>performance.timeOrigin</a> MUST |
There was a problem hiding this comment.
ditto re guarantee of monotonic clock.
You can do that already with ms resolution, right? Just append result of Date.now() to the query string of the page you're navigating to. With mechanism we're discussing here you could get higher resolution by doing |
|
Some thoughts based on discussion last week + comments above...
timeOrigin is defined as 2.i + value of 2.ii when context's time origin is zero. The global monotonic clock value is not exposed directly to the application.
That said, I don't think we can, nor is it our goal, to address either of the above limitations; it's something we can mention as a heads up but not much more. Practically speaking, it means that if you get a message from another context, then you can use it for the duration of time that you yourself are around; you cannot cache and reuse this value in another context. The question that remains in my head is how much of a concern is the increased resolution of clock skew detection if 2.ii is not at least periodically updated. On the one hand, there is existing research that indicates that clock skew is ~constant:
If you accept that, then a longer time horizon doesn't yield much. However, I still have a nagging feeling that there is additional exposure here, if not in terms of accuracy, then in terms of speed. The earlier discussion on inducing and measuring clock skew (#22 (comment)) seems mostly orthogonal to the above, as it addresses a different threat model (inducing clock skew and remotely measuring it to compromise anonymity of a remote node). /cc @martinthomson please chime if otherwise. If we do want to eliminate this, then I think we have to rethink how (and if) we can expose the zero time. Today developers have to pass Date.now() timestamps to synchronize time across contexts.. However, the caveat with that approach is that the transfer itself takes some unknown period of time, and nothing stops the clock from changing while that's happening either. To eliminate both of these, without exposing some fixed global time, the only way I see is for the receiver context to resolve the time, not the sender, because there is an unknown delta between sender resolving time and receiver actually getting their hands on it. Which takes us back to something like #22 (comment). |
| @@ -186,6 +183,7 @@ | |||
|
|
|||
| port.postMessage({ | |||
| 'task': 'Some worker task', | |||
| 'time_origin': performance.timeOrigin, | |||
| 'start_time': task_start, | |||
| 'end_time': task_end, | |||
There was a problem hiding this comment.
Super nitpicky but.. should we encourage sending the timeOrigin in each postMessage? I'd imagine we'd want to encourage sending this once with some type of context ID for a smaller postMessage payload. "Sample code becomes product code."
|
@igrigorik Can we list any open issues blocking this being added to L3 here? (Yes.. I'm being a paperwork nag. Just tell me if you are tracking in another location and put link here. :-)) |
|
Based on our discussion at TPAC:
I'm working on (2), stay tuned. |
Related TPAC discussion: https://www.w3.org/2016/09/22-webperf-irc#T09-55-15
|
@toddreifsteck @bzbarsky @rniwa updated the privacy/security section based on our discussion at TPAC: 3ed76dd. Would appreciate any feedback! If you prefer, the more human-readable version: |
|
I talked with my colleagues about |
plehegar
added
the
security-tracker
|
LGTM. |
|
Thanks for the feedback and reviews everyone! Rebased and merged (6d4edaa, 4f49403), not sure why GH PR did not pick it up. Closing this PR. Live: https://w3c.github.io/hr-time/ -- note that p.s. @bzbarsky if you have any feedback or nits, please let us know / file a new bug. |
A first run at exposing ~globalOffset like mechanism to translate timestamps between globals:
Preview: https://cdn.rawgit.com/w3c/hr-time/offset/index.html
globalOffset(see Translating high resolution timestamps between globals #22) name at the f2f, so I'm usingtimeOriginI'm sure the above needs more work, but hopefully it's a step in the right direction..
/cc @toddreifsteck @sicking for review.