rfc9113.original | rfc9113.txt | |||
---|---|---|---|---|
HTTPbis M. Thomson, Ed. | Internet Engineering Task Force (IETF) M. Thomson, Ed. | |||
Internet-Draft Mozilla | Request for Comments: 9113 Mozilla | |||
Obsoletes: 7540, 8740 (if approved) C. Benfield, Ed. | Obsoletes: 7540, 8740 C. Benfield, Ed. | |||
Intended status: Standards Track Apple Inc. | Category: Standards Track Apple Inc. | |||
Expires: 28 July 2022 24 January 2022 | ISSN: 2070-1721 June 2022 | |||
HTTP/2 | HTTP/2 | |||
draft-ietf-httpbis-http2bis-07 | ||||
Abstract | Abstract | |||
This specification describes an optimized expression of the semantics | This specification describes an optimized expression of the semantics | |||
of the Hypertext Transfer Protocol (HTTP), referred to as HTTP | of the Hypertext Transfer Protocol (HTTP), referred to as HTTP | |||
version 2 (HTTP/2). HTTP/2 enables a more efficient use of network | version 2 (HTTP/2). HTTP/2 enables a more efficient use of network | |||
resources and a reduced latency by introducing field compression and | resources and a reduced latency by introducing field compression and | |||
allowing multiple concurrent exchanges on the same connection. | allowing multiple concurrent exchanges on the same connection. | |||
This document obsoletes RFC 7540 and RFC 8740. | This document obsoletes RFCs 7540 and 8740. | |||
Discussion Venues | ||||
This note is to be removed before publishing as an RFC. | ||||
Discussion of this document takes place on the HTTPBIS Working Group | ||||
mailing list (ietf-http-wg@w3.org), which is archived at | ||||
https://lists.w3.org/Archives/Public/ietf-http-wg/. | ||||
Source for this draft and an issue tracker can be found at | ||||
https://github.com/httpwg/http2-spec. | ||||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
provisions of BCP 78 and BCP 79. | ||||
Internet-Drafts are working documents of the Internet Engineering | ||||
Task Force (IETF). Note that other groups may also distribute | ||||
working documents as Internet-Drafts. The list of current Internet- | ||||
Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
Internet Standards is available in Section 2 of RFC 7841. | ||||
This Internet-Draft will expire on 28 July 2022. | Information about the current status of this document, any errata, | |||
and how to provide feedback on it may be obtained at | ||||
https://www.rfc-editor.org/info/rfc9113. | ||||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
in the Revised BSD License. | ||||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction | |||
2. HTTP/2 Protocol Overview . . . . . . . . . . . . . . . . . . 5 | 2. HTTP/2 Protocol Overview | |||
2.1. Document Organization . . . . . . . . . . . . . . . . . . 6 | 2.1. Document Organization | |||
2.2. Conventions and Terminology . . . . . . . . . . . . . . . 6 | 2.2. Conventions and Terminology | |||
3. Starting HTTP/2 . . . . . . . . . . . . . . . . . . . . . . . 7 | 3. Starting HTTP/2 | |||
3.1. HTTP/2 Version Identification . . . . . . . . . . . . . . 8 | 3.1. HTTP/2 Version Identification | |||
3.2. Starting HTTP/2 for "https" URIs . . . . . . . . . . . . 8 | 3.2. Starting HTTP/2 for "https" URIs | |||
3.3. Starting HTTP/2 with Prior Knowledge . . . . . . . . . . 9 | 3.3. Starting HTTP/2 with Prior Knowledge | |||
3.4. HTTP/2 Connection Preface . . . . . . . . . . . . . . . . 9 | 3.4. HTTP/2 Connection Preface | |||
4. HTTP Frames . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 4. HTTP Frames | |||
4.1. Frame Format . . . . . . . . . . . . . . . . . . . . . . 10 | 4.1. Frame Format | |||
4.2. Frame Size . . . . . . . . . . . . . . . . . . . . . . . 11 | 4.2. Frame Size | |||
4.3. Field Section Compression and Decompression . . . . . . . 12 | 4.3. Field Section Compression and Decompression | |||
4.3.1. Compression State . . . . . . . . . . . . . . . . . . 13 | 4.3.1. Compression State | |||
5. Streams and Multiplexing . . . . . . . . . . . . . . . . . . 14 | 5. Streams and Multiplexing | |||
5.1. Stream States . . . . . . . . . . . . . . . . . . . . . . 15 | 5.1. Stream States | |||
5.1.1. Stream Identifiers . . . . . . . . . . . . . . . . . 20 | 5.1.1. Stream Identifiers | |||
5.1.2. Stream Concurrency . . . . . . . . . . . . . . . . . 21 | 5.1.2. Stream Concurrency | |||
5.2. Flow Control . . . . . . . . . . . . . . . . . . . . . . 21 | 5.2. Flow Control | |||
5.2.1. Flow-Control Principles . . . . . . . . . . . . . . . 21 | 5.2.1. Flow-Control Principles | |||
5.2.2. Appropriate Use of Flow Control . . . . . . . . . . . 23 | 5.2.2. Appropriate Use of Flow Control | |||
5.2.3. Flow Control Performance . . . . . . . . . . . . . . 23 | 5.2.3. Flow-Control Performance | |||
5.3. Prioritization . . . . . . . . . . . . . . . . . . . . . 24 | 5.3. Prioritization | |||
5.3.1. Background on Priority in RFC 7540 . . . . . . . . . 24 | 5.3.1. Background on Priority in RFC 7540 | |||
5.3.2. Priority Signaling in this Document . . . . . . . . . 24 | 5.3.2. Priority Signaling in This Document | |||
5.4. Error Handling . . . . . . . . . . . . . . . . . . . . . 25 | 5.4. Error Handling | |||
5.4.1. Connection Error Handling . . . . . . . . . . . . . . 26 | 5.4.1. Connection Error Handling | |||
5.4.2. Stream Error Handling . . . . . . . . . . . . . . . . 26 | 5.4.2. Stream Error Handling | |||
5.4.3. Connection Termination . . . . . . . . . . . . . . . 27 | 5.4.3. Connection Termination | |||
5.5. Extending HTTP/2 . . . . . . . . . . . . . . . . . . . . 27 | 5.5. Extending HTTP/2 | |||
6. Frame Definitions . . . . . . . . . . . . . . . . . . . . . . 28 | 6. Frame Definitions | |||
6.1. DATA . . . . . . . . . . . . . . . . . . . . . . . . . . 28 | 6.1. DATA | |||
6.2. HEADERS . . . . . . . . . . . . . . . . . . . . . . . . . 30 | 6.2. HEADERS | |||
6.3. PRIORITY . . . . . . . . . . . . . . . . . . . . . . . . 32 | 6.3. PRIORITY | |||
6.4. RST_STREAM . . . . . . . . . . . . . . . . . . . . . . . 33 | 6.4. RST_STREAM | |||
6.5. SETTINGS . . . . . . . . . . . . . . . . . . . . . . . . 34 | 6.5. SETTINGS | |||
6.5.1. SETTINGS Format . . . . . . . . . . . . . . . . . . . 35 | 6.5.1. SETTINGS Format | |||
6.5.2. Defined Settings . . . . . . . . . . . . . . . . . . 36 | 6.5.2. Defined Settings | |||
6.5.3. Settings Synchronization . . . . . . . . . . . . . . 38 | 6.5.3. Settings Synchronization | |||
6.6. PUSH_PROMISE . . . . . . . . . . . . . . . . . . . . . . 38 | 6.6. PUSH_PROMISE | |||
6.7. PING . . . . . . . . . . . . . . . . . . . . . . . . . . 41 | 6.7. PING | |||
6.8. GOAWAY . . . . . . . . . . . . . . . . . . . . . . . . . 42 | 6.8. GOAWAY | |||
6.9. WINDOW_UPDATE . . . . . . . . . . . . . . . . . . . . . . 45 | 6.9. WINDOW_UPDATE | |||
6.9.1. The Flow-Control Window . . . . . . . . . . . . . . . 47 | 6.9.1. The Flow-Control Window | |||
6.9.2. Initial Flow-Control Window Size . . . . . . . . . . 48 | 6.9.2. Initial Flow-Control Window Size | |||
6.9.3. Reducing the Stream Window Size . . . . . . . . . . . 49 | 6.9.3. Reducing the Stream Window Size | |||
6.10. CONTINUATION . . . . . . . . . . . . . . . . . . . . . . 49 | 6.10. CONTINUATION | |||
7. Error Codes . . . . . . . . . . . . . . . . . . . . . . . . . 50 | 7. Error Codes | |||
8. Expressing HTTP Semantics in HTTP/2 . . . . . . . . . . . . . 51 | 8. Expressing HTTP Semantics in HTTP/2 | |||
8.1. HTTP Message Framing . . . . . . . . . . . . . . . . . . 51 | 8.1. HTTP Message Framing | |||
8.1.1. Malformed Messages . . . . . . . . . . . . . . . . . 53 | 8.1.1. Malformed Messages | |||
8.2. HTTP Fields . . . . . . . . . . . . . . . . . . . . . . . 54 | 8.2. HTTP Fields | |||
8.2.1. Field Validity . . . . . . . . . . . . . . . . . . . 54 | 8.2.1. Field Validity | |||
8.2.2. Connection-Specific Header Fields . . . . . . . . . . 55 | 8.2.2. Connection-Specific Header Fields | |||
8.2.3. Compressing the Cookie Header Field . . . . . . . . . 56 | 8.2.3. Compressing the Cookie Header Field | |||
8.3. HTTP Control Data . . . . . . . . . . . . . . . . . . . . 56 | 8.3. HTTP Control Data | |||
8.3.1. Request Pseudo-Header Fields . . . . . . . . . . . . 57 | 8.3.1. Request Pseudo-Header Fields | |||
8.3.2. Response Pseudo-Header Fields . . . . . . . . . . . . 59 | 8.3.2. Response Pseudo-Header Fields | |||
8.4. Server Push . . . . . . . . . . . . . . . . . . . . . . . 59 | 8.4. Server Push | |||
8.4.1. Push Requests . . . . . . . . . . . . . . . . . . . . 60 | 8.4.1. Push Requests | |||
8.4.2. Push Responses . . . . . . . . . . . . . . . . . . . 62 | 8.4.2. Push Responses | |||
8.5. The CONNECT Method . . . . . . . . . . . . . . . . . . . 63 | 8.5. The CONNECT Method | |||
8.6. The Upgrade Header Field . . . . . . . . . . . . . . . . 64 | 8.6. The Upgrade Header Field | |||
8.7. Request Reliability . . . . . . . . . . . . . . . . . . . 64 | 8.7. Request Reliability | |||
8.8. Examples . . . . . . . . . . . . . . . . . . . . . . . . 65 | 8.8. Examples | |||
8.8.1. Simple Request . . . . . . . . . . . . . . . . . . . 65 | 8.8.1. Simple Request | |||
8.8.2. Simple Response . . . . . . . . . . . . . . . . . . . 65 | 8.8.2. Simple Response | |||
8.8.3. Complex Request . . . . . . . . . . . . . . . . . . . 66 | 8.8.3. Complex Request | |||
8.8.4. Response with Body . . . . . . . . . . . . . . . . . 66 | 8.8.4. Response with Body | |||
8.8.5. Informational Responses . . . . . . . . . . . . . . . 67 | 8.8.5. Informational Responses | |||
9. HTTP/2 Connections . . . . . . . . . . . . . . . . . . . . . 68 | 9. HTTP/2 Connections | |||
9.1. Connection Management . . . . . . . . . . . . . . . . . . 68 | 9.1. Connection Management | |||
9.1.1. Connection Reuse . . . . . . . . . . . . . . . . . . 68 | 9.1.1. Connection Reuse | |||
9.2. Use of TLS Features . . . . . . . . . . . . . . . . . . . 69 | 9.2. Use of TLS Features | |||
9.2.1. TLS 1.2 Features . . . . . . . . . . . . . . . . . . 70 | 9.2.1. TLS 1.2 Features | |||
9.2.2. TLS 1.2 Cipher Suites . . . . . . . . . . . . . . . . 71 | 9.2.2. TLS 1.2 Cipher Suites | |||
9.2.3. TLS 1.3 Features . . . . . . . . . . . . . . . . . . 71 | 9.2.3. TLS 1.3 Features | |||
10. Security Considerations . . . . . . . . . . . . . . . . . . . 72 | 10. Security Considerations | |||
10.1. Server Authority . . . . . . . . . . . . . . . . . . . . 72 | 10.1. Server Authority | |||
10.2. Cross-Protocol Attacks . . . . . . . . . . . . . . . . . 72 | 10.2. Cross-Protocol Attacks | |||
10.3. Intermediary Encapsulation Attacks . . . . . . . . . . . 73 | 10.3. Intermediary Encapsulation Attacks | |||
10.4. Cacheability of Pushed Responses . . . . . . . . . . . . 73 | 10.4. Cacheability of Pushed Responses | |||
10.5. Denial-of-Service Considerations . . . . . . . . . . . . 74 | 10.5. Denial-of-Service Considerations | |||
10.5.1. Limits on Field Block Size . . . . . . . . . . . . . 75 | 10.5.1. Limits on Field Block Size | |||
10.5.2. CONNECT Issues . . . . . . . . . . . . . . . . . . . 76 | 10.5.2. CONNECT Issues | |||
10.6. Use of Compression . . . . . . . . . . . . . . . . . . . 76 | 10.6. Use of Compression | |||
10.7. Use of Padding . . . . . . . . . . . . . . . . . . . . . 77 | 10.7. Use of Padding | |||
10.8. Privacy Considerations . . . . . . . . . . . . . . . . . 77 | 10.8. Privacy Considerations | |||
10.9. Remote Timing Attacks . . . . . . . . . . . . . . . . . 78 | 10.9. Remote Timing Attacks | |||
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 78 | 11. IANA Considerations | |||
11.1. HTTP2-Settings Header Field Registration . . . . . . . . 79 | 11.1. HTTP2-Settings Header Field Registration | |||
11.2. The h2c Upgrade Token . . . . . . . . . . . . . . . . . 79 | 11.2. The h2c Upgrade Token | |||
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 79 | 12. References | |||
12.1. Normative References . . . . . . . . . . . . . . . . . . 79 | 12.1. Normative References | |||
12.2. Informative References . . . . . . . . . . . . . . . . . 81 | 12.2. Informative References | |||
Appendix A. Prohibited TLS 1.2 Cipher Suites . . . . . . . . . . 83 | Appendix A. Prohibited TLS 1.2 Cipher Suites | |||
Appendix B. Changes from RFC 7540 . . . . . . . . . . . . . . . 89 | Appendix B. Changes from RFC 7540 | |||
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 90 | Acknowledgments | |||
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 90 | Contributors | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 90 | Authors' Addresses | |||
1. Introduction | 1. Introduction | |||
The performance of applications using the Hypertext Transfer Protocol | The performance of applications using the Hypertext Transfer Protocol | |||
(HTTP, [HTTP]) is linked to how each version of HTTP uses the | (HTTP, [HTTP]) is linked to how each version of HTTP uses the | |||
underlying transport, and the conditions under which the transport | underlying transport, and the conditions under which the transport | |||
operates. | operates. | |||
Making multiple concurrent requests can reduce latency and improve | Making multiple concurrent requests can reduce latency and improve | |||
application performance. HTTP/1.0 allowed only one request to be | application performance. HTTP/1.0 allowed only one request to be | |||
outstanding at a time on a given TCP [TCP] connection. HTTP/1.1 | outstanding at a time on a given TCP [TCP] connection. HTTP/1.1 | |||
([HTTP11]) added request pipelining, but this only partially | [HTTP/1.1] added request pipelining, but this only partially | |||
addressed request concurrency and still suffers from application- | addressed request concurrency and still suffers from application- | |||
layer head-of-line blocking. Therefore, HTTP/1.0 and HTTP/1.1 | layer head-of-line blocking. Therefore, HTTP/1.0 and HTTP/1.1 | |||
clients use multiple connections to a server to make concurrent | clients use multiple connections to a server to make concurrent | |||
requests. | requests. | |||
Furthermore, HTTP fields are often repetitive and verbose, causing | Furthermore, HTTP fields are often repetitive and verbose, causing | |||
unnecessary network traffic as well as causing the initial TCP | unnecessary network traffic as well as causing the initial TCP | |||
congestion window to quickly fill. This can result in excessive | congestion window to quickly fill. This can result in excessive | |||
latency when multiple requests are made on a new TCP connection. | latency when multiple requests are made on a new TCP connection. | |||
skipping to change at page 5, line 15 ¶ | skipping to change at line 190 ¶ | |||
The resulting protocol is more friendly to the network because fewer | The resulting protocol is more friendly to the network because fewer | |||
TCP connections can be used in comparison to HTTP/1.x. This means | TCP connections can be used in comparison to HTTP/1.x. This means | |||
less competition with other flows and longer-lived connections, which | less competition with other flows and longer-lived connections, which | |||
in turn lead to better utilization of available network capacity. | in turn lead to better utilization of available network capacity. | |||
Note, however, that TCP head-of-line blocking is not addressed by | Note, however, that TCP head-of-line blocking is not addressed by | |||
this protocol. | this protocol. | |||
Finally, HTTP/2 also enables more efficient processing of messages | Finally, HTTP/2 also enables more efficient processing of messages | |||
through use of binary message framing. | through use of binary message framing. | |||
This document obsoletes RFC 7540 [RFC7540] and RFC 8740 [RFC8740]. | This document obsoletes RFCs 7540 and 8740. Appendix B lists notable | |||
Appendix B lists notable changes. | changes. | |||
2. HTTP/2 Protocol Overview | 2. HTTP/2 Protocol Overview | |||
HTTP/2 provides an optimized transport for HTTP semantics. HTTP/2 | HTTP/2 provides an optimized transport for HTTP semantics. HTTP/2 | |||
supports all of the core features of HTTP but aims to be more | supports all of the core features of HTTP but aims to be more | |||
efficient than HTTP/1.1. | efficient than HTTP/1.1. | |||
HTTP/2 is a connection-oriented application-layer protocol that runs | HTTP/2 is a connection-oriented application-layer protocol that runs | |||
over a TCP connection ([TCP]). The client is the TCP connection | over a TCP connection ([TCP]). The client is the TCP connection | |||
initiator. | initiator. | |||
skipping to change at page 6, line 32 ¶ | skipping to change at line 256 ¶ | |||
way HTTP/2 frames are structured and formed into multiplexed | way HTTP/2 frames are structured and formed into multiplexed | |||
streams. | streams. | |||
* Frame (Section 6) and error (Section 7) definitions include | * Frame (Section 6) and error (Section 7) definitions include | |||
details of the frame and error types used in HTTP/2. | details of the frame and error types used in HTTP/2. | |||
* HTTP mappings (Section 8) and additional requirements (Section 9) | * HTTP mappings (Section 8) and additional requirements (Section 9) | |||
describe how HTTP semantics are expressed using frames and | describe how HTTP semantics are expressed using frames and | |||
streams. | streams. | |||
While some of the frame and stream layer concepts are isolated from | While some of the frame- and stream-layer concepts are isolated from | |||
HTTP, this specification does not define a completely generic frame | HTTP, this specification does not define a completely generic frame | |||
layer. The frame and stream layers are tailored to the needs of the | layer. The frame and stream layers are tailored to the needs of | |||
HTTP protocol. | HTTP. | |||
2.2. Conventions and Terminology | 2.2. Conventions and Terminology | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
All numeric values are in network byte order. Values are unsigned | All numeric values are in network byte order. Values are unsigned | |||
unless otherwise indicated. Literal values are provided in decimal | unless otherwise indicated. Literal values are provided in decimal | |||
or hexadecimal as appropriate. Hexadecimal literals are prefixed | or hexadecimal as appropriate. Hexadecimal literals are prefixed | |||
with "0x" to distinguish them from decimal literals. | with "0x" to distinguish them from decimal literals. | |||
This specification describes binary formats using the convention | This specification describes binary formats using the conventions | |||
described in Section 1.3 of RFC 9000 [QUIC]. Note that this format | described in Section 1.3 of RFC 9000 [QUIC]. Note that this format | |||
uses network byte order and high-valued bits are listed before low- | uses network byte order and that high-valued bits are listed before | |||
valued bits. | low-valued bits. | |||
The following terms are used: | The following terms are used: | |||
client: The endpoint that initiates an HTTP/2 connection. Clients | client: The endpoint that initiates an HTTP/2 connection. Clients | |||
send HTTP requests and receive HTTP responses. | send HTTP requests and receive HTTP responses. | |||
connection: A transport-layer connection between two endpoints. | connection: A transport-layer connection between two endpoints. | |||
connection error: An error that affects the entire HTTP/2 | connection error: An error that affects the entire HTTP/2 | |||
connection. | connection. | |||
skipping to change at page 8, line 6 ¶ | skipping to change at line 323 ¶ | |||
The term "content" as it applies to message bodies is defined in | The term "content" as it applies to message bodies is defined in | |||
Section 6.4 of [HTTP]. | Section 6.4 of [HTTP]. | |||
3. Starting HTTP/2 | 3. Starting HTTP/2 | |||
Implementations that generate HTTP requests need to discover whether | Implementations that generate HTTP requests need to discover whether | |||
a server supports HTTP/2. | a server supports HTTP/2. | |||
HTTP/2 uses the "http" and "https" URI schemes defined in Section 4.2 | HTTP/2 uses the "http" and "https" URI schemes defined in Section 4.2 | |||
of [HTTP], with the same default port numbers as HTTP/1.1 ([HTTP11]). | of [HTTP], with the same default port numbers as HTTP/1.1 [HTTP/1.1]. | |||
These URIs do not include any indication about what HTTP versions an | These URIs do not include any indication about what HTTP versions an | |||
upstream server (the immediate peer to which the client wishes to | upstream server (the immediate peer to which the client wishes to | |||
establish a connection) supports. | establish a connection) supports. | |||
The means by which support for HTTP/2 is determined is different for | The means by which support for HTTP/2 is determined is different for | |||
"http" and "https" URIs. Discovery for "https" URIs is described in | "http" and "https" URIs. Discovery for "https" URIs is described in | |||
Section 3.2. HTTP/2 support for "http" URIs can only be discovered | Section 3.2. HTTP/2 support for "http" URIs can only be discovered | |||
by out-of-band means, and requires prior knowledge of the support as | by out-of-band means and requires prior knowledge of the support as | |||
described in Section 3.3. | described in Section 3.3. | |||
3.1. HTTP/2 Version Identification | 3.1. HTTP/2 Version Identification | |||
The protocol defined in this document has two identifiers. Creating | The protocol defined in this document has two identifiers. Creating | |||
a connection based on either implies the use of the transport, | a connection based on either implies the use of the transport, | |||
framing, and message semantics described in this document. | framing, and message semantics described in this document. | |||
* The string "h2" identifies the protocol where HTTP/2 uses | * The string "h2" identifies the protocol where HTTP/2 uses | |||
Transport Layer Security (TLS); see Section 9.2. This identifier | Transport Layer Security (TLS); see Section 9.2. This identifier | |||
is used in the TLS application-layer protocol negotiation (ALPN) | is used in the TLS Application-Layer Protocol Negotiation (ALPN) | |||
extension [TLS-ALPN] field and in any place where HTTP/2 over TLS | extension [TLS-ALPN] field and in any place where HTTP/2 over TLS | |||
is identified. | is identified. | |||
The "h2" string is serialized into an ALPN protocol identifier as | The "h2" string is serialized into an ALPN protocol identifier as | |||
the two-octet sequence: 0x68, 0x32. | the two-octet sequence: 0x68, 0x32. | |||
* The "h2c" string was previously used as a token for use in the | * The "h2c" string was previously used as a token for use in the | |||
HTTP Upgrade mechanism's Upgrade header field (Section 7.8 of | HTTP Upgrade mechanism's Upgrade header field (Section 7.8 of | |||
[HTTP]). This usage was never widely deployed and is deprecated | [HTTP]). This usage was never widely deployed and is deprecated | |||
by this document. The same apples to the HTTP2-Settings header | by this document. The same applies to the HTTP2-Settings header | |||
field, which was used with the upgrade to "h2c". | field, which was used with the upgrade to "h2c". | |||
3.2. Starting HTTP/2 for "https" URIs | 3.2. Starting HTTP/2 for "https" URIs | |||
A client that makes a request to an "https" URI uses TLS [TLS13] with | A client that makes a request to an "https" URI uses TLS [TLS13] with | |||
the application-layer protocol negotiation (ALPN) extension | the ALPN extension [TLS-ALPN]. | |||
[TLS-ALPN]. | ||||
HTTP/2 over TLS uses the "h2" protocol identifier. The "h2c" | HTTP/2 over TLS uses the "h2" protocol identifier. The "h2c" | |||
protocol identifier MUST NOT be sent by a client or selected by a | protocol identifier MUST NOT be sent by a client or selected by a | |||
server; the "h2c" protocol identifier describes a protocol that does | server; the "h2c" protocol identifier describes a protocol that does | |||
not use TLS. | not use TLS. | |||
Once TLS negotiation is complete, both the client and the server MUST | Once TLS negotiation is complete, both the client and the server MUST | |||
send a connection preface (Section 3.4). | send a connection preface (Section 3.4). | |||
3.3. Starting HTTP/2 with Prior Knowledge | 3.3. Starting HTTP/2 with Prior Knowledge | |||
skipping to change at page 11, line 21 ¶ | skipping to change at line 480 ¶ | |||
format and semantics of the frame. Frames defined in this | format and semantics of the frame. Frames defined in this | |||
document are listed in Section 6. Implementations MUST ignore and | document are listed in Section 6. Implementations MUST ignore and | |||
discard frames of unknown types. | discard frames of unknown types. | |||
Flags: An 8-bit field reserved for boolean flags specific to the | Flags: An 8-bit field reserved for boolean flags specific to the | |||
frame type. | frame type. | |||
Flags are assigned semantics specific to the indicated frame type. | Flags are assigned semantics specific to the indicated frame type. | |||
Unused flags are those that have no defined semantics for a | Unused flags are those that have no defined semantics for a | |||
particular frame type. Unused flags MUST be ignored on receipt | particular frame type. Unused flags MUST be ignored on receipt | |||
and MUST be left unset (0x0) when sending. | and MUST be left unset (0x00) when sending. | |||
Reserved: A reserved 1-bit field. The semantics of this bit are | Reserved: A reserved 1-bit field. The semantics of this bit are | |||
undefined, and the bit MUST remain unset (0x0) when sending and | undefined, and the bit MUST remain unset (0x00) when sending and | |||
MUST be ignored when receiving. | MUST be ignored when receiving. | |||
Stream Identifier: A stream identifier (see Section 5.1.1) expressed | Stream Identifier: A stream identifier (see Section 5.1.1) expressed | |||
as an unsigned 31-bit integer. The value 0x0 is reserved for | as an unsigned 31-bit integer. The value 0x00 is reserved for | |||
frames that are associated with the connection as a whole as | frames that are associated with the connection as a whole as | |||
opposed to an individual stream. | opposed to an individual stream. | |||
The structure and content of the frame payload is dependent entirely | The structure and content of the frame payload are dependent entirely | |||
on the frame type. | on the frame type. | |||
4.2. Frame Size | 4.2. Frame Size | |||
The size of a frame payload is limited by the maximum size that a | The size of a frame payload is limited by the maximum size that a | |||
receiver advertises in the SETTINGS_MAX_FRAME_SIZE setting. This | receiver advertises in the SETTINGS_MAX_FRAME_SIZE setting. This | |||
setting can have any value between 2^14 (16,384) and 2^24-1 | setting can have any value between 2^14 (16,384) and 2^24-1 | |||
(16,777,215) octets, inclusive. | (16,777,215) octets, inclusive. | |||
All implementations MUST be capable of receiving and minimally | All implementations MUST be capable of receiving and minimally | |||
skipping to change at page 12, line 11 ¶ | skipping to change at line 515 ¶ | |||
| Note: Certain frame types, such as PING (Section 6.7), impose | | Note: Certain frame types, such as PING (Section 6.7), impose | |||
| additional limits on the amount of frame payload data allowed. | | additional limits on the amount of frame payload data allowed. | |||
An endpoint MUST send an error code of FRAME_SIZE_ERROR if a frame | An endpoint MUST send an error code of FRAME_SIZE_ERROR if a frame | |||
exceeds the size defined in SETTINGS_MAX_FRAME_SIZE, exceeds any | exceeds the size defined in SETTINGS_MAX_FRAME_SIZE, exceeds any | |||
limit defined for the frame type, or is too small to contain | limit defined for the frame type, or is too small to contain | |||
mandatory frame data. A frame size error in a frame that could alter | mandatory frame data. A frame size error in a frame that could alter | |||
the state of the entire connection MUST be treated as a connection | the state of the entire connection MUST be treated as a connection | |||
error (Section 5.4.1); this includes any frame carrying a field block | error (Section 5.4.1); this includes any frame carrying a field block | |||
(Section 4.3) (that is, HEADERS, PUSH_PROMISE, and CONTINUATION), | (Section 4.3) (that is, HEADERS, PUSH_PROMISE, and CONTINUATION), a | |||
SETTINGS, and any frame with a stream identifier of 0. | SETTINGS frame, and any frame with a stream identifier of 0. | |||
Endpoints are not obligated to use all available space in a frame. | Endpoints are not obligated to use all available space in a frame. | |||
Responsiveness can be improved by using frames that are smaller than | Responsiveness can be improved by using frames that are smaller than | |||
the permitted maximum size. Sending large frames can result in | the permitted maximum size. Sending large frames can result in | |||
delays in sending time-sensitive frames (such as RST_STREAM, | delays in sending time-sensitive frames (such as RST_STREAM, | |||
WINDOW_UPDATE, or PRIORITY), which, if blocked by the transmission of | WINDOW_UPDATE, or PRIORITY), which, if blocked by the transmission of | |||
a large frame, could affect performance. | a large frame, could affect performance. | |||
4.3. Field Section Compression and Decompression | 4.3. Field Section Compression and Decompression | |||
Field section compression is the process of compressing a set of | Field section compression is the process of compressing a set of | |||
field lines (Section 5.2 of [HTTP]) to form a field block. Field | field lines (Section 5.2 of [HTTP]) to form a field block. Field | |||
section decompression is the process of decoding a field block into a | section decompression is the process of decoding a field block into a | |||
set of field lines. Details of HTTP/2 field section compression and | set of field lines. Details of HTTP/2 field section compression and | |||
decompression is defined in [COMPRESSION], which, for historical | decompression are defined in [COMPRESSION], which, for historical | |||
reasons, refers to these processes as header compression and | reasons, refers to these processes as header compression and | |||
decompression. | decompression. | |||
Each field block carries all of the compressed field lines of a | Each field block carries all of the compressed field lines of a | |||
single field section. Header sections also include control data | single field section. Header sections also include control data | |||
associated with the message in the form of pseudo-header fields | associated with the message in the form of pseudo-header fields | |||
(Section 8.3) that use the same format as a field line. | (Section 8.3) that use the same format as a field line. | |||
| Note: RFC 7540 [RFC7540] used the term "header block" in place | | Note: RFC 7540 [RFC7540] used the term "header block" in place | |||
| of the more generic "field block". | | of the more generic "field block". | |||
Field blocks carry control data and header sections for requests, | Field blocks carry control data and header sections for requests, | |||
responses, promised requests, and pushed responses (see Section 8.4). | responses, promised requests, and pushed responses (see Section 8.4). | |||
All these messages, except for interim responses and requests | All these messages, except for interim responses and requests | |||
contained in PUSH_PROMISE (Section 6.6) frames, can optionally | contained in PUSH_PROMISE (Section 6.6) frames, can optionally | |||
include a field block that carries a trailer section. | include a field block that carries a trailer section. | |||
A field section is a collection of field lines. Each of the field | A field section is a collection of field lines. Each of the field | |||
lines in a field block carry a single value. The serialized field | lines in a field block carries a single value. The serialized field | |||
block is then divided into one or more octet sequences, called field | block is then divided into one or more octet sequences, called field | |||
block fragments. The first field block fragment is transmitted | block fragments. The first field block fragment is transmitted | |||
within the frame payload of HEADERS (Section 6.2) or PUSH_PROMISE | within the frame payload of HEADERS (Section 6.2) or PUSH_PROMISE | |||
(Section 6.6), each of which could be followed by CONTINUATION | (Section 6.6), each of which could be followed by CONTINUATION | |||
(Section 6.10) frames to carry subsequent field block fragments. | (Section 6.10) frames to carry subsequent field block fragments. | |||
The Cookie header field [COOKIE] is treated specially by the HTTP | The Cookie header field [COOKIE] is treated specially by the HTTP | |||
mapping (see Section 8.2.3). | mapping (see Section 8.2.3). | |||
A receiving endpoint reassembles the field block by concatenating its | A receiving endpoint reassembles the field block by concatenating its | |||
skipping to change at page 15, line 32 ¶ | skipping to change at line 674 ¶ | |||
| | | send H / | | | | | | send H / | | | |||
,------+ reserved | | recv H | reserved +------. | ,------+ reserved | | recv H | reserved +------. | |||
| | (local) | | | (remote) | | | | | (local) | | | (remote) | | | |||
| +---+------+ v +------+---+ | | | +---+------+ v +------+---+ | | |||
| | +--------+ | | | | | +--------+ | | | |||
| | recv ES | | send ES | | | | | recv ES | | send ES | | | |||
| send H | ,-------+ open +-------. | recv H | | | send H | ,-------+ open +-------. | recv H | | |||
| | / | | \ | | | | | / | | \ | | | |||
| v v +---+----+ v v | | | v v +---+----+ v v | | |||
| +----------+ | +----------+ | | | +----------+ | +----------+ | | |||
| | half | | | half | | | | | half- | | | half- | | | |||
| | closed | | send R / | closed | | | | | closed | | send R / | closed | | | |||
| | (remote) | | recv R | (local) | | | | | (remote) | | recv R | (local) | | | |||
| +----+-----+ | +-----+----+ | | | +----+-----+ | +-----+----+ | | |||
| | | | | | | | | | | | |||
| | send ES / | recv ES / | | | | | send ES / | recv ES / | | | |||
| | send R / v send R / | | | | | send R / v send R / | | | |||
| | recv R +--------+ recv R | | | | | recv R +--------+ recv R | | | |||
| send R / `----------->| |<-----------' send R / | | | send R / `----------->| |<-----------' send R / | | |||
| recv R | closed | recv R | | | recv R | closed | recv R | | |||
`----------------------->| |<-----------------------' | `----------------------->| |<-----------------------' | |||
skipping to change at page 17, line 7 ¶ | skipping to change at line 744 ¶ | |||
* Note that the PUSH_PROMISE frame is not sent on the idle stream | * Note that the PUSH_PROMISE frame is not sent on the idle stream | |||
but references the newly reserved stream in the Promised Stream | but references the newly reserved stream in the Promised Stream | |||
ID field. | ID field. | |||
* Opening a stream with a higher-valued stream identifier causes | * Opening a stream with a higher-valued stream identifier causes | |||
the stream to transition immediately to a "closed" state; note | the stream to transition immediately to a "closed" state; note | |||
that this transition is not shown in the diagram. | that this transition is not shown in the diagram. | |||
Receiving any frame other than HEADERS or PRIORITY on a stream in | Receiving any frame other than HEADERS or PRIORITY on a stream in | |||
this state MUST be treated as a connection error (Section 5.4.1) | this state MUST be treated as a connection error (Section 5.4.1) | |||
of type PROTOCOL_ERROR. If this stream is server-initiated, as | of type PROTOCOL_ERROR. If this stream is initiated by the | |||
described in Section 5.1.1, then receiving a HEADERS frame MUST | server, as described in Section 5.1.1, then receiving a HEADERS | |||
also be treated as a connection error (Section 5.4.1) of type | frame MUST also be treated as a connection error (Section 5.4.1) | |||
PROTOCOL_ERROR. | of type PROTOCOL_ERROR. | |||
reserved (local): A stream in the "reserved (local)" state is one | reserved (local): A stream in the "reserved (local)" state is one | |||
that has been promised by sending a PUSH_PROMISE frame. A | that has been promised by sending a PUSH_PROMISE frame. A | |||
PUSH_PROMISE frame reserves an idle stream by associating the | PUSH_PROMISE frame reserves an idle stream by associating the | |||
stream with an open stream that was initiated by the remote peer | stream with an open stream that was initiated by the remote peer | |||
(see Section 8.4). | (see Section 8.4). | |||
In this state, only the following transitions are possible: | In this state, only the following transitions are possible: | |||
* The endpoint can send a HEADERS frame. This causes the stream | * The endpoint can send a HEADERS frame. This causes the stream | |||
skipping to change at page 19, line 28 ¶ | skipping to change at line 862 ¶ | |||
RST_STREAM frame might receive a WINDOW_UPDATE or RST_STREAM frame | RST_STREAM frame might receive a WINDOW_UPDATE or RST_STREAM frame | |||
from its peer in the time before the peer receives and processes | from its peer in the time before the peer receives and processes | |||
the frame that closes the stream. | the frame that closes the stream. | |||
An endpoint that sends a RST_STREAM frame on a stream that is in | An endpoint that sends a RST_STREAM frame on a stream that is in | |||
the "open" or "half-closed (local)" state could receive any type | the "open" or "half-closed (local)" state could receive any type | |||
of frame. The peer might have sent or enqueued for sending these | of frame. The peer might have sent or enqueued for sending these | |||
frames before processing the RST_STREAM frame. An endpoint MUST | frames before processing the RST_STREAM frame. An endpoint MUST | |||
minimally process and then discard any frames it receives in this | minimally process and then discard any frames it receives in this | |||
state. This means updating header compression state for HEADERS | state. This means updating header compression state for HEADERS | |||
and PUSH_PROMISE frames; PUSH_PROMISE frames also cause the | and PUSH_PROMISE frames. Receiving a PUSH_PROMISE frame also | |||
promised stream to become "reserved", even when the PUSH_PROMISE | causes the promised stream to become "reserved (remote)", even | |||
frame is received on a closed stream; and, the content of DATA | when the PUSH_PROMISE frame is received on a closed stream. | |||
frames count toward the connection flow-control window. | Additionally, the content of DATA frames counts toward the | |||
connection flow-control window. | ||||
An endpoint can perform this minimal processing for all streams | An endpoint can perform this minimal processing for all streams | |||
that are in the "closed" state. Endpoints MAY use other signals | that are in the "closed" state. Endpoints MAY use other signals | |||
to detect that a peer has received the frames that caused the | to detect that a peer has received the frames that caused the | |||
stream to enter the "closed" state and treat receipt of any frame | stream to enter the "closed" state and treat receipt of any frame | |||
other than PRIORITY as a connection error (Section 5.4.1) of type | other than PRIORITY as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. Endpoints can use frames that indicate that the | PROTOCOL_ERROR. Endpoints can use frames that indicate that the | |||
peer has received the closing signal to drive this. Endpoints | peer has received the closing signal to drive this. Endpoints | |||
SHOULD NOT use timers for this purpose. For example, an endpoint | SHOULD NOT use timers for this purpose. For example, an endpoint | |||
that sends a SETTINGS frame after closing a stream can safely | that sends a SETTINGS frame after closing a stream can safely | |||
skipping to change at page 20, line 7 ¶ | skipping to change at line 891 ¶ | |||
after closing the stream. | after closing the stream. | |||
In the absence of more specific rules, implementations SHOULD treat | In the absence of more specific rules, implementations SHOULD treat | |||
the receipt of a frame that is not expressly permitted in the | the receipt of a frame that is not expressly permitted in the | |||
description of a state as a connection error (Section 5.4.1) of type | description of a state as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. Note that PRIORITY can be sent and received in any | PROTOCOL_ERROR. Note that PRIORITY can be sent and received in any | |||
stream state. | stream state. | |||
The rules in this section only apply to frames defined in this | The rules in this section only apply to frames defined in this | |||
document. Receipt of frames for which the semantics are unknown | document. Receipt of frames for which the semantics are unknown | |||
cannot be treated as an error as the conditions for sending and | cannot be treated as an error, as the conditions for sending and | |||
receiving those frames are also unknown; see Section 5.5. | receiving those frames are also unknown; see Section 5.5. | |||
An example of the state transitions for an HTTP request/response | An example of the state transitions for an HTTP request/response | |||
exchange can be found in Section 8.8. An example of the state | exchange can be found in Section 8.8. An example of the state | |||
transitions for server push can be found in Sections 8.4.1 and 8.4.2. | transitions for server push can be found in Sections 8.4.1 and 8.4.2. | |||
5.1.1. Stream Identifiers | 5.1.1. Stream Identifiers | |||
Streams are identified by an unsigned 31-bit integer. Streams | Streams are identified by an unsigned 31-bit integer. Streams | |||
initiated by a client MUST use odd-numbered stream identifiers; those | initiated by a client MUST use odd-numbered stream identifiers; those | |||
initiated by the server MUST use even-numbered stream identifiers. A | initiated by the server MUST use even-numbered stream identifiers. A | |||
stream identifier of zero (0x0) is used for connection control | stream identifier of zero (0x00) is used for connection control | |||
messages; the stream identifier of zero cannot be used to establish a | messages; the stream identifier of zero cannot be used to establish a | |||
new stream. | new stream. | |||
The identifier of a newly established stream MUST be numerically | The identifier of a newly established stream MUST be numerically | |||
greater than all streams that the initiating endpoint has opened or | greater than all streams that the initiating endpoint has opened or | |||
reserved. This governs streams that are opened using a HEADERS frame | reserved. This governs streams that are opened using a HEADERS frame | |||
and streams that are reserved using PUSH_PROMISE. An endpoint that | and streams that are reserved using PUSH_PROMISE. An endpoint that | |||
receives an unexpected stream identifier MUST respond with a | receives an unexpected stream identifier MUST respond with a | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
A HEADERS frame will transition the client-initiated stream | A HEADERS frame will transition the client-initiated stream | |||
identified by the stream identifier in the frame header from "idle" | identified by the stream identifier in the frame header from "idle" | |||
to "open". A PUSH_PROMISE frame will transition the server-initiated | to "open". A PUSH_PROMISE frame will transition the server-initiated | |||
stream identified by the "Promised Stream ID" field in the frame | stream identified by the Promised Stream ID field in the frame | |||
payload from "idle" to "reserved". When a stream transitions out of | payload from "idle" to "reserved (local)" or "reserved (remote)". | |||
the "idle" state, all "idle" streams that might have been opened by | When a stream transitions out of the "idle" state, all streams in the | |||
the peer with a lower-valued stream identifier immediately transition | "idle" state that might have been opened by the peer with a lower- | |||
to "closed". That is, an endpoint may skip a stream identifier, with | valued stream identifier immediately transition to "closed". That | |||
the effect being that the skipped stream is immediately closed. | is, an endpoint may skip a stream identifier, with the effect being | |||
that the skipped stream is immediately closed. | ||||
Stream identifiers cannot be reused. Long-lived connections can | Stream identifiers cannot be reused. Long-lived connections can | |||
result in an endpoint exhausting the available range of stream | result in an endpoint exhausting the available range of stream | |||
identifiers. A client that is unable to establish a new stream | identifiers. A client that is unable to establish a new stream | |||
identifier can establish a new connection for new streams. A server | identifier can establish a new connection for new streams. A server | |||
that is unable to establish a new stream identifier can send a GOAWAY | that is unable to establish a new stream identifier can send a GOAWAY | |||
frame so that the client is forced to open a new connection for new | frame so that the client is forced to open a new connection for new | |||
streams. | streams. | |||
5.1.2. Stream Concurrency | 5.1.2. Stream Concurrency | |||
skipping to change at page 21, line 40 ¶ | skipping to change at line 968 ¶ | |||
SETTINGS_MAX_CONCURRENT_STREAMS to a value that is below the current | SETTINGS_MAX_CONCURRENT_STREAMS to a value that is below the current | |||
number of open streams can either close streams that exceed the new | number of open streams can either close streams that exceed the new | |||
value or allow streams to complete. | value or allow streams to complete. | |||
5.2. Flow Control | 5.2. Flow Control | |||
Using streams for multiplexing introduces contention over use of the | Using streams for multiplexing introduces contention over use of the | |||
TCP connection, resulting in blocked streams. A flow-control scheme | TCP connection, resulting in blocked streams. A flow-control scheme | |||
ensures that streams on the same connection do not destructively | ensures that streams on the same connection do not destructively | |||
interfere with each other. Flow control is used for both individual | interfere with each other. Flow control is used for both individual | |||
streams and for the connection as a whole. | streams and the connection as a whole. | |||
HTTP/2 provides for flow control through use of the WINDOW_UPDATE | HTTP/2 provides for flow control through use of the WINDOW_UPDATE | |||
frame (Section 6.9). | frame (Section 6.9). | |||
5.2.1. Flow-Control Principles | 5.2.1. Flow-Control Principles | |||
HTTP/2 stream flow control aims to allow a variety of flow-control | HTTP/2 stream flow control aims to allow a variety of flow-control | |||
algorithms to be used without requiring protocol changes. Flow | algorithms to be used without requiring protocol changes. Flow | |||
control in HTTP/2 has the following characteristics: | control in HTTP/2 has the following characteristics: | |||
skipping to change at page 22, line 33 ¶ | skipping to change at line 1007 ¶ | |||
for both new streams and the overall connection. | for both new streams and the overall connection. | |||
5. The frame type determines whether flow control applies to a | 5. The frame type determines whether flow control applies to a | |||
frame. Of the frames specified in this document, only DATA | frame. Of the frames specified in this document, only DATA | |||
frames are subject to flow control; all other frame types do not | frames are subject to flow control; all other frame types do not | |||
consume space in the advertised flow-control window. This | consume space in the advertised flow-control window. This | |||
ensures that important control frames are not blocked by flow | ensures that important control frames are not blocked by flow | |||
control. | control. | |||
6. An endpoint can choose to disable its own flow control, but an | 6. An endpoint can choose to disable its own flow control, but an | |||
endpoint cannot ignore flow control signals from its peer. | endpoint cannot ignore flow-control signals from its peer. | |||
7. HTTP/2 defines only the format and semantics of the WINDOW_UPDATE | 7. HTTP/2 defines only the format and semantics of the WINDOW_UPDATE | |||
frame (Section 6.9). This document does not stipulate how a | frame (Section 6.9). This document does not stipulate how a | |||
receiver decides when to send this frame or the value that it | receiver decides when to send this frame or the value that it | |||
sends, nor does it specify how a sender chooses to send packets. | sends, nor does it specify how a sender chooses to send packets. | |||
Implementations are able to select any algorithm that suits their | Implementations are able to select any algorithm that suits their | |||
needs. | needs. | |||
Implementations are also responsible for prioritizing the sending of | Implementations are also responsible for prioritizing the sending of | |||
requests and responses, choosing how to avoid head-of-line blocking | requests and responses, choosing how to avoid head-of-line blocking | |||
skipping to change at page 23, line 25 ¶ | skipping to change at line 1041 ¶ | |||
control window of the maximum size (2^31-1) and can maintain this | control window of the maximum size (2^31-1) and can maintain this | |||
window by sending a WINDOW_UPDATE frame when any data is received. | window by sending a WINDOW_UPDATE frame when any data is received. | |||
This effectively disables flow control for that receiver. | This effectively disables flow control for that receiver. | |||
Conversely, a sender is always subject to the flow-control window | Conversely, a sender is always subject to the flow-control window | |||
advertised by the receiver. | advertised by the receiver. | |||
Deployments with constrained resources (for example, memory) can | Deployments with constrained resources (for example, memory) can | |||
employ flow control to limit the amount of memory a peer can consume. | employ flow control to limit the amount of memory a peer can consume. | |||
Note, however, that this can lead to suboptimal use of available | Note, however, that this can lead to suboptimal use of available | |||
network resources if flow control is enabled without knowledge of the | network resources if flow control is enabled without knowledge of the | |||
bandwidth-delay product (see [RFC7323]). | bandwidth * delay product (see [RFC7323]). | |||
Even with full awareness of the current bandwidth-delay product, | Even with full awareness of the current bandwidth * delay product, | |||
implementation of flow control can be difficult. Endpoints MUST read | implementation of flow control can be difficult. Endpoints MUST read | |||
and process HTTP/2 frames from the TCP receive buffer as soon as data | and process HTTP/2 frames from the TCP receive buffer as soon as data | |||
is available. Failure to read promptly could lead to a deadlock when | is available. Failure to read promptly could lead to a deadlock when | |||
critical frames, such as WINDOW_UPDATE, are not read and acted upon. | critical frames, such as WINDOW_UPDATE, are not read and acted upon. | |||
Reading frames promptly does not expose endpoints to resource | Reading frames promptly does not expose endpoints to resource | |||
exhaustion attacks as HTTP/2 flow control limits resource | exhaustion attacks, as HTTP/2 flow control limits resource | |||
commitments. | commitments. | |||
5.2.3. Flow Control Performance | 5.2.3. Flow-Control Performance | |||
If an endpoint cannot ensure that its peer always has available flow | If an endpoint cannot ensure that its peer always has available flow- | |||
control window space that is greater than the peer's bandwidth-delay | control window space that is greater than the peer's bandwidth * | |||
product on this connection, its receive throughput will be limited by | delay product on this connection, its receive throughput will be | |||
HTTP/2 flow control. This will result in degraded performance. | limited by HTTP/2 flow control. This will result in degraded | |||
performance. | ||||
Sending timely WINDOW_UPDATE frames can improve performance. | Sending timely WINDOW_UPDATE frames can improve performance. | |||
Endpoints will want to balance the need to improve receive throughput | Endpoints will want to balance the need to improve receive throughput | |||
with the need to manage resource exhaustion risks, and should take | with the need to manage resource exhaustion risks and should take | |||
careful note of Section 10.5 in defining their strategy to manage | careful note of Section 10.5 in defining their strategy to manage | |||
window sizes. | window sizes. | |||
5.3. Prioritization | 5.3. Prioritization | |||
In a multiplexed protocol like HTTP/2, prioritizing allocation of | In a multiplexed protocol like HTTP/2, prioritizing allocation of | |||
bandwidth and computation resources to streams can be critical to | bandwidth and computation resources to streams can be critical to | |||
attaining good performance. A poor prioritization scheme can result | attaining good performance. A poor prioritization scheme can result | |||
in HTTP/2 providing poor performance. With no parallelism at the TCP | in HTTP/2 providing poor performance. With no parallelism at the TCP | |||
layer, performance could be significantly worse than HTTP/1.1. | layer, performance could be significantly worse than HTTP/1.1. | |||
skipping to change at page 24, line 23 ¶ | skipping to change at line 1084 ¶ | |||
A good prioritization scheme benefits from the application of | A good prioritization scheme benefits from the application of | |||
contextual knowledge such as the content of resources, how resources | contextual knowledge such as the content of resources, how resources | |||
are interrelated, and how those resources will be used by a peer. In | are interrelated, and how those resources will be used by a peer. In | |||
particular, clients can possess knowledge about the priority of | particular, clients can possess knowledge about the priority of | |||
requests that is relevant to server prioritization. In those cases, | requests that is relevant to server prioritization. In those cases, | |||
having clients provide priority information can improve performance. | having clients provide priority information can improve performance. | |||
5.3.1. Background on Priority in RFC 7540 | 5.3.1. Background on Priority in RFC 7540 | |||
RFC 7540 defined a rich system for signaling priority of requests. | RFC 7540 defined a rich system for signaling priority of requests. | |||
However, this system proved to be complex and it was not uniformly | However, this system proved to be complex, and it was not uniformly | |||
implemented. | implemented. | |||
The flexible scheme meant that it was possible for clients to express | The flexible scheme meant that it was possible for clients to express | |||
priorities in very different ways, with little consistency in the | priorities in very different ways, with little consistency in the | |||
approaches that were adopted. For servers, implementing generic | approaches that were adopted. For servers, implementing generic | |||
support for the scheme was complex. Implementation of priorities was | support for the scheme was complex. Implementation of priorities was | |||
uneven in both clients and servers. Many server deployments ignored | uneven in both clients and servers. Many server deployments ignored | |||
client signals when prioritizing their handling of requests. | client signals when prioritizing their handling of requests. | |||
In short, the prioritization signaling in RFC7540 [RFC7540] was not | In short, the prioritization signaling in RFC 7540 [RFC7540] was not | |||
successful. | successful. | |||
5.3.2. Priority Signaling in this Document | 5.3.2. Priority Signaling in This Document | |||
This update to HTTP/2 deprecates the priority signaling defined in | This update to HTTP/2 deprecates the priority signaling defined in | |||
RFC 7540 [RFC7540]. The bulk of the text related to priority signals | RFC 7540 [RFC7540]. The bulk of the text related to priority signals | |||
is not included in this document. The description of frame fields | is not included in this document. The description of frame fields | |||
and some of the mandatory handling is retained to ensure that | and some of the mandatory handling is retained to ensure that | |||
implementations of this document remain interoperable with | implementations of this document remain interoperable with | |||
implementations that use the priority signaling described in RFC | implementations that use the priority signaling described in RFC | |||
7540. | 7540. | |||
A thorough description of the RFC 7540 priority scheme remains in | A thorough description of the RFC 7540 priority scheme remains in | |||
Section 5.3 of [RFC7540]. | Section 5.3 of [RFC7540]. | |||
Signaling priority information is necessary to attain good | Signaling priority information is necessary to attain good | |||
performance in many cases. Where signaling priority information is | performance in many cases. Where signaling priority information is | |||
important, endpoints are encouraged to use an alternative scheme, | important, endpoints are encouraged to use an alternative scheme, | |||
such as [I-D.ietf-httpbis-priority]. | such as the scheme described in [HTTP-PRIORITY]. | |||
Though the priority signaling from RFC 7540 was not widely adopted, | Though the priority signaling from RFC 7540 was not widely adopted, | |||
the information it provides can still be useful in the absence of | the information it provides can still be useful in the absence of | |||
better information. Endpoints that receive priority signals in | better information. Endpoints that receive priority signals in | |||
HEADERS or PRIORITY frames can benefit from applying that | HEADERS or PRIORITY frames can benefit from applying that | |||
information. In particular, implementations that consume these | information. In particular, implementations that consume these | |||
signals would not benefit from discarding these priority signals in | signals would not benefit from discarding these priority signals in | |||
the absence of alternatives. | the absence of alternatives. | |||
Servers SHOULD use other contextual information in determining | Servers SHOULD use other contextual information in determining | |||
priority of requests in the absence of any priority signals. Servers | priority of requests in the absence of any priority signals. Servers | |||
MAY interpret the complete absence of signals as an indication that | MAY interpret the complete absence of signals as an indication that | |||
the client has not implemented the feature. The defaults described | the client has not implemented the feature. The defaults described | |||
in Section 5.3.5 of [RFC7540] are known to have poor performance | in Section 5.3.5 of [RFC7540] are known to have poor performance | |||
under most conditions and their use is unlikely to be deliberate. | under most conditions, and their use is unlikely to be deliberate. | |||
5.4. Error Handling | 5.4. Error Handling | |||
HTTP/2 framing permits two classes of error: | HTTP/2 framing permits two classes of errors: | |||
* An error condition that renders the entire connection unusable is | * An error condition that renders the entire connection unusable is | |||
a connection error. | a connection error. | |||
* An error in an individual stream is a stream error. | * An error in an individual stream is a stream error. | |||
A list of error codes is included in Section 7. | A list of error codes is included in Section 7. | |||
It is possible that an endpoint will encounter frames that would | It is possible that an endpoint will encounter frames that would | |||
cause multiple errors. Implementations MAY discover multiple errors | cause multiple errors. Implementations MAY discover multiple errors | |||
skipping to change at page 28, line 17 ¶ | skipping to change at line 1270 ¶ | |||
used for that purpose. If both peers set a value that indicates | used for that purpose. If both peers set a value that indicates | |||
willingness to use the extension, then the extension can be used. If | willingness to use the extension, then the extension can be used. If | |||
a setting is used for extension negotiation, the initial value MUST | a setting is used for extension negotiation, the initial value MUST | |||
be defined in such a fashion that the extension is initially | be defined in such a fashion that the extension is initially | |||
disabled. | disabled. | |||
6. Frame Definitions | 6. Frame Definitions | |||
This specification defines a number of frame types, each identified | This specification defines a number of frame types, each identified | |||
by a unique 8-bit type code. Each frame type serves a distinct | by a unique 8-bit type code. Each frame type serves a distinct | |||
purpose in the establishment and management either of the connection | purpose in the establishment and management of either the connection | |||
as a whole or of individual streams. | as a whole or individual streams. | |||
The transmission of specific frame types can alter the state of a | The transmission of specific frame types can alter the state of a | |||
connection. If endpoints fail to maintain a synchronized view of the | connection. If endpoints fail to maintain a synchronized view of the | |||
connection state, successful communication within the connection will | connection state, successful communication within the connection will | |||
no longer be possible. Therefore, it is important that endpoints | no longer be possible. Therefore, it is important that endpoints | |||
have a shared comprehension of how the state is affected by the use | have a shared comprehension of how the state is affected by the use | |||
of any given frame. | of any given frame. | |||
6.1. DATA | 6.1. DATA | |||
DATA frames (type=0x0) convey arbitrary, variable-length sequences of | DATA frames (type=0x00) convey arbitrary, variable-length sequences | |||
octets associated with a stream. One or more DATA frames are used, | of octets associated with a stream. One or more DATA frames are | |||
for instance, to carry HTTP request or response message contents. | used, for instance, to carry HTTP request or response message | |||
contents. | ||||
DATA frames MAY also contain padding. Padding can be added to DATA | DATA frames MAY also contain padding. Padding can be added to DATA | |||
frames to obscure the size of messages. Padding is a security | frames to obscure the size of messages. Padding is a security | |||
feature; see Section 10.7. | feature; see Section 10.7. | |||
DATA Frame { | DATA Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x0, | Type (8) = 0x00, | |||
Unused Flags (4), | Unused Flags (4), | |||
PADDED Flag (1), | PADDED Flag (1), | |||
Unused Flags (2), | Unused Flags (2), | |||
END_STREAM Flag (1), | END_STREAM Flag (1), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
[Pad Length (8)], | [Pad Length (8)], | |||
skipping to change at page 29, line 25 ¶ | skipping to change at line 1329 ¶ | |||
frame payload after subtracting the length of the other fields | frame payload after subtracting the length of the other fields | |||
that are present. | that are present. | |||
Padding: Padding octets that contain no application semantic value. | Padding: Padding octets that contain no application semantic value. | |||
Padding octets MUST be set to zero when sending. A receiver is | Padding octets MUST be set to zero when sending. A receiver is | |||
not obligated to verify padding but MAY treat non-zero padding as | not obligated to verify padding but MAY treat non-zero padding as | |||
a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The DATA frame defines the following flags: | The DATA frame defines the following flags: | |||
PADDED (0x8): When set, the PADDED flag indicates that the Pad | PADDED (0x08): When set, the PADDED flag indicates that the Pad | |||
Length field and any padding that it describes are present. | Length field and any padding that it describes are present. | |||
END_STREAM (0x1): When set, the END_STREAM flag indicates that this | END_STREAM (0x01): When set, the END_STREAM flag indicates that this | |||
frame is the last that the endpoint will send for the identified | frame is the last that the endpoint will send for the identified | |||
stream. Setting this flag causes the stream to enter one of the | stream. Setting this flag causes the stream to enter one of the | |||
"half-closed" states or the "closed" state (Section 5.1). | "half-closed" states or the "closed" state (Section 5.1). | |||
| Note: An endpoint that learns of stream closure after sending | | Note: An endpoint that learns of stream closure after sending | |||
| all data can close a stream by sending a STREAM frame with a | | all data can close a stream by sending a STREAM frame with a | |||
| zero-length Data field and the END_STREAM flag set. This is | | zero-length Data field and the END_STREAM flag set. This is | |||
| only possible if the endpoint does not send trailers as the | | only possible if the endpoint does not send trailers, as the | |||
| END_STREAM flag appears on a HEADERS frame in that case; see | | END_STREAM flag appears on a HEADERS frame in that case; see | |||
| Section 8.1. | | Section 8.1. | |||
DATA frames MUST be associated with a stream. If a DATA frame is | DATA frames MUST be associated with a stream. If a DATA frame is | |||
received whose stream identifier field is 0x0, the recipient MUST | received whose Stream Identifier field is 0x00, the recipient MUST | |||
respond with a connection error (Section 5.4.1) of type | respond with a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
DATA frames are subject to flow control and can only be sent when a | DATA frames are subject to flow control and can only be sent when a | |||
stream is in the "open" or "half-closed (remote)" state. The entire | stream is in the "open" or "half-closed (remote)" state. The entire | |||
DATA frame payload is included in flow control, including the Pad | DATA frame payload is included in flow control, including the Pad | |||
Length and Padding fields if present. If a DATA frame is received | Length and Padding fields if present. If a DATA frame is received | |||
whose stream is not in "open" or "half-closed (local)" state, the | whose stream is not in the "open" or "half-closed (local)" state, the | |||
recipient MUST respond with a stream error (Section 5.4.2) of type | recipient MUST respond with a stream error (Section 5.4.2) of type | |||
STREAM_CLOSED. | STREAM_CLOSED. | |||
The total number of padding octets is determined by the value of the | The total number of padding octets is determined by the value of the | |||
Pad Length field. If the length of the padding is the length of the | Pad Length field. If the length of the padding is the length of the | |||
frame payload or greater, the recipient MUST treat this as a | frame payload or greater, the recipient MUST treat this as a | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
| Note: A frame can be increased in size by one octet by | | Note: A frame can be increased in size by one octet by | |||
| including a Pad Length field with a value of zero. | | including a Pad Length field with a value of zero. | |||
6.2. HEADERS | 6.2. HEADERS | |||
The HEADERS frame (type=0x1) is used to open a stream (Section 5.1), | The HEADERS frame (type=0x01) is used to open a stream (Section 5.1), | |||
and additionally carries a field block fragment. Despite the name, a | and additionally carries a field block fragment. Despite the name, a | |||
HEADERS frame can carry a header section or a trailer section. | HEADERS frame can carry a header section or a trailer section. | |||
HEADERS frames can be sent on a stream in the "idle", "reserved | HEADERS frames can be sent on a stream in the "idle", "reserved | |||
(local)", "open", or "half-closed (remote)" state. | (local)", "open", or "half-closed (remote)" state. | |||
HEADERS Frame { | HEADERS Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x1, | Type (8) = 0x01, | |||
Unused Flags (2), | Unused Flags (2), | |||
PRIORITY Flag (1), | PRIORITY Flag (1), | |||
Unused Flag (1), | Unused Flag (1), | |||
PADDED Flag (1), | PADDED Flag (1), | |||
END_HEADERS Flag (1), | END_HEADERS Flag (1), | |||
Unused Flag (1), | Unused Flag (1), | |||
END_STREAM Flag (1), | END_STREAM Flag (1), | |||
Reserved (1), | Reserved (1), | |||
skipping to change at page 31, line 27 ¶ | skipping to change at line 1428 ¶ | |||
Padding: Padding octets that contain no application semantic value. | Padding: Padding octets that contain no application semantic value. | |||
Padding octets MUST be set to zero when sending. A receiver is | Padding octets MUST be set to zero when sending. A receiver is | |||
not obligated to verify padding but MAY treat non-zero padding as | not obligated to verify padding but MAY treat non-zero padding as | |||
a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The HEADERS frame defines the following flags: | The HEADERS frame defines the following flags: | |||
PRIORITY (0x20): When set, the PRIORITY flag indicates that the | PRIORITY (0x20): When set, the PRIORITY flag indicates that the | |||
Exclusive, Stream Dependency, and Weight fields are present. | Exclusive, Stream Dependency, and Weight fields are present. | |||
PADDED (0x8): When set, the PADDED flag indicates that the Pad | PADDED (0x08): When set, the PADDED flag indicates that the Pad | |||
Length field and any padding that it describes are present. | Length field and any padding that it describes are present. | |||
END_HEADERS (0x4): When set, the END_HEADERS flag indicates that | END_HEADERS (0x04): When set, the END_HEADERS flag indicates that | |||
this frame contains an entire field block (Section 4.3) and is not | this frame contains an entire field block (Section 4.3) and is not | |||
followed by any CONTINUATION frames. | followed by any CONTINUATION frames. | |||
A HEADERS frame without the END_HEADERS flag set MUST be followed | A HEADERS frame without the END_HEADERS flag set MUST be followed | |||
by a CONTINUATION frame for the same stream. A receiver MUST | by a CONTINUATION frame for the same stream. A receiver MUST | |||
treat the receipt of any other type of frame or a frame on a | treat the receipt of any other type of frame or a frame on a | |||
different stream as a connection error (Section 5.4.1) of type | different stream as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
END_STREAM (0x1): When set, the END_STREAM flag indicates that the | END_STREAM (0x01): When set, the END_STREAM flag indicates that the | |||
field block (Section 4.3) is the last that the endpoint will send | field block (Section 4.3) is the last that the endpoint will send | |||
for the identified stream. | for the identified stream. | |||
A HEADERS frame with the END_STREAM flag set signals the end of a | A HEADERS frame with the END_STREAM flag set signals the end of a | |||
stream. However, a HEADERS frame with the END_STREAM flag set can | stream. However, a HEADERS frame with the END_STREAM flag set can | |||
be followed by CONTINUATION frames on the same stream. Logically, | be followed by CONTINUATION frames on the same stream. Logically, | |||
the CONTINUATION frames are part of the HEADERS frame. | the CONTINUATION frames are part of the HEADERS frame. | |||
The frame payload of a HEADERS frame contains a field block fragment | The frame payload of a HEADERS frame contains a field block fragment | |||
(Section 4.3). A field block that does not fit within a HEADERS | (Section 4.3). A field block that does not fit within a HEADERS | |||
frame is continued in a CONTINUATION frame (Section 6.10). | frame is continued in a CONTINUATION frame (Section 6.10). | |||
HEADERS frames MUST be associated with a stream. If a HEADERS frame | HEADERS frames MUST be associated with a stream. If a HEADERS frame | |||
is received whose stream identifier field is 0x0, the recipient MUST | is received whose Stream Identifier field is 0x00, the recipient MUST | |||
respond with a connection error (Section 5.4.1) of type | respond with a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
The HEADERS frame changes the connection state as described in | The HEADERS frame changes the connection state as described in | |||
Section 4.3. | Section 4.3. | |||
The total number of padding octets is determined by the value of the | The total number of padding octets is determined by the value of the | |||
Pad Length field. If the length of the padding is the length of the | Pad Length field. If the length of the padding is the length of the | |||
frame payload or greater, the recipient MUST treat this as a | frame payload or greater, the recipient MUST treat this as a | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
| Note: A frame can be increased in size by one octet by | | Note: A frame can be increased in size by one octet by | |||
| including a Pad Length field with a value of zero. | | including a Pad Length field with a value of zero. | |||
6.3. PRIORITY | 6.3. PRIORITY | |||
The PRIORITY frame (type=0x2) is deprecated; see Section 5.3.2. A | The PRIORITY frame (type=0x02) is deprecated; see Section 5.3.2. A | |||
PRIORITY frame can be sent in any stream state, including idle or | PRIORITY frame can be sent in any stream state, including idle or | |||
closed streams. | closed streams. | |||
PRIORITY Frame { | PRIORITY Frame { | |||
Length (24) = 0x5, | Length (24) = 0x05, | |||
Type (8) = 0x2, | Type (8) = 0x02, | |||
Unused Flags (8), | Unused Flags (8), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
Exclusive (1), | Exclusive (1), | |||
Stream Dependency (31), | Stream Dependency (31), | |||
Weight (8), | Weight (8), | |||
} | } | |||
skipping to change at page 33, line 8 ¶ | skipping to change at line 1505 ¶ | |||
Exclusive: A single-bit flag. | Exclusive: A single-bit flag. | |||
Stream Dependency: A 31-bit stream identifier. | Stream Dependency: A 31-bit stream identifier. | |||
Weight: An unsigned 8-bit integer. | Weight: An unsigned 8-bit integer. | |||
The PRIORITY frame does not define any flags. | The PRIORITY frame does not define any flags. | |||
The PRIORITY frame always identifies a stream. If a PRIORITY frame | The PRIORITY frame always identifies a stream. If a PRIORITY frame | |||
is received with a stream identifier of 0x0, the recipient MUST | is received with a stream identifier of 0x00, the recipient MUST | |||
respond with a connection error (Section 5.4.1) of type | respond with a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
Sending or receiving a PRIORITY frame does not affect the state of | Sending or receiving a PRIORITY frame does not affect the state of | |||
any stream (Section 5.1). The PRIORITY frame can be sent on a stream | any stream (Section 5.1). The PRIORITY frame can be sent on a stream | |||
in any state, including "idle" or "closed". A PRIORITY frame cannot | in any state, including "idle" or "closed". A PRIORITY frame cannot | |||
be sent between consecutive frames that comprise a single field block | be sent between consecutive frames that comprise a single field block | |||
(Section 4.3). | (Section 4.3). | |||
A PRIORITY frame with a length other than 5 octets MUST be treated as | A PRIORITY frame with a length other than 5 octets MUST be treated as | |||
a stream error (Section 5.4.2) of type FRAME_SIZE_ERROR. | a stream error (Section 5.4.2) of type FRAME_SIZE_ERROR. | |||
6.4. RST_STREAM | 6.4. RST_STREAM | |||
The RST_STREAM frame (type=0x3) allows for immediate termination of a | The RST_STREAM frame (type=0x03) allows for immediate termination of | |||
stream. RST_STREAM is sent to request cancellation of a stream or to | a stream. RST_STREAM is sent to request cancellation of a stream or | |||
indicate that an error condition has occurred. | to indicate that an error condition has occurred. | |||
RST_STREAM Frame { | RST_STREAM Frame { | |||
Length (24) = 0x4, | Length (24) = 0x04, | |||
Type (8) = 0x3, | Type (8) = 0x03, | |||
Unused Flags (8), | Unused Flags (8), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
Error Code (32), | Error Code (32), | |||
} | } | |||
Figure 6: RST_STREAM Frame Format | Figure 6: RST_STREAM Frame Format | |||
skipping to change at page 34, line 9 ¶ | skipping to change at line 1555 ¶ | |||
The RST_STREAM frame fully terminates the referenced stream and | The RST_STREAM frame fully terminates the referenced stream and | |||
causes it to enter the "closed" state. After receiving a RST_STREAM | causes it to enter the "closed" state. After receiving a RST_STREAM | |||
on a stream, the receiver MUST NOT send additional frames for that | on a stream, the receiver MUST NOT send additional frames for that | |||
stream, except for PRIORITY. However, after sending the RST_STREAM, | stream, except for PRIORITY. However, after sending the RST_STREAM, | |||
the sending endpoint MUST be prepared to receive and process | the sending endpoint MUST be prepared to receive and process | |||
additional frames sent on the stream that might have been sent by the | additional frames sent on the stream that might have been sent by the | |||
peer prior to the arrival of the RST_STREAM. | peer prior to the arrival of the RST_STREAM. | |||
RST_STREAM frames MUST be associated with a stream. If a RST_STREAM | RST_STREAM frames MUST be associated with a stream. If a RST_STREAM | |||
frame is received with a stream identifier of 0x0, the recipient MUST | frame is received with a stream identifier of 0x00, the recipient | |||
treat this as a connection error (Section 5.4.1) of type | MUST treat this as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
RST_STREAM frames MUST NOT be sent for a stream in the "idle" state. | RST_STREAM frames MUST NOT be sent for a stream in the "idle" state. | |||
If a RST_STREAM frame identifying an idle stream is received, the | If a RST_STREAM frame identifying an idle stream is received, the | |||
recipient MUST treat this as a connection error (Section 5.4.1) of | recipient MUST treat this as a connection error (Section 5.4.1) of | |||
type PROTOCOL_ERROR. | type PROTOCOL_ERROR. | |||
A RST_STREAM frame with a length other than 4 octets MUST be treated | A RST_STREAM frame with a length other than 4 octets MUST be treated | |||
as a connection error (Section 5.4.1) of type FRAME_SIZE_ERROR. | as a connection error (Section 5.4.1) of type FRAME_SIZE_ERROR. | |||
6.5. SETTINGS | 6.5. SETTINGS | |||
The SETTINGS frame (type=0x4) conveys configuration parameters that | The SETTINGS frame (type=0x04) conveys configuration parameters that | |||
affect how endpoints communicate, such as preferences and constraints | affect how endpoints communicate, such as preferences and constraints | |||
on peer behavior. The SETTINGS frame is also used to acknowledge the | on peer behavior. The SETTINGS frame is also used to acknowledge the | |||
receipt of those settings. Individually, a configuration parameter | receipt of those settings. Individually, a configuration parameter | |||
from a SETTINGS frame is referred to as a "setting". | from a SETTINGS frame is referred to as a "setting". | |||
Settings are not negotiated; they describe characteristics of the | Settings are not negotiated; they describe characteristics of the | |||
sending peer, which are used by the receiving peer. Different values | sending peer, which are used by the receiving peer. Different values | |||
for the same setting can be advertised by each peer. For example, a | for the same setting can be advertised by each peer. For example, a | |||
client might set a high initial flow-control window, whereas a server | client might set a high initial flow-control window, whereas a server | |||
might set a lower value to conserve resources. | might set a lower value to conserve resources. | |||
skipping to change at page 34, line 50 ¶ | skipping to change at line 1596 ¶ | |||
Each parameter in a SETTINGS frame replaces any existing value for | Each parameter in a SETTINGS frame replaces any existing value for | |||
that parameter. Settings are processed in the order in which they | that parameter. Settings are processed in the order in which they | |||
appear, and a receiver of a SETTINGS frame does not need to maintain | appear, and a receiver of a SETTINGS frame does not need to maintain | |||
any state other than the current value of each setting. Therefore, | any state other than the current value of each setting. Therefore, | |||
the value of a SETTINGS parameter is the last value that is seen by a | the value of a SETTINGS parameter is the last value that is seen by a | |||
receiver. | receiver. | |||
SETTINGS frames are acknowledged by the receiving peer. To enable | SETTINGS frames are acknowledged by the receiving peer. To enable | |||
this, the SETTINGS frame defines the ACK flag: | this, the SETTINGS frame defines the ACK flag: | |||
ACK (0x1): When set, the ACK flag indicates that this frame | ACK (0x01): When set, the ACK flag indicates that this frame | |||
acknowledges receipt and application of the peer's SETTINGS frame. | acknowledges receipt and application of the peer's SETTINGS frame. | |||
When this bit is set, the frame payload of the SETTINGS frame MUST | When this bit is set, the frame payload of the SETTINGS frame MUST | |||
be empty. Receipt of a SETTINGS frame with the ACK flag set and a | be empty. Receipt of a SETTINGS frame with the ACK flag set and a | |||
length field value other than 0 MUST be treated as a connection | length field value other than 0 MUST be treated as a connection | |||
error (Section 5.4.1) of type FRAME_SIZE_ERROR. For more | error (Section 5.4.1) of type FRAME_SIZE_ERROR. For more | |||
information, see Section 6.5.3 ("Settings Synchronization"). | information, see Section 6.5.3 ("Settings Synchronization"). | |||
SETTINGS frames always apply to a connection, never a single stream. | SETTINGS frames always apply to a connection, never a single stream. | |||
The stream identifier for a SETTINGS frame MUST be zero (0x0). If an | The stream identifier for a SETTINGS frame MUST be zero (0x00). If | |||
endpoint receives a SETTINGS frame whose stream identifier field is | an endpoint receives a SETTINGS frame whose Stream Identifier field | |||
anything other than 0x0, the endpoint MUST respond with a connection | is anything other than 0x00, the endpoint MUST respond with a | |||
error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The SETTINGS frame affects connection state. A badly formed or | The SETTINGS frame affects connection state. A badly formed or | |||
incomplete SETTINGS frame MUST be treated as a connection error | incomplete SETTINGS frame MUST be treated as a connection error | |||
(Section 5.4.1) of type PROTOCOL_ERROR. | (Section 5.4.1) of type PROTOCOL_ERROR. | |||
A SETTINGS frame with a length other than a multiple of 6 octets MUST | A SETTINGS frame with a length other than a multiple of 6 octets MUST | |||
be treated as a connection error (Section 5.4.1) of type | be treated as a connection error (Section 5.4.1) of type | |||
FRAME_SIZE_ERROR. | FRAME_SIZE_ERROR. | |||
6.5.1. SETTINGS Format | 6.5.1. SETTINGS Format | |||
The frame payload of a SETTINGS frame consists of zero or more | The frame payload of a SETTINGS frame consists of zero or more | |||
settings, each consisting of an unsigned 16-bit setting identifier | settings, each consisting of an unsigned 16-bit setting identifier | |||
and an unsigned 32-bit value. | and an unsigned 32-bit value. | |||
SETTINGS Frame { | SETTINGS Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x4, | Type (8) = 0x04, | |||
Unused Flags (7), | Unused Flags (7), | |||
ACK Flag (1), | ACK Flag (1), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31) = 0, | Stream Identifier (31) = 0, | |||
Setting (48) ..., | Setting (48) ..., | |||
} | } | |||
skipping to change at page 36, line 18 ¶ | skipping to change at line 1657 ¶ | |||
of: | of: | |||
Identifier: A 16-bit setting identifier; see Section 6.5.2. | Identifier: A 16-bit setting identifier; see Section 6.5.2. | |||
Value: A 32-bit value for the setting. | Value: A 32-bit value for the setting. | |||
6.5.2. Defined Settings | 6.5.2. Defined Settings | |||
The following settings are defined: | The following settings are defined: | |||
SETTINGS_HEADER_TABLE_SIZE (0x1): Allows the sender to inform the | SETTINGS_HEADER_TABLE_SIZE (0x01): This setting allows the sender to | |||
remote endpoint of the maximum size of the compression table used | inform the remote endpoint of the maximum size of the compression | |||
to decode field blocks, in units of octets. The encoder can | table used to decode field blocks, in units of octets. The | |||
select any size equal to or less than this value by using | encoder can select any size equal to or less than this value by | |||
signaling specific to the compression format inside a field block | using signaling specific to the compression format inside a field | |||
(see [COMPRESSION]). The initial value is 4,096 octets. | block (see [COMPRESSION]). The initial value is 4,096 octets. | |||
SETTINGS_ENABLE_PUSH (0x2): This setting can be used to disable | SETTINGS_ENABLE_PUSH (0x02): This setting can be used to enable or | |||
server push (Section 8.4). A server MUST NOT send a PUSH_PROMISE | disable server push. A server MUST NOT send a PUSH_PROMISE frame | |||
frame if it receives this parameter set to a value of 0. A client | if it receives this parameter set to a value of 0; see | |||
that has both set this parameter to 0 and had it acknowledged MUST | Section 8.4. A client that has both set this parameter to 0 and | |||
treat the receipt of a PUSH_PROMISE frame as a connection error | had it acknowledged MUST treat the receipt of a PUSH_PROMISE frame | |||
(Section 5.4.1) of type PROTOCOL_ERROR. | as a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The initial value of SETTINGS_ENABLE_PUSH is 1. For a client this | The initial value of SETTINGS_ENABLE_PUSH is 1. For a client, | |||
value indicates that it is willing to receive PUSH_PROMISE frames. | this value indicates that it is willing to receive PUSH_PROMISE | |||
For a server this initial value has no effect, and is equivalent | frames. For a server, this initial value has no effect, and is | |||
to the value 0. Any value other than 0 or 1 MUST be treated as a | equivalent to the value 0. Any value other than 0 or 1 MUST be | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | treated as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | ||||
A server MUST NOT explicitly set this value to 1. A server MAY | A server MUST NOT explicitly set this value to 1. A server MAY | |||
choose to omit this setting when it sends a SETTINGS frame, but if | choose to omit this setting when it sends a SETTINGS frame, but if | |||
a server does include a value it MUST be 0. A client MUST treat | a server does include a value, it MUST be 0. A client MUST treat | |||
receipt of a SETTINGS frame with SETTINGS_ENABLE_PUSH set to 1 as | receipt of a SETTINGS frame with SETTINGS_ENABLE_PUSH set to 1 as | |||
a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
SETTINGS_MAX_CONCURRENT_STREAMS (0x3): Indicates the maximum number | SETTINGS_MAX_CONCURRENT_STREAMS (0x03): This setting indicates the | |||
of concurrent streams that the sender will allow. This limit is | maximum number of concurrent streams that the sender will allow. | |||
directional: it applies to the number of streams that the sender | This limit is directional: it applies to the number of streams | |||
permits the receiver to create. Initially, there is no limit to | that the sender permits the receiver to create. Initially, there | |||
this value. It is recommended that this value be no smaller than | is no limit to this value. It is recommended that this value be | |||
100, so as to not unnecessarily limit parallelism. | no smaller than 100, so as to not unnecessarily limit parallelism. | |||
A value of 0 for SETTINGS_MAX_CONCURRENT_STREAMS SHOULD NOT be | A value of 0 for SETTINGS_MAX_CONCURRENT_STREAMS SHOULD NOT be | |||
treated as special by endpoints. A zero value does prevent the | treated as special by endpoints. A zero value does prevent the | |||
creation of new streams; however, this can also happen for any | creation of new streams; however, this can also happen for any | |||
limit that is exhausted with active streams. Servers SHOULD only | limit that is exhausted with active streams. Servers SHOULD only | |||
set a zero value for short durations; if a server does not wish to | set a zero value for short durations; if a server does not wish to | |||
accept requests, closing the connection is more appropriate. | accept requests, closing the connection is more appropriate. | |||
SETTINGS_INITIAL_WINDOW_SIZE (0x4): Indicates the sender's initial | SETTINGS_INITIAL_WINDOW_SIZE (0x04): This setting indicates the | |||
window size (in units of octets) for stream-level flow control. | sender's initial window size (in units of octets) for stream-level | |||
The initial value is 2^16-1 (65,535) octets. | flow control. The initial value is 2^16-1 (65,535) octets. | |||
This setting affects the window size of all streams (see | This setting affects the window size of all streams (see | |||
Section 6.9.2). | Section 6.9.2). | |||
Values above the maximum flow-control window size of 2^31-1 MUST | Values above the maximum flow-control window size of 2^31-1 MUST | |||
be treated as a connection error (Section 5.4.1) of type | be treated as a connection error (Section 5.4.1) of type | |||
FLOW_CONTROL_ERROR. | FLOW_CONTROL_ERROR. | |||
SETTINGS_MAX_FRAME_SIZE (0x5): Indicates the size of the largest | SETTINGS_MAX_FRAME_SIZE (0x05): This setting indicates the size of | |||
frame payload that the sender is willing to receive, in units of | the largest frame payload that the sender is willing to receive, | |||
octets. | in units of octets. | |||
The initial value is 2^14 (16,384) octets. The value advertised | The initial value is 2^14 (16,384) octets. The value advertised | |||
by an endpoint MUST be between this initial value and the maximum | by an endpoint MUST be between this initial value and the maximum | |||
allowed frame size (2^24-1 or 16,777,215 octets), inclusive. | allowed frame size (2^24-1 or 16,777,215 octets), inclusive. | |||
Values outside this range MUST be treated as a connection error | Values outside this range MUST be treated as a connection error | |||
(Section 5.4.1) of type PROTOCOL_ERROR. | (Section 5.4.1) of type PROTOCOL_ERROR. | |||
SETTINGS_MAX_HEADER_LIST_SIZE (0x6): This advisory setting informs a | SETTINGS_MAX_HEADER_LIST_SIZE (0x06): This advisory setting informs | |||
peer of the maximum size of field section that the sender is | a peer of the maximum field section size that the sender is | |||
prepared to accept, in units of octets. The value is based on the | prepared to accept, in units of octets. The value is based on the | |||
uncompressed size of field lines, including the length of the name | uncompressed size of field lines, including the length of the name | |||
and value in units of octets plus an overhead of 32 octets for | and value in units of octets plus an overhead of 32 octets for | |||
each field line. | each field line. | |||
For any given request, a lower limit than what is advertised MAY | For any given request, a lower limit than what is advertised MAY | |||
be enforced. The initial value of this setting is unlimited. | be enforced. The initial value of this setting is unlimited. | |||
An endpoint that receives a SETTINGS frame with any unknown or | An endpoint that receives a SETTINGS frame with any unknown or | |||
unsupported identifier MUST ignore that setting. | unsupported identifier MUST ignore that setting. | |||
skipping to change at page 38, line 26 ¶ | skipping to change at line 1753 ¶ | |||
settings MUST be ignored. Once all values have been processed, the | settings MUST be ignored. Once all values have been processed, the | |||
recipient MUST immediately emit a SETTINGS frame with the ACK flag | recipient MUST immediately emit a SETTINGS frame with the ACK flag | |||
set. Upon receiving a SETTINGS frame with the ACK flag set, the | set. Upon receiving a SETTINGS frame with the ACK flag set, the | |||
sender of the altered settings can rely on the values from the oldest | sender of the altered settings can rely on the values from the oldest | |||
unacknowledged SETTINGS frame having been applied. | unacknowledged SETTINGS frame having been applied. | |||
If the sender of a SETTINGS frame does not receive an acknowledgment | If the sender of a SETTINGS frame does not receive an acknowledgment | |||
within a reasonable amount of time, it MAY issue a connection error | within a reasonable amount of time, it MAY issue a connection error | |||
(Section 5.4.1) of type SETTINGS_TIMEOUT. In setting a timeout, some | (Section 5.4.1) of type SETTINGS_TIMEOUT. In setting a timeout, some | |||
allowance needs to be made for processing delays at the peer; a | allowance needs to be made for processing delays at the peer; a | |||
timeout that is solely based on the round trip time between endpoints | timeout that is solely based on the round-trip time between endpoints | |||
might result in spurious errors. | might result in spurious errors. | |||
6.6. PUSH_PROMISE | 6.6. PUSH_PROMISE | |||
The PUSH_PROMISE frame (type=0x5) is used to notify the peer endpoint | The PUSH_PROMISE frame (type=0x05) is used to notify the peer | |||
in advance of streams the sender intends to initiate. The | endpoint in advance of streams the sender intends to initiate. The | |||
PUSH_PROMISE frame includes the unsigned 31-bit identifier of the | PUSH_PROMISE frame includes the unsigned 31-bit identifier of the | |||
stream the endpoint plans to create along with a field section that | stream the endpoint plans to create along with a field section that | |||
provides additional context for the stream. Section 8.4 contains a | provides additional context for the stream. Section 8.4 contains a | |||
thorough description of the use of PUSH_PROMISE frames. | thorough description of the use of PUSH_PROMISE frames. | |||
PUSH_PROMISE Frame { | PUSH_PROMISE Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x5, | Type (8) = 0x05, | |||
Unused Flags (4), | Unused Flags (4), | |||
PADDED Flag (1), | PADDED Flag (1), | |||
END_HEADERS Flag (1), | END_HEADERS Flag (1), | |||
Unused Flags (2), | Unused Flags (2), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
[Pad Length (8)], | [Pad Length (8)], | |||
skipping to change at page 39, line 34 ¶ | skipping to change at line 1794 ¶ | |||
Figure 8: PUSH_PROMISE Frame Format | Figure 8: PUSH_PROMISE Frame Format | |||
The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | |||
fields are described in Section 4. The PUSH_PROMISE frame payload | fields are described in Section 4. The PUSH_PROMISE frame payload | |||
has the following additional fields: | has the following additional fields: | |||
Pad Length: An 8-bit field containing the length of the frame | Pad Length: An 8-bit field containing the length of the frame | |||
padding in units of octets. This field is only present if the | padding in units of octets. This field is only present if the | |||
PADDED flag is set. | PADDED flag is set. | |||
Reserved: A single reserved bit. | ||||
Promised Stream ID: An unsigned 31-bit integer that identifies the | Promised Stream ID: An unsigned 31-bit integer that identifies the | |||
stream that is reserved by the PUSH_PROMISE. The promised stream | stream that is reserved by the PUSH_PROMISE. The promised stream | |||
identifier MUST be a valid choice for the next stream sent by the | identifier MUST be a valid choice for the next stream sent by the | |||
sender (see "new stream identifier" in Section 5.1.1). | sender (see "new stream identifier" in Section 5.1.1). | |||
Field Block Fragment: A field block fragment (Section 4.3) | Field Block Fragment: A field block fragment (Section 4.3) | |||
containing request control data and header section. | containing the request control data and a header section. | |||
Padding: Padding octets that contain no application semantic value. | Padding: Padding octets that contain no application semantic value. | |||
Padding octets MUST be set to zero when sending. A receiver is | Padding octets MUST be set to zero when sending. A receiver is | |||
not obligated to verify padding but MAY treat non-zero padding as | not obligated to verify padding but MAY treat non-zero padding as | |||
a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | a connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The PUSH_PROMISE frame defines the following flags: | The PUSH_PROMISE frame defines the following flags: | |||
PADDED (0x8): When set, the PADDED flag indicates that the Pad | PADDED (0x08): When set, the PADDED flag indicates that the Pad | |||
Length field and any padding that it describes are present. | Length field and any padding that it describes are present. | |||
END_HEADERS (0x4): When set, the END_HEADERS flag indicates that | END_HEADERS (0x04): When set, the END_HEADERS flag indicates that | |||
this frame contains an entire field block (Section 4.3) and is not | this frame contains an entire field block (Section 4.3) and is not | |||
followed by any CONTINUATION frames. | followed by any CONTINUATION frames. | |||
A PUSH_PROMISE frame without the END_HEADERS flag set MUST be | A PUSH_PROMISE frame without the END_HEADERS flag set MUST be | |||
followed by a CONTINUATION frame for the same stream. A receiver | followed by a CONTINUATION frame for the same stream. A receiver | |||
MUST treat the receipt of any other type of frame or a frame on a | MUST treat the receipt of any other type of frame or a frame on a | |||
different stream as a connection error (Section 5.4.1) of type | different stream as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
PUSH_PROMISE frames MUST only be sent on a peer-initiated stream that | PUSH_PROMISE frames MUST only be sent on a peer-initiated stream that | |||
is in either the "open" or "half-closed (remote)" state. The stream | is in either the "open" or "half-closed (remote)" state. The stream | |||
identifier of a PUSH_PROMISE frame indicates the stream it is | identifier of a PUSH_PROMISE frame indicates the stream it is | |||
associated with. If the stream identifier field specifies the value | associated with. If the Stream Identifier field specifies the value | |||
0x0, a recipient MUST respond with a connection error (Section 5.4.1) | 0x00, a recipient MUST respond with a connection error | |||
of type PROTOCOL_ERROR. | (Section 5.4.1) of type PROTOCOL_ERROR. | |||
Promised streams are not required to be used in the order they are | Promised streams are not required to be used in the order they are | |||
promised. The PUSH_PROMISE only reserves stream identifiers for | promised. The PUSH_PROMISE only reserves stream identifiers for | |||
later use. | later use. | |||
PUSH_PROMISE MUST NOT be sent if the SETTINGS_ENABLE_PUSH setting of | PUSH_PROMISE MUST NOT be sent if the SETTINGS_ENABLE_PUSH setting of | |||
the peer endpoint is set to 0. An endpoint that has set this setting | the peer endpoint is set to 0. An endpoint that has set this setting | |||
and has received acknowledgment MUST treat the receipt of a | and has received acknowledgment MUST treat the receipt of a | |||
PUSH_PROMISE frame as a connection error (Section 5.4.1) of type | PUSH_PROMISE frame as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
Recipients of PUSH_PROMISE frames can choose to reject promised | Recipients of PUSH_PROMISE frames can choose to reject promised | |||
streams by returning a RST_STREAM referencing the promised stream | streams by returning a RST_STREAM referencing the promised stream | |||
identifier back to the sender of the PUSH_PROMISE. | identifier back to the sender of the PUSH_PROMISE. | |||
A PUSH_PROMISE frame modifies the connection state in two ways. | A PUSH_PROMISE frame modifies the connection state in two ways. | |||
First, the inclusion of a field block (Section 4.3) potentially | First, the inclusion of a field block (Section 4.3) potentially | |||
modifies the state maintained for field section compression. Second, | modifies the state maintained for field section compression. Second, | |||
PUSH_PROMISE also reserves a stream for later use, causing the | PUSH_PROMISE also reserves a stream for later use, causing the | |||
promised stream to enter the "reserved" state. A sender MUST NOT | promised stream to enter the "reserved (local)" or "reserved | |||
send a PUSH_PROMISE on a stream unless that stream is either "open" | (remote)" state. A sender MUST NOT send a PUSH_PROMISE on a stream | |||
or "half-closed (remote)"; the sender MUST ensure that the promised | unless that stream is either "open" or "half-closed (remote)"; the | |||
stream is a valid choice for a new stream identifier (Section 5.1.1) | sender MUST ensure that the promised stream is a valid choice for a | |||
(that is, the promised stream MUST be in the "idle" state). | new stream identifier (Section 5.1.1) (that is, the promised stream | |||
MUST be in the "idle" state). | ||||
Since PUSH_PROMISE reserves a stream, ignoring a PUSH_PROMISE frame | Since PUSH_PROMISE reserves a stream, ignoring a PUSH_PROMISE frame | |||
causes the stream state to become indeterminate. A receiver MUST | causes the stream state to become indeterminate. A receiver MUST | |||
treat the receipt of a PUSH_PROMISE on a stream that is neither | treat the receipt of a PUSH_PROMISE on a stream that is neither | |||
"open" nor "half-closed (local)" as a connection error | "open" nor "half-closed (local)" as a connection error | |||
(Section 5.4.1) of type PROTOCOL_ERROR. However, an endpoint that | (Section 5.4.1) of type PROTOCOL_ERROR. However, an endpoint that | |||
has sent RST_STREAM on the associated stream MUST handle PUSH_PROMISE | has sent RST_STREAM on the associated stream MUST handle PUSH_PROMISE | |||
frames that might have been created before the RST_STREAM frame is | frames that might have been created before the RST_STREAM frame is | |||
received and processed. | received and processed. | |||
skipping to change at page 41, line 30 ¶ | skipping to change at line 1879 ¶ | |||
The total number of padding octets is determined by the value of the | The total number of padding octets is determined by the value of the | |||
Pad Length field. If the length of the padding is the length of the | Pad Length field. If the length of the padding is the length of the | |||
frame payload or greater, the recipient MUST treat this as a | frame payload or greater, the recipient MUST treat this as a | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
| Note: A frame can be increased in size by one octet by | | Note: A frame can be increased in size by one octet by | |||
| including a Pad Length field with a value of zero. | | including a Pad Length field with a value of zero. | |||
6.7. PING | 6.7. PING | |||
The PING frame (type=0x6) is a mechanism for measuring a minimal | The PING frame (type=0x06) is a mechanism for measuring a minimal | |||
round-trip time from the sender, as well as determining whether an | round-trip time from the sender, as well as determining whether an | |||
idle connection is still functional. PING frames can be sent from | idle connection is still functional. PING frames can be sent from | |||
any endpoint. | any endpoint. | |||
PING Frame { | PING Frame { | |||
Length (24) = 0x8, | Length (24) = 0x08, | |||
Type (8) = 0x6, | Type (8) = 0x06, | |||
Unused Flags (7), | Unused Flags (7), | |||
ACK Flag (1), | ACK Flag (1), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31) = 0, | Stream Identifier (31) = 0, | |||
Opaque Data (64), | Opaque Data (64), | |||
} | } | |||
skipping to change at page 42, line 16 ¶ | skipping to change at line 1913 ¶ | |||
opaque data in the frame payload. A sender can include any value it | opaque data in the frame payload. A sender can include any value it | |||
chooses and use those octets in any fashion. | chooses and use those octets in any fashion. | |||
Receivers of a PING frame that does not include an ACK flag MUST send | Receivers of a PING frame that does not include an ACK flag MUST send | |||
a PING frame with the ACK flag set in response, with an identical | a PING frame with the ACK flag set in response, with an identical | |||
frame payload. PING responses SHOULD be given higher priority than | frame payload. PING responses SHOULD be given higher priority than | |||
any other frame. | any other frame. | |||
The PING frame defines the following flags: | The PING frame defines the following flags: | |||
ACK (0x1): When set, the ACK flag indicates that this PING frame is | ACK (0x01): When set, the ACK flag indicates that this PING frame is | |||
a PING response. An endpoint MUST set this flag in PING | a PING response. An endpoint MUST set this flag in PING | |||
responses. An endpoint MUST NOT respond to PING frames containing | responses. An endpoint MUST NOT respond to PING frames containing | |||
this flag. | this flag. | |||
PING frames are not associated with any individual stream. If a PING | PING frames are not associated with any individual stream. If a PING | |||
frame is received with a stream identifier field value other than | frame is received with a Stream Identifier field value other than | |||
0x0, the recipient MUST respond with a connection error | 0x00, the recipient MUST respond with a connection error | |||
(Section 5.4.1) of type PROTOCOL_ERROR. | (Section 5.4.1) of type PROTOCOL_ERROR. | |||
Receipt of a PING frame with a length field value other than 8 MUST | Receipt of a PING frame with a length field value other than 8 MUST | |||
be treated as a connection error (Section 5.4.1) of type | be treated as a connection error (Section 5.4.1) of type | |||
FRAME_SIZE_ERROR. | FRAME_SIZE_ERROR. | |||
6.8. GOAWAY | 6.8. GOAWAY | |||
The GOAWAY frame (type=0x7) is used to initiate shutdown of a | The GOAWAY frame (type=0x07) is used to initiate shutdown of a | |||
connection or to signal serious error conditions. GOAWAY allows an | connection or to signal serious error conditions. GOAWAY allows an | |||
endpoint to gracefully stop accepting new streams while still | endpoint to gracefully stop accepting new streams while still | |||
finishing processing of previously established streams. This enables | finishing processing of previously established streams. This enables | |||
administrative actions, like server maintenance. | administrative actions, like server maintenance. | |||
There is an inherent race condition between an endpoint starting new | There is an inherent race condition between an endpoint starting new | |||
streams and the remote sending a GOAWAY frame. To deal with this | streams and the remote peer sending a GOAWAY frame. To deal with | |||
case, the GOAWAY contains the stream identifier of the last peer- | this case, the GOAWAY contains the stream identifier of the last | |||
initiated stream that was or might be processed on the sending | peer-initiated stream that was or might be processed on the sending | |||
endpoint in this connection. For instance, if the server sends a | endpoint in this connection. For instance, if the server sends a | |||
GOAWAY frame, the identified stream is the highest-numbered stream | GOAWAY frame, the identified stream is the highest-numbered stream | |||
initiated by the client. | initiated by the client. | |||
Once sent, the sender will ignore frames sent on streams initiated by | Once the GOAWAY is sent, the sender will ignore frames sent on | |||
the receiver if the stream has an identifier higher than the included | streams initiated by the receiver if the stream has an identifier | |||
last stream identifier. Receivers of a GOAWAY frame MUST NOT open | higher than the included last stream identifier. Receivers of a | |||
additional streams on the connection, although a new connection can | GOAWAY frame MUST NOT open additional streams on the connection, | |||
be established for new streams. | although a new connection can be established for new streams. | |||
If the receiver of the GOAWAY has sent data on streams with a higher | If the receiver of the GOAWAY has sent data on streams with a higher | |||
stream identifier than what is indicated in the GOAWAY frame, those | stream identifier than what is indicated in the GOAWAY frame, those | |||
streams are not or will not be processed. The receiver of the GOAWAY | streams are not or will not be processed. The receiver of the GOAWAY | |||
frame can treat the streams as though they had never been created at | frame can treat the streams as though they had never been created at | |||
all, thereby allowing those streams to be retried later on a new | all, thereby allowing those streams to be retried later on a new | |||
connection. | connection. | |||
Endpoints SHOULD always send a GOAWAY frame before closing a | Endpoints SHOULD always send a GOAWAY frame before closing a | |||
connection so that the remote peer can know whether a stream has been | connection so that the remote peer can know whether a stream has been | |||
skipping to change at page 43, line 30 ¶ | skipping to change at line 1974 ¶ | |||
An endpoint might choose to close a connection without sending a | An endpoint might choose to close a connection without sending a | |||
GOAWAY for misbehaving peers. | GOAWAY for misbehaving peers. | |||
A GOAWAY frame might not immediately precede closing of the | A GOAWAY frame might not immediately precede closing of the | |||
connection; a receiver of a GOAWAY that has no more use for the | connection; a receiver of a GOAWAY that has no more use for the | |||
connection SHOULD still send a GOAWAY frame before terminating the | connection SHOULD still send a GOAWAY frame before terminating the | |||
connection. | connection. | |||
GOAWAY Frame { | GOAWAY Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x7, | Type (8) = 0x07, | |||
Unused Flags (8), | Unused Flags (8), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31) = 0, | Stream Identifier (31) = 0, | |||
Reserved (1), | Reserved (1), | |||
Last-Stream-ID (31), | Last-Stream-ID (31), | |||
Error Code (32), | Error Code (32), | |||
Additional Debug Data (..), | Additional Debug Data (..), | |||
skipping to change at page 44, line 7 ¶ | skipping to change at line 1996 ¶ | |||
Figure 10: GOAWAY Frame Format | Figure 10: GOAWAY Frame Format | |||
The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | |||
fields are described in Section 4. | fields are described in Section 4. | |||
The GOAWAY frame does not define any flags. | The GOAWAY frame does not define any flags. | |||
The GOAWAY frame applies to the connection, not a specific stream. | The GOAWAY frame applies to the connection, not a specific stream. | |||
An endpoint MUST treat a GOAWAY frame with a stream identifier other | An endpoint MUST treat a GOAWAY frame with a stream identifier other | |||
than 0x0 as a connection error (Section 5.4.1) of type | than 0x00 as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. | PROTOCOL_ERROR. | |||
The last stream identifier in the GOAWAY frame contains the highest- | The last stream identifier in the GOAWAY frame contains the highest- | |||
numbered stream identifier for which the sender of the GOAWAY frame | numbered stream identifier for which the sender of the GOAWAY frame | |||
might have taken some action on or might yet take action on. All | might have taken some action on or might yet take action on. All | |||
streams up to and including the identified stream might have been | streams up to and including the identified stream might have been | |||
processed in some way. The last stream identifier can be set to 0 if | processed in some way. The last stream identifier can be set to 0 if | |||
no streams were processed. | no streams were processed. | |||
| Note: In this context, "processed" means that some data from | | Note: In this context, "processed" means that some data from | |||
skipping to change at page 44, line 31 ¶ | skipping to change at line 2020 ¶ | |||
If a connection terminates without a GOAWAY frame, the last stream | If a connection terminates without a GOAWAY frame, the last stream | |||
identifier is effectively the highest possible stream identifier. | identifier is effectively the highest possible stream identifier. | |||
On streams with lower- or equal-numbered identifiers that were not | On streams with lower- or equal-numbered identifiers that were not | |||
closed completely prior to the connection being closed, reattempting | closed completely prior to the connection being closed, reattempting | |||
requests, transactions, or any protocol activity is not possible, | requests, transactions, or any protocol activity is not possible, | |||
except for idempotent actions like HTTP GET, PUT, or DELETE. Any | except for idempotent actions like HTTP GET, PUT, or DELETE. Any | |||
protocol activity that uses higher-numbered streams can be safely | protocol activity that uses higher-numbered streams can be safely | |||
retried using a new connection. | retried using a new connection. | |||
Activity on streams numbered lower or equal to the last stream | Activity on streams numbered lower than or equal to the last stream | |||
identifier might still complete successfully. The sender of a GOAWAY | identifier might still complete successfully. The sender of a GOAWAY | |||
frame might gracefully shut down a connection by sending a GOAWAY | frame might gracefully shut down a connection by sending a GOAWAY | |||
frame, maintaining the connection in an "open" state until all in- | frame, maintaining the connection in an "open" state until all in- | |||
progress streams complete. | progress streams complete. | |||
An endpoint MAY send multiple GOAWAY frames if circumstances change. | An endpoint MAY send multiple GOAWAY frames if circumstances change. | |||
For instance, an endpoint that sends GOAWAY with NO_ERROR during | For instance, an endpoint that sends GOAWAY with NO_ERROR during | |||
graceful shutdown could subsequently encounter a condition that | graceful shutdown could subsequently encounter a condition that | |||
requires immediate termination of the connection. The last stream | requires immediate termination of the connection. The last stream | |||
identifier from the last GOAWAY frame received indicates which | identifier from the last GOAWAY frame received indicates which | |||
skipping to change at page 45, line 14 ¶ | skipping to change at line 2052 ¶ | |||
requests is prohibited. After allowing time for any in-flight stream | requests is prohibited. After allowing time for any in-flight stream | |||
creation (at least one round-trip time), the server MAY send another | creation (at least one round-trip time), the server MAY send another | |||
GOAWAY frame with an updated last stream identifier. This ensures | GOAWAY frame with an updated last stream identifier. This ensures | |||
that a connection can be cleanly shut down without losing requests. | that a connection can be cleanly shut down without losing requests. | |||
After sending a GOAWAY frame, the sender can discard frames for | After sending a GOAWAY frame, the sender can discard frames for | |||
streams initiated by the receiver with identifiers higher than the | streams initiated by the receiver with identifiers higher than the | |||
identified last stream. However, any frames that alter connection | identified last stream. However, any frames that alter connection | |||
state cannot be completely ignored. For instance, HEADERS, | state cannot be completely ignored. For instance, HEADERS, | |||
PUSH_PROMISE, and CONTINUATION frames MUST be minimally processed to | PUSH_PROMISE, and CONTINUATION frames MUST be minimally processed to | |||
ensure the state maintained for field section compression is | ensure that the state maintained for field section compression is | |||
consistent (see Section 4.3); similarly, DATA frames MUST be counted | consistent (see Section 4.3); similarly, DATA frames MUST be counted | |||
toward the connection flow-control window. Failure to process these | toward the connection flow-control window. Failure to process these | |||
frames can cause flow control or field section compression state to | frames can cause flow control or field section compression state to | |||
become unsynchronized. | become unsynchronized. | |||
The GOAWAY frame also contains a 32-bit error code (Section 7) that | The GOAWAY frame also contains a 32-bit error code (Section 7) that | |||
contains the reason for closing the connection. | contains the reason for closing the connection. | |||
Endpoints MAY append opaque data to the frame payload of any GOAWAY | Endpoints MAY append opaque data to the frame payload of any GOAWAY | |||
frame. Additional debug data is intended for diagnostic purposes | frame. Additional debug data is intended for diagnostic purposes | |||
only and carries no semantic value. Debug information could contain | only and carries no semantic value. Debug information could contain | |||
security- or privacy-sensitive data. Logged or otherwise | security- or privacy-sensitive data. Logged or otherwise | |||
persistently stored debug data MUST have adequate safeguards to | persistently stored debug data MUST have adequate safeguards to | |||
prevent unauthorized access. | prevent unauthorized access. | |||
6.9. WINDOW_UPDATE | 6.9. WINDOW_UPDATE | |||
The WINDOW_UPDATE frame (type=0x8) is used to implement flow control; | The WINDOW_UPDATE frame (type=0x08) is used to implement flow | |||
see Section 5.2 for an overview. | control; see Section 5.2 for an overview. | |||
Flow control operates at two levels: on each individual stream and on | Flow control operates at two levels: on each individual stream and on | |||
the entire connection. | the entire connection. | |||
Both types of flow control are hop by hop, that is, only between the | Both types of flow control are hop by hop, that is, only between the | |||
two endpoints. Intermediaries do not forward WINDOW_UPDATE frames | two endpoints. Intermediaries do not forward WINDOW_UPDATE frames | |||
between dependent connections. However, throttling of data transfer | between dependent connections. However, throttling of data transfer | |||
by any receiver can indirectly cause the propagation of flow-control | by any receiver can indirectly cause the propagation of flow-control | |||
information toward the original sender. | information toward the original sender. | |||
Flow control only applies to frames that are identified as being | Flow control only applies to frames that are identified as being | |||
subject to flow control. Of the frame types defined in this | subject to flow control. Of the frame types defined in this | |||
document, this includes only DATA frames. Frames that are exempt | document, this includes only DATA frames. Frames that are exempt | |||
from flow control MUST be accepted and processed, unless the receiver | from flow control MUST be accepted and processed, unless the receiver | |||
is unable to assign resources to handling the frame. A receiver MAY | is unable to assign resources to handling the frame. A receiver MAY | |||
respond with a stream error (Section 5.4.2) or connection error | respond with a stream error (Section 5.4.2) or connection error | |||
(Section 5.4.1) of type FLOW_CONTROL_ERROR if it is unable to accept | (Section 5.4.1) of type FLOW_CONTROL_ERROR if it is unable to accept | |||
a frame. | a frame. | |||
WINDOW_UPDATE Frame { | WINDOW_UPDATE Frame { | |||
Length (24) = 0x4, | Length (24) = 0x04, | |||
Type (8) = 0x8, | Type (8) = 0x08, | |||
Unused Flags (8), | Unused Flags (8), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
Reserved (1), | Reserved (1), | |||
Window Size Increment (31), | Window Size Increment (31), | |||
} | } | |||
skipping to change at page 46, line 42 ¶ | skipping to change at line 2128 ¶ | |||
indicates the affected stream; in the latter, the value "0" indicates | indicates the affected stream; in the latter, the value "0" indicates | |||
that the entire connection is the subject of the frame. | that the entire connection is the subject of the frame. | |||
A receiver MUST treat the receipt of a WINDOW_UPDATE frame with a | A receiver MUST treat the receipt of a WINDOW_UPDATE frame with a | |||
flow-control window increment of 0 as a stream error (Section 5.4.2) | flow-control window increment of 0 as a stream error (Section 5.4.2) | |||
of type PROTOCOL_ERROR; errors on the connection flow-control window | of type PROTOCOL_ERROR; errors on the connection flow-control window | |||
MUST be treated as a connection error (Section 5.4.1). | MUST be treated as a connection error (Section 5.4.1). | |||
WINDOW_UPDATE can be sent by a peer that has sent a frame with the | WINDOW_UPDATE can be sent by a peer that has sent a frame with the | |||
END_STREAM flag set. This means that a receiver could receive a | END_STREAM flag set. This means that a receiver could receive a | |||
WINDOW_UPDATE frame on a "half-closed (remote)" or "closed" stream. | WINDOW_UPDATE frame on a stream in a "half-closed (remote)" or | |||
A receiver MUST NOT treat this as an error (see Section 5.1). | "closed" state. A receiver MUST NOT treat this as an error (see | |||
Section 5.1). | ||||
A receiver that receives a flow-controlled frame MUST always account | A receiver that receives a flow-controlled frame MUST always account | |||
for its contribution against the connection flow-control window, | for its contribution against the connection flow-control window, | |||
unless the receiver treats this as a connection error | unless the receiver treats this as a connection error | |||
(Section 5.4.1). This is necessary even if the frame is in error. | (Section 5.4.1). This is necessary even if the frame is in error. | |||
The sender counts the frame toward the flow-control window, but if | The sender counts the frame toward the flow-control window, but if | |||
the receiver does not, the flow-control window at the sender and | the receiver does not, the flow-control window at the sender and | |||
receiver can become different. | receiver can become different. | |||
A WINDOW_UPDATE frame with a length other than 4 octets MUST be | A WINDOW_UPDATE frame with a length other than 4 octets MUST be | |||
skipping to change at page 49, line 24 ¶ | skipping to change at line 2251 ¶ | |||
window size, a receiver MAY continue to process streams that exceed | window size, a receiver MAY continue to process streams that exceed | |||
flow-control limits. Allowing streams to continue does not allow the | flow-control limits. Allowing streams to continue does not allow the | |||
receiver to immediately reduce the space it reserves for flow-control | receiver to immediately reduce the space it reserves for flow-control | |||
windows. Progress on these streams can also stall, since | windows. Progress on these streams can also stall, since | |||
WINDOW_UPDATE frames are needed to allow the sender to resume | WINDOW_UPDATE frames are needed to allow the sender to resume | |||
sending. The receiver MAY instead send a RST_STREAM with an error | sending. The receiver MAY instead send a RST_STREAM with an error | |||
code of FLOW_CONTROL_ERROR for the affected streams. | code of FLOW_CONTROL_ERROR for the affected streams. | |||
6.10. CONTINUATION | 6.10. CONTINUATION | |||
The CONTINUATION frame (type=0x9) is used to continue a sequence of | The CONTINUATION frame (type=0x09) is used to continue a sequence of | |||
field block fragments (Section 4.3). Any number of CONTINUATION | field block fragments (Section 4.3). Any number of CONTINUATION | |||
frames can be sent, as long as the preceding frame is on the same | frames can be sent, as long as the preceding frame is on the same | |||
stream and is a HEADERS, PUSH_PROMISE, or CONTINUATION frame without | stream and is a HEADERS, PUSH_PROMISE, or CONTINUATION frame without | |||
the END_HEADERS flag set. | the END_HEADERS flag set. | |||
CONTINUATION Frame { | CONTINUATION Frame { | |||
Length (24), | Length (24), | |||
Type (8) = 0x9, | Type (8) = 0x09, | |||
Unused Flags (5), | Unused Flags (5), | |||
END_HEADERS Flag (1), | END_HEADERS Flag (1), | |||
Unused Flags (2), | Unused Flags (2), | |||
Reserved (1), | Reserved (1), | |||
Stream Identifier (31), | Stream Identifier (31), | |||
Field Block Fragment (..), | Field Block Fragment (..), | |||
} | } | |||
Figure 12: CONTINUATION Frame Format | Figure 12: CONTINUATION Frame Format | |||
The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | The Length, Type, Unused Flag(s), Reserved, and Stream Identifier | |||
fields are described in Section 4. The CONTINUATION frame payload | fields are described in Section 4. The CONTINUATION frame payload | |||
contains a field block fragment (Section 4.3). | contains a field block fragment (Section 4.3). | |||
The CONTINUATION frame defines the following flag: | The CONTINUATION frame defines the following flag: | |||
END_HEADERS (0x4): When set, the END_HEADERS flag indicates that | END_HEADERS (0x04): When set, the END_HEADERS flag indicates that | |||
this frame ends a field block (Section 4.3). | this frame ends a field block (Section 4.3). | |||
If the END_HEADERS flag is not set, this frame MUST be followed by | If the END_HEADERS flag is not set, this frame MUST be followed by | |||
another CONTINUATION frame. A receiver MUST treat the receipt of | another CONTINUATION frame. A receiver MUST treat the receipt of | |||
any other type of frame or a frame on a different stream as a | any other type of frame or a frame on a different stream as a | |||
connection error (Section 5.4.1) of type PROTOCOL_ERROR. | connection error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
The CONTINUATION frame changes the connection state as defined in | The CONTINUATION frame changes the connection state as defined in | |||
Section 4.3. | Section 4.3. | |||
CONTINUATION frames MUST be associated with a stream. If a | CONTINUATION frames MUST be associated with a stream. If a | |||
CONTINUATION frame is received whose stream identifier field is 0x0, | CONTINUATION frame is received with a Stream Identifier field of | |||
the recipient MUST respond with a connection error (Section 5.4.1) of | 0x00, the recipient MUST respond with a connection error | |||
type PROTOCOL_ERROR. | (Section 5.4.1) of type PROTOCOL_ERROR. | |||
A CONTINUATION frame MUST be preceded by a HEADERS, PUSH_PROMISE or | A CONTINUATION frame MUST be preceded by a HEADERS, PUSH_PROMISE or | |||
CONTINUATION frame without the END_HEADERS flag set. A recipient | CONTINUATION frame without the END_HEADERS flag set. A recipient | |||
that observes violation of this rule MUST respond with a connection | that observes violation of this rule MUST respond with a connection | |||
error (Section 5.4.1) of type PROTOCOL_ERROR. | error (Section 5.4.1) of type PROTOCOL_ERROR. | |||
7. Error Codes | 7. Error Codes | |||
Error codes are 32-bit fields that are used in RST_STREAM and GOAWAY | Error codes are 32-bit fields that are used in RST_STREAM and GOAWAY | |||
frames to convey the reasons for the stream or connection error. | frames to convey the reasons for the stream or connection error. | |||
Error codes share a common code space. Some error codes apply only | Error codes share a common code space. Some error codes apply only | |||
to either streams or the entire connection and have no defined | to either streams or the entire connection and have no defined | |||
semantics in the other context. | semantics in the other context. | |||
The following error codes are defined: | The following error codes are defined: | |||
NO_ERROR (0x0): The associated condition is not a result of an | NO_ERROR (0x00): The associated condition is not a result of an | |||
error. For example, a GOAWAY might include this code to indicate | error. For example, a GOAWAY might include this code to indicate | |||
graceful shutdown of a connection. | graceful shutdown of a connection. | |||
PROTOCOL_ERROR (0x1): The endpoint detected an unspecific protocol | PROTOCOL_ERROR (0x01): The endpoint detected an unspecific protocol | |||
error. This error is for use when a more specific error code is | error. This error is for use when a more specific error code is | |||
not available. | not available. | |||
INTERNAL_ERROR (0x2): The endpoint encountered an unexpected | INTERNAL_ERROR (0x02): The endpoint encountered an unexpected | |||
internal error. | internal error. | |||
FLOW_CONTROL_ERROR (0x3): The endpoint detected that its peer | FLOW_CONTROL_ERROR (0x03): The endpoint detected that its peer | |||
violated the flow-control protocol. | violated the flow-control protocol. | |||
SETTINGS_TIMEOUT (0x4): The endpoint sent a SETTINGS frame but did | SETTINGS_TIMEOUT (0x04): The endpoint sent a SETTINGS frame but did | |||
not receive a response in a timely manner. See Section 6.5.3 | not receive a response in a timely manner. See Section 6.5.3 | |||
("Settings Synchronization"). | ("Settings Synchronization"). | |||
STREAM_CLOSED (0x5): The endpoint received a frame after a stream | STREAM_CLOSED (0x05): The endpoint received a frame after a stream | |||
was half-closed. | was half-closed. | |||
FRAME_SIZE_ERROR (0x6): The endpoint received a frame with an | FRAME_SIZE_ERROR (0x06): The endpoint received a frame with an | |||
invalid size. | invalid size. | |||
REFUSED_STREAM (0x7): The endpoint refused the stream prior to | REFUSED_STREAM (0x07): The endpoint refused the stream prior to | |||
performing any application processing (see Section 8.7 for | performing any application processing (see Section 8.7 for | |||
details). | details). | |||
CANCEL (0x8): Used by the endpoint to indicate that the stream is no | CANCEL (0x08): The endpoint uses this error code to indicate that | |||
longer needed. | the stream is no longer needed. | |||
COMPRESSION_ERROR (0x9): The endpoint is unable to maintain the | COMPRESSION_ERROR (0x09): The endpoint is unable to maintain the | |||
field section compression context for the connection. | field section compression context for the connection. | |||
CONNECT_ERROR (0xa): The connection established in response to a | CONNECT_ERROR (0x0a): The connection established in response to a | |||
CONNECT request (Section 8.5) was reset or abnormally closed. | CONNECT request (Section 8.5) was reset or abnormally closed. | |||
ENHANCE_YOUR_CALM (0xb): The endpoint detected that its peer is | ENHANCE_YOUR_CALM (0x0b): The endpoint detected that its peer is | |||
exhibiting a behavior that might be generating excessive load. | exhibiting a behavior that might be generating excessive load. | |||
INADEQUATE_SECURITY (0xc): The underlying transport has properties | INADEQUATE_SECURITY (0x0c): The underlying transport has properties | |||
that do not meet minimum security requirements (see Section 9.2). | that do not meet minimum security requirements (see Section 9.2). | |||
HTTP_1_1_REQUIRED (0xd): The endpoint requires that HTTP/1.1 be used | HTTP_1_1_REQUIRED (0x0d): The endpoint requires that HTTP/1.1 be | |||
instead of HTTP/2. | used instead of HTTP/2. | |||
Unknown or unsupported error codes MUST NOT trigger any special | Unknown or unsupported error codes MUST NOT trigger any special | |||
behavior. These MAY be treated by an implementation as being | behavior. These MAY be treated by an implementation as being | |||
equivalent to INTERNAL_ERROR. | equivalent to INTERNAL_ERROR. | |||
8. Expressing HTTP Semantics in HTTP/2 | 8. Expressing HTTP Semantics in HTTP/2 | |||
HTTP/2 is an instantiation of the HTTP message abstraction (Section 6 | HTTP/2 is an instantiation of the HTTP message abstraction (Section 6 | |||
of [HTTP]). | of [HTTP]). | |||
skipping to change at page 52, line 29 ¶ | skipping to change at line 2401 ¶ | |||
The last frame in the sequence bears an END_STREAM flag, noting that | The last frame in the sequence bears an END_STREAM flag, noting that | |||
a HEADERS frame with the END_STREAM flag set can be followed by | a HEADERS frame with the END_STREAM flag set can be followed by | |||
CONTINUATION frames that carry any remaining fragments of the field | CONTINUATION frames that carry any remaining fragments of the field | |||
block. | block. | |||
Other frames (from any stream) MUST NOT occur between the HEADERS | Other frames (from any stream) MUST NOT occur between the HEADERS | |||
frame and any CONTINUATION frames that might follow. | frame and any CONTINUATION frames that might follow. | |||
HTTP/2 uses DATA frames to carry message content. The chunked | HTTP/2 uses DATA frames to carry message content. The chunked | |||
transfer encoding defined in Section 7.1 of [HTTP11] cannot be used | transfer encoding defined in Section 7.1 of [HTTP/1.1] cannot be used | |||
in HTTP/2; see Section 8.2.2. | in HTTP/2; see Section 8.2.2. | |||
Trailer fields are carried in a field block that also terminates the | Trailer fields are carried in a field block that also terminates the | |||
stream. That is, trailer fields comprise a sequence starting with a | stream. That is, trailer fields comprise a sequence starting with a | |||
HEADERS frame, followed by zero or more CONTINUATION frames, where | HEADERS frame, followed by zero or more CONTINUATION frames, where | |||
the HEADERS frame bears an END_STREAM flag. Trailers MUST NOT | the HEADERS frame bears an END_STREAM flag. Trailers MUST NOT | |||
include pseudo-header fields (Section 8.3). An endpoint that | include pseudo-header fields (Section 8.3). An endpoint that | |||
receives pseudo-header fields in trailers MUST treat the request or | receives pseudo-header fields in trailers MUST treat the request or | |||
response as malformed (Section 8.1.1). | response as malformed (Section 8.1.1). | |||
skipping to change at page 54, line 32 ¶ | skipping to change at line 2494 ¶ | |||
[COMPRESSION]. | [COMPRESSION]. | |||
Field names MUST be converted to lowercase when constructing an | Field names MUST be converted to lowercase when constructing an | |||
HTTP/2 message. | HTTP/2 message. | |||
8.2.1. Field Validity | 8.2.1. Field Validity | |||
The definitions of field names and values in HTTP prohibit some | The definitions of field names and values in HTTP prohibit some | |||
characters that HPACK might be able to convey. HTTP/2 | characters that HPACK might be able to convey. HTTP/2 | |||
implementations SHOULD validate field names and values according to | implementations SHOULD validate field names and values according to | |||
their definitions in Sections 5.1 and 5.5 of [HTTP] respectively and | their definitions in Sections 5.1 and 5.5 of [HTTP], respectively, | |||
treat messages that contain prohibited characters as malformed | and treat messages that contain prohibited characters as malformed | |||
(Section 8.1.1). | (Section 8.1.1). | |||
Failure to validate fields can be exploited for request smuggling | Failure to validate fields can be exploited for request smuggling | |||
attacks. In particular, unvalidated fields might enable attacks when | attacks. In particular, unvalidated fields might enable attacks when | |||
messages are forwarded using HTTP 1.1 [HTTP11], where characters such | messages are forwarded using HTTP/1.1 [HTTP/1.1], where characters | |||
as CR, LF, and COLON are used as delimiters. Implementations MUST | such as carriage return (CR), line feed (LF), and COLON are used as | |||
perform the following minimal validation of field names and values: | delimiters. Implementations MUST perform the following minimal | |||
validation of field names and values: | ||||
* A field name MUST NOT contain characters in the ranges 0x00-0x20, | * A field name MUST NOT contain characters in the ranges 0x00-0x20, | |||
0x41-0x5a, or 0x7f-0xff (all ranges inclusive). This specifically | 0x41-0x5a, or 0x7f-0xff (all ranges inclusive). This specifically | |||
excludes all non-visible ASCII characters, ASCII SP (0x20), and | excludes all non-visible ASCII characters, ASCII SP (0x20), and | |||
uppercase characters ('A' to 'Z', ASCII 0x41 to 0x5a). | uppercase characters ('A' to 'Z', ASCII 0x41 to 0x5a). | |||
* With the exception of pseudo-header fields (Section 8.3), which | * With the exception of pseudo-header fields (Section 8.3), which | |||
have a name that starts with a single colon, field names MUST NOT | have a name that starts with a single colon, field names MUST NOT | |||
include a colon (ASCII COLON, 0x3a). | include a colon (ASCII COLON, 0x3a). | |||
* A field value MUST NOT contain the zero value (ASCII NUL, 0x0), | * A field value MUST NOT contain the zero value (ASCII NUL, 0x00), | |||
line feed (ASCII LF, 0xa), or carriage return (ASCII CR, 0xd) at | line feed (ASCII LF, 0x0a), or carriage return (ASCII CR, 0x0d) at | |||
any position. | any position. | |||
* A field value MUST NOT start or end with an ASCII whitespace | * A field value MUST NOT start or end with an ASCII whitespace | |||
character (ASCII SP or HTAB, 0x20 or 0x9). | character (ASCII SP or HTAB, 0x20 or 0x09). | |||
| Note: An implementation that validates fields according the | | Note: An implementation that validates fields according to the | |||
| definitions in Sections 5.1 and 5.5 of [HTTP] only needs an | | definitions in Sections 5.1 and 5.5 of [HTTP] only needs an | |||
| additional check that field names do not include uppercase | | additional check that field names do not include uppercase | |||
| characters. | | characters. | |||
A request or response that contains a field that violates any of | A request or response that contains a field that violates any of | |||
these conditions MUST be treated as malformed (Section 8.1.1). In | these conditions MUST be treated as malformed (Section 8.1.1). In | |||
particular, an intermediary that does not process fields when | particular, an intermediary that does not process fields when | |||
forwarding messages MUST NOT forward fields that contain any of the | forwarding messages MUST NOT forward fields that contain any of the | |||
values that are listed as prohibited above. | values that are listed as prohibited above. | |||
skipping to change at page 56, line 19 ¶ | skipping to change at line 2573 ¶ | |||
| Note: HTTP/2 purposefully does not support upgrade to another | | Note: HTTP/2 purposefully does not support upgrade to another | |||
| protocol. The handshake methods described in Section 3 are | | protocol. The handshake methods described in Section 3 are | |||
| believed sufficient to negotiate the use of alternative | | believed sufficient to negotiate the use of alternative | |||
| protocols. | | protocols. | |||
8.2.3. Compressing the Cookie Header Field | 8.2.3. Compressing the Cookie Header Field | |||
The Cookie header field [COOKIE] uses a semicolon (";") to delimit | The Cookie header field [COOKIE] uses a semicolon (";") to delimit | |||
cookie-pairs (or "crumbs"). This header field contains multiple | cookie-pairs (or "crumbs"). This header field contains multiple | |||
values, but does not use a COMMA (",") as a separator, which prevents | values, but does not use a COMMA (",") as a separator, thereby | |||
cookie-pairs from being sent on multiple field lines (see Section 5.2 | preventing cookie-pairs from being sent on multiple field lines (see | |||
of [HTTP]). This can significantly reduce compression efficiency as | Section 5.2 of [HTTP]). This can significantly reduce compression | |||
updates to individual cookie-pairs would invalidate any field lines | efficiency, as updates to individual cookie-pairs would invalidate | |||
that are stored in the HPACK table. | any field lines that are stored in the HPACK table. | |||
To allow for better compression efficiency, the Cookie header field | To allow for better compression efficiency, the Cookie header field | |||
MAY be split into separate header fields, each with one or more | MAY be split into separate header fields, each with one or more | |||
cookie-pairs. If there are multiple Cookie header fields after | cookie-pairs. If there are multiple Cookie header fields after | |||
decompression, these MUST be concatenated into a single octet string | decompression, these MUST be concatenated into a single octet string | |||
using the two-octet delimiter of 0x3b, 0x20 (the ASCII string "; ") | using the two-octet delimiter of 0x3b, 0x20 (the ASCII string "; ") | |||
before being passed into a non-HTTP/2 context, such as an HTTP/1.1 | before being passed into a non-HTTP/2 context, such as an HTTP/1.1 | |||
connection, or a generic HTTP server application. | connection, or a generic HTTP server application. | |||
Therefore, the following two lists of Cookie header fields are | Therefore, the following two lists of Cookie header fields are | |||
semantically equivalent. | semantically equivalent. | |||
cookie: a=b; c=d; e=f | cookie: a=b; c=d; e=f | |||
cookie: a=b | cookie: a=b | |||
cookie: c=d | cookie: c=d | |||
cookie: e=f | cookie: e=f | |||
8.3. HTTP Control Data | 8.3. HTTP Control Data | |||
HTTP/2 uses special pseudo-header fields beginning with ':' character | HTTP/2 uses special pseudo-header fields beginning with a ':' | |||
(ASCII 0x3a) to convey message control data (see Section 6.2 of | character (ASCII 0x3a) to convey message control data (see | |||
[HTTP]). | Section 6.2 of [HTTP]). | |||
Pseudo-header fields are not HTTP header fields. Endpoints MUST NOT | Pseudo-header fields are not HTTP header fields. Endpoints MUST NOT | |||
generate pseudo-header fields other than those defined in this | generate pseudo-header fields other than those defined in this | |||
document. Note that an extension could negotiate the use of | document. Note that an extension could negotiate the use of | |||
additional pseudo-header fields; see Section 5.5. | additional pseudo-header fields; see Section 5.5. | |||
Pseudo-header fields are only valid in the context in which they are | Pseudo-header fields are only valid in the context in which they are | |||
defined. Pseudo-header fields defined for requests MUST NOT appear | defined. Pseudo-header fields defined for requests MUST NOT appear | |||
in responses; pseudo-header fields defined for responses MUST NOT | in responses; pseudo-header fields defined for responses MUST NOT | |||
appear in requests. Pseudo-header fields MUST NOT appear in a | appear in requests. Pseudo-header fields MUST NOT appear in a | |||
skipping to change at page 57, line 27 ¶ | skipping to change at line 2629 ¶ | |||
The same pseudo-header field name MUST NOT appear more than once in a | The same pseudo-header field name MUST NOT appear more than once in a | |||
field block. A field block for an HTTP request or response that | field block. A field block for an HTTP request or response that | |||
contains a repeated pseudo-header field name MUST be treated as | contains a repeated pseudo-header field name MUST be treated as | |||
malformed (Section 8.1.1). | malformed (Section 8.1.1). | |||
8.3.1. Request Pseudo-Header Fields | 8.3.1. Request Pseudo-Header Fields | |||
The following pseudo-header fields are defined for HTTP/2 requests: | The following pseudo-header fields are defined for HTTP/2 requests: | |||
* The :method pseudo-header field includes the HTTP method | * The ":method" pseudo-header field includes the HTTP method | |||
(Section 9 of [HTTP]). | (Section 9 of [HTTP]). | |||
* The :scheme pseudo-header field includes the scheme portion of the | * The ":scheme" pseudo-header field includes the scheme portion of | |||
request target. The scheme is taken from the target URI | the request target. The scheme is taken from the target URI | |||
(Section 3.1 of [RFC3986]) when generating a request directly, or | (Section 3.1 of [RFC3986]) when generating a request directly, or | |||
from the scheme of a translated request (for example, see | from the scheme of a translated request (for example, see | |||
Section 3.3 of [HTTP11]). Scheme is omitted for CONNECT requests | Section 3.3 of [HTTP/1.1]). Scheme is omitted for CONNECT | |||
(Section 8.5). | requests (Section 8.5). | |||
:scheme is not restricted to http and https schemed URIs. A proxy | ":scheme" is not restricted to "http" and "https" schemed URIs. A | |||
or gateway can translate requests for non-HTTP schemes, enabling | proxy or gateway can translate requests for non-HTTP schemes, | |||
the use of HTTP to interact with non-HTTP services. | enabling the use of HTTP to interact with non-HTTP services. | |||
* The :authority pseudo-header field conveys the authority portion | * The ":authority" pseudo-header field conveys the authority portion | |||
(Section 3.2 of [RFC3986]) of the target URI (Section 7.1 of | (Section 3.2 of [RFC3986]) of the target URI (Section 7.1 of | |||
[HTTP]). The recipient of a HTTP/2 request MUST NOT use the Host | [HTTP]). The recipient of an HTTP/2 request MUST NOT use the Host | |||
header field to determine the target URI if :authority is present. | header field to determine the target URI if ":authority" is | |||
present. | ||||
Clients that generate HTTP/2 requests directly MUST use the | Clients that generate HTTP/2 requests directly MUST use the | |||
:authority pseudo-header field to convey authority information, | ":authority" pseudo-header field to convey authority information, | |||
unless there is no authority information to convey (in which case | unless there is no authority information to convey (in which case | |||
it MUST NOT generate :authority). | it MUST NOT generate ":authority"). | |||
Clients MUST NOT generate a request with a Host header field that | Clients MUST NOT generate a request with a Host header field that | |||
differs from the :authority pseudo-header field. A server SHOULD | differs from the ":authority" pseudo-header field. A server | |||
treat a request as malformed if it contains a Host header field | SHOULD treat a request as malformed if it contains a Host header | |||
that identifies a different entity to the :authority pseudo-header | field that identifies an entity that differs from the entity in | |||
field. The values of fields need to be normalized to compare them | the ":authority" pseudo-header field. The values of fields need | |||
(see Section 6.2 of [RFC3986]). An origin server can apply any | to be normalized to compare them (see Section 6.2 of [RFC3986]). | |||
normalization method, whereas other servers MUST perform scheme- | An origin server can apply any normalization method, whereas other | |||
based normalization (see Section 6.2.3 of [RFC3986]) of the two | servers MUST perform scheme-based normalization (see Section 6.2.3 | |||
fields. | of [RFC3986]) of the two fields. | |||
An intermediary that forwards a request over HTTP/2 MUST construct | An intermediary that forwards a request over HTTP/2 MUST construct | |||
an :authority pseudo-header field using the authority information | an ":authority" pseudo-header field using the authority | |||
from the control data of the original request, unless the original | information from the control data of the original request, unless | |||
request's target URI does not contain authority information (in | the original request's target URI does not contain authority | |||
which case it MUST NOT generate :authority). Note that the Host | information (in which case it MUST NOT generate ":authority"). | |||
header field is not the sole source of this information; see | Note that the Host header field is not the sole source of this | |||
Section 7.2 of [HTTP]. | information; see Section 7.2 of [HTTP]. | |||
An intermediary that needs to generate a Host header field (which | An intermediary that needs to generate a Host header field (which | |||
might be necessary to construct an HTTP/1.1 request) MUST use the | might be necessary to construct an HTTP/1.1 request) MUST use the | |||
value from the :authority pseudo-header field as the value of the | value from the ":authority" pseudo-header field as the value of | |||
Host field, unless the intermediary also changes the request | the Host field, unless the intermediary also changes the request | |||
target. This replaces any existing Host field to avoid potential | target. This replaces any existing Host field to avoid potential | |||
vulnerabilities in HTTP routing. | vulnerabilities in HTTP routing. | |||
An intermediary that forwards a request over HTTP/2 MAY retain any | An intermediary that forwards a request over HTTP/2 MAY retain any | |||
Host header field. | Host header field. | |||
Note that request targets for CONNECT or asterisk-form OPTIONS | Note that request targets for CONNECT or asterisk-form OPTIONS | |||
requests never include authority information; see Section 7.1 of | requests never include authority information; see Sections 7.1 and | |||
[HTTP]. | 7.2 of [HTTP]. | |||
:authority MUST NOT include the deprecated userinfo subcomponent | ":authority" MUST NOT include the deprecated userinfo subcomponent | |||
for http or https schemed URIs. | for "http" or "https" schemed URIs. | |||
* The :path pseudo-header field includes the path and query parts of | * The ":path" pseudo-header field includes the path and query parts | |||
the target URI (the absolute-path production and optionally a '?' | of the target URI (the absolute-path production and, optionally, a | |||
character followed by the query production; see Section 4.1 of | '?' character followed by the query production; see Section 4.1 of | |||
[HTTP]). A request in asterisk form (for OPTIONS) includes the | [HTTP]). A request in asterisk form (for OPTIONS) includes the | |||
value '*' for the :path pseudo-header field. | value '*' for the ":path" pseudo-header field. | |||
This pseudo-header field MUST NOT be empty for http or https URIs; | This pseudo-header field MUST NOT be empty for "http" or "https" | |||
http or https URIs that do not contain a path component MUST | URIs; "http" or "https" URIs that do not contain a path component | |||
include a value of '/'. The exceptions to this rule are: | MUST include a value of '/'. The exceptions to this rule are: | |||
- an OPTIONS request for an http or https URI that does not | - an OPTIONS request for an "http" or "https" URI that does not | |||
include a path component; these MUST include a :path pseudo- | include a path component; these MUST include a ":path" pseudo- | |||
header field with a value of '*' (see Section 7.1 of [HTTP]) | header field with a value of '*' (see Section 7.1 of [HTTP]). | |||
- CONNECT requests (Section 8.5), where the :path pseudo-header | - CONNECT requests (Section 8.5), where the ":path" pseudo-header | |||
field is omitted. | field is omitted. | |||
All HTTP/2 requests MUST include exactly one valid value for the | All HTTP/2 requests MUST include exactly one valid value for the | |||
:method, :scheme, and :path pseudo-header fields, unless it is a | ":method", ":scheme", and ":path" pseudo-header fields, unless they | |||
CONNECT request (Section 8.5). An HTTP request that omits mandatory | are CONNECT requests (Section 8.5). An HTTP request that omits | |||
pseudo-header fields is malformed (Section 8.1.1). | mandatory pseudo-header fields is malformed (Section 8.1.1). | |||
Individual HTTP/2 requests do not carry an explicit indicator of | Individual HTTP/2 requests do not carry an explicit indicator of | |||
protocol version. All HTTP/2 requests implicitly have a protocol | protocol version. All HTTP/2 requests implicitly have a protocol | |||
version of "2.0" (see Section 6.2 of [HTTP]). | version of "2.0" (see Section 6.2 of [HTTP]). | |||
8.3.2. Response Pseudo-Header Fields | 8.3.2. Response Pseudo-Header Fields | |||
For HTTP/2 responses, a single :status pseudo-header field is defined | For HTTP/2 responses, a single ":status" pseudo-header field is | |||
that carries the HTTP status code field (see Section 15 of [HTTP]). | defined that carries the HTTP status code field (see Section 15 of | |||
This pseudo-header field MUST be included in all responses, including | [HTTP]). This pseudo-header field MUST be included in all responses, | |||
interim responses; otherwise, the response is malformed | including interim responses; otherwise, the response is malformed | |||
(Section 8.1.1). | (Section 8.1.1). | |||
HTTP/2 responses implicitly have a protocol version of "2.0". | HTTP/2 responses implicitly have a protocol version of "2.0". | |||
8.4. Server Push | 8.4. Server Push | |||
HTTP/2 allows a server to preemptively send (or "push") responses | HTTP/2 allows a server to preemptively send (or "push") responses | |||
(along with corresponding "promised" requests) to a client in | (along with corresponding "promised" requests) to a client in | |||
association with a previous client-initiated request. | association with a previous client-initiated request. | |||
skipping to change at page 59, line 47 ¶ | skipping to change at line 2745 ¶ | |||
stylesheets and scripts referenced by that page. When these requests | stylesheets and scripts referenced by that page. When these requests | |||
are pushed, the client does not need to wait to receive the | are pushed, the client does not need to wait to receive the | |||
references to them in the HTML and issue separate requests. | references to them in the HTML and issue separate requests. | |||
In practice, server push is difficult to use effectively, because it | In practice, server push is difficult to use effectively, because it | |||
requires the server to correctly anticipate the additional requests | requires the server to correctly anticipate the additional requests | |||
the client will make, taking into account factors such as caching, | the client will make, taking into account factors such as caching, | |||
content negotiation, and user behavior. Errors in prediction can | content negotiation, and user behavior. Errors in prediction can | |||
lead to performance degradation, due to the opportunity cost that the | lead to performance degradation, due to the opportunity cost that the | |||
additional data on the wire represents. In particular, pushing any | additional data on the wire represents. In particular, pushing any | |||
significant amount of data can cause contention issues with more- | significant amount of data can cause contention issues with responses | |||
important responses. | that are more important. | |||
A client can request that server push be disabled, though this is | A client can request that server push be disabled, though this is | |||
negotiated for each hop independently. The SETTINGS_ENABLE_PUSH | negotiated for each hop independently. The SETTINGS_ENABLE_PUSH | |||
setting can be set to 0 to indicate that server push is disabled. | setting can be set to 0 to indicate that server push is disabled. | |||
Promised requests MUST be safe (see Section 9.2.1 of [HTTP]) and | Promised requests MUST be safe (see Section 9.2.1 of [HTTP]) and | |||
cacheable (see Section 9.2.3 of [HTTP]). Promised requests cannot | cacheable (see Section 9.2.3 of [HTTP]). Promised requests cannot | |||
include any content or a trailer section. Clients that receive a | include any content or a trailer section. Clients that receive a | |||
promised request that is not cacheable, that is not known to be safe, | promised request that is not cacheable, that is not known to be safe, | |||
or that indicates the presence of request content MUST reset the | or that indicates the presence of request content MUST reset the | |||
promised stream with a stream error (Section 5.4.2) of type | promised stream with a stream error (Section 5.4.2) of type | |||
PROTOCOL_ERROR. Note this could result in the promised stream being | PROTOCOL_ERROR. Note that this could result in the promised stream | |||
reset if the client does not recognize a newly defined method as | being reset if the client does not recognize a newly defined method | |||
being safe. | as being safe. | |||
Pushed responses that are cacheable (see Section 3 of [CACHE]) can be | Pushed responses that are cacheable (see Section 3 of [CACHING]) can | |||
stored by the client, if it implements an HTTP cache. Pushed | be stored by the client, if it implements an HTTP cache. Pushed | |||
responses are considered successfully validated on the origin server | responses are considered successfully validated on the origin server | |||
(e.g., if the "no-cache" cache response directive is present; see | (e.g., if the "no-cache" cache response directive is present; see | |||
Section 5.2.2.4 of [CACHE]) while the stream identified by the | Section 5.2.2.4 of [CACHING]) while the stream identified by the | |||
promised stream ID is still open. | promised stream identifier is still open. | |||
Pushed responses that are not cacheable MUST NOT be stored by any | Pushed responses that are not cacheable MUST NOT be stored by any | |||
HTTP cache. They MAY be made available to the application | HTTP cache. They MAY be made available to the application | |||
separately. | separately. | |||
The server MUST include a value in the :authority pseudo-header field | The server MUST include a value in the ":authority" pseudo-header | |||
for which the server is authoritative (see Section 10.1). A client | field for which the server is authoritative (see Section 10.1). A | |||
MUST treat a PUSH_PROMISE for which the server is not authoritative | client MUST treat a PUSH_PROMISE for which the server is not | |||
as a stream error (Section 5.4.2) of type PROTOCOL_ERROR. | authoritative as a stream error (Section 5.4.2) of type | |||
PROTOCOL_ERROR. | ||||
An intermediary can receive pushes from the server and choose not to | An intermediary can receive pushes from the server and choose not to | |||
forward them on to the client. In other words, how to make use of | forward them on to the client. In other words, how to make use of | |||
the pushed information is up to that intermediary. Equally, the | the pushed information is up to that intermediary. Equally, the | |||
intermediary might choose to make additional pushes to the client, | intermediary might choose to make additional pushes to the client, | |||
without any action taken by the server. | without any action taken by the server. | |||
A client cannot push. Thus, servers MUST treat the receipt of a | A client cannot push. Thus, servers MUST treat the receipt of a | |||
PUSH_PROMISE frame as a connection error (Section 5.4.1) of type | PUSH_PROMISE frame as a connection error (Section 5.4.1) of type | |||
PROTOCOL_ERROR. A server cannot set the SETTINGS_ENABLE_PUSH setting | PROTOCOL_ERROR. A server cannot set the SETTINGS_ENABLE_PUSH setting | |||
skipping to change at page 61, line 13 ¶ | skipping to change at line 2809 ¶ | |||
a request that includes message content. | a request that includes message content. | |||
Promised requests are always associated with an explicit request from | Promised requests are always associated with an explicit request from | |||
the client. The PUSH_PROMISE frames sent by the server are sent on | the client. The PUSH_PROMISE frames sent by the server are sent on | |||
that explicit request's stream. The PUSH_PROMISE frame also includes | that explicit request's stream. The PUSH_PROMISE frame also includes | |||
a promised stream identifier, chosen from the stream identifiers | a promised stream identifier, chosen from the stream identifiers | |||
available to the server (see Section 5.1.1). | available to the server (see Section 5.1.1). | |||
The header fields in PUSH_PROMISE and any subsequent CONTINUATION | The header fields in PUSH_PROMISE and any subsequent CONTINUATION | |||
frames MUST be a valid and complete set of request header fields | frames MUST be a valid and complete set of request header fields | |||
(Section 8.3.1). The server MUST include a method in the :method | (Section 8.3.1). The server MUST include a method in the ":method" | |||
pseudo-header field that is safe and cacheable. If a client receives | pseudo-header field that is safe and cacheable. If a client receives | |||
a PUSH_PROMISE that does not include a complete and valid set of | a PUSH_PROMISE that does not include a complete and valid set of | |||
header fields or the :method pseudo-header field identifies a method | header fields or the ":method" pseudo-header field identifies a | |||
that is not safe, it MUST respond on the promised stream with a | method that is not safe, it MUST respond on the promised stream with | |||
stream error (Section 5.4.2) of type PROTOCOL_ERROR. | a stream error (Section 5.4.2) of type PROTOCOL_ERROR. | |||
The server SHOULD send PUSH_PROMISE (Section 6.6) frames prior to | The server SHOULD send PUSH_PROMISE (Section 6.6) frames prior to | |||
sending any frames that reference the promised responses. This | sending any frames that reference the promised responses. This | |||
avoids a race where clients issue requests prior to receiving any | avoids a race where clients issue requests prior to receiving any | |||
PUSH_PROMISE frames. | PUSH_PROMISE frames. | |||
For example, if the server receives a request for a document | For example, if the server receives a request for a document | |||
containing embedded links to multiple image files and the server | containing embedded links to multiple image files and the server | |||
chooses to push those additional images to the client, sending | chooses to push those additional images to the client, sending | |||
PUSH_PROMISE frames before the DATA frames that contain the image | PUSH_PROMISE frames before the DATA frames that contain the image | |||
skipping to change at page 62, line 11 ¶ | skipping to change at line 2850 ¶ | |||
Sending a PUSH_PROMISE frame creates a new stream and puts the stream | Sending a PUSH_PROMISE frame creates a new stream and puts the stream | |||
into the "reserved (local)" state for the server and the "reserved | into the "reserved (local)" state for the server and the "reserved | |||
(remote)" state for the client. | (remote)" state for the client. | |||
8.4.2. Push Responses | 8.4.2. Push Responses | |||
After sending the PUSH_PROMISE frame, the server can begin delivering | After sending the PUSH_PROMISE frame, the server can begin delivering | |||
the pushed response as a response (Section 8.3.2) on a server- | the pushed response as a response (Section 8.3.2) on a server- | |||
initiated stream that uses the promised stream identifier. The | initiated stream that uses the promised stream identifier. The | |||
server uses this stream to transmit an HTTP response, using the same | server uses this stream to transmit an HTTP response, using the same | |||
sequence of frames as defined in Section 8.1. This stream becomes | sequence of frames as that defined in Section 8.1. This stream | |||
"half-closed" to the client (Section 5.1) after the initial HEADERS | becomes "half-closed" to the client (Section 5.1) after the initial | |||
frame is sent. | HEADERS frame is sent. | |||
Once a client receives a PUSH_PROMISE frame and chooses to accept the | Once a client receives a PUSH_PROMISE frame and chooses to accept the | |||
pushed response, the client SHOULD NOT issue any requests for the | pushed response, the client SHOULD NOT issue any requests for the | |||
promised response until after the promised stream has closed. | promised response until after the promised stream has closed. | |||
If the client determines, for any reason, that it does not wish to | If the client determines, for any reason, that it does not wish to | |||
receive the pushed response from the server or if the server takes | receive the pushed response from the server or if the server takes | |||
too long to begin sending the promised response, the client can send | too long to begin sending the promised response, the client can send | |||
a RST_STREAM frame, using either the CANCEL or REFUSED_STREAM code | a RST_STREAM frame, using either the CANCEL or REFUSED_STREAM code | |||
and referencing the pushed stream's identifier. | and referencing the pushed stream's identifier. | |||
A client can use the SETTINGS_MAX_CONCURRENT_STREAMS setting to limit | A client can use the SETTINGS_MAX_CONCURRENT_STREAMS setting to limit | |||
the number of responses that can be concurrently pushed by a server. | the number of responses that can be concurrently pushed by a server. | |||
Advertising a SETTINGS_MAX_CONCURRENT_STREAMS value of zero prevents | Advertising a SETTINGS_MAX_CONCURRENT_STREAMS value of zero prevents | |||
the server from opening the streams necessary to push responses. | the server from opening the streams necessary to push responses. | |||
However, this does not prevent the server from reserving streams | However, this does not prevent the server from reserving streams | |||
using PUSH_PROMISE frames, because "reserved" streams do not count | using PUSH_PROMISE frames, because reserved streams do not count | |||
toward the concurrent stream limit. Clients that do not wish to | toward the concurrent stream limit. Clients that do not wish to | |||
receive pushed resources need to reset any unwanted reserved streams | receive pushed resources need to reset any unwanted reserved streams | |||
or set SETTINGS_ENABLE_PUSH to 0. | or set SETTINGS_ENABLE_PUSH to 0. | |||
Clients receiving a pushed response MUST validate that either the | Clients receiving a pushed response MUST validate that either the | |||
server is authoritative (see Section 10.1) or the proxy that provided | server is authoritative (see Section 10.1) or the proxy that provided | |||
the pushed response is configured for the corresponding request. For | the pushed response is configured for the corresponding request. For | |||
example, a server that offers a certificate for only the example.com | example, a server that offers a certificate for only the example.com | |||
DNS-ID (see [RFC6125]) is not permitted to push a response for | DNS-ID (see [RFC6125]) is not permitted to push a response for | |||
https://www.example.org/doc. | <https://www.example.org/doc>. | |||
The response for a PUSH_PROMISE stream begins with a HEADERS frame, | The response for a PUSH_PROMISE stream begins with a HEADERS frame, | |||
which immediately puts the stream into the "half-closed (remote)" | which immediately puts the stream into the "half-closed (remote)" | |||
state for the server and "half-closed (local)" state for the client, | state for the server and "half-closed (local)" state for the client, | |||
and ends with a frame with the END_STREAM flag set, which places the | and ends with a frame with the END_STREAM flag set, which places the | |||
stream in the "closed" state. | stream in the "closed" state. | |||
| Note: The client never sends a frame with the END_STREAM flag | | Note: The client never sends a frame with the END_STREAM flag | |||
| set for a server push. | | set for a server push. | |||
8.5. The CONNECT Method | 8.5. The CONNECT Method | |||
The CONNECT method (Section 9.3.6 of [HTTP]) is used to convert an | The CONNECT method (Section 9.3.6 of [HTTP]) is used to convert an | |||
HTTP connection into a tunnel to a remote host. CONNECT is primarily | HTTP connection into a tunnel to a remote host. CONNECT is primarily | |||
used with HTTP proxies to establish a TLS session with an origin | used with HTTP proxies to establish a TLS session with an origin | |||
server for the purposes of interacting with https resources. | server for the purposes of interacting with "https" resources. | |||
In HTTP/2, the CONNECT method establishes a tunnel over a single | In HTTP/2, the CONNECT method establishes a tunnel over a single | |||
HTTP/2 stream to a remote host, rather than converting the entire | HTTP/2 stream to a remote host, rather than converting the entire | |||
connection to a tunnel. A CONNECT header section is constructed as | connection to a tunnel. A CONNECT header section is constructed as | |||
defined in Section 8.3.1 ("Request Pseudo-Header Fields"), with a few | defined in Section 8.3.1 ("Request Pseudo-Header Fields"), with a few | |||
differences. Specifically: | differences. Specifically: | |||
* The :method pseudo-header field is set to CONNECT. | * The ":method" pseudo-header field is set to CONNECT. | |||
* The :scheme and :path pseudo-header fields MUST be omitted. | * The ":scheme" and ":path" pseudo-header fields MUST be omitted. | |||
* The :authority pseudo-header field contains the host and port to | * The ":authority" pseudo-header field contains the host and port to | |||
connect to (equivalent to the authority-form of the request-target | connect to (equivalent to the authority-form of the request-target | |||
of CONNECT requests; see Section 3.2.3 of [HTTP11]). | of CONNECT requests; see Section 3.2.3 of [HTTP/1.1]). | |||
A CONNECT request that does not conform to these restrictions is | A CONNECT request that does not conform to these restrictions is | |||
malformed (Section 8.1.1). | malformed (Section 8.1.1). | |||
A proxy that supports CONNECT establishes a TCP connection [TCP] to | A proxy that supports CONNECT establishes a TCP connection [TCP] to | |||
the host and port identified in the :authority pseudo-header field. | the host and port identified in the ":authority" pseudo-header field. | |||
Once this connection is successfully established, the proxy sends a | Once this connection is successfully established, the proxy sends a | |||
HEADERS frame containing a 2xx series status code to the client, as | HEADERS frame containing a 2xx-series status code to the client, as | |||
defined in Section 9.3.6 of [HTTP]. | defined in Section 9.3.6 of [HTTP]. | |||
After the initial HEADERS frame sent by each peer, all subsequent | After the initial HEADERS frame sent by each peer, all subsequent | |||
DATA frames correspond to data sent on the TCP connection. The frame | DATA frames correspond to data sent on the TCP connection. The frame | |||
payload of any DATA frames sent by the client is transmitted by the | payload of any DATA frames sent by the client is transmitted by the | |||
proxy to the TCP server; data received from the TCP server is | proxy to the TCP server; data received from the TCP server is | |||
assembled into DATA frames by the proxy. Frame types other than DATA | assembled into DATA frames by the proxy. Frame types other than DATA | |||
or stream management frames (RST_STREAM, WINDOW_UPDATE, and PRIORITY) | or stream management frames (RST_STREAM, WINDOW_UPDATE, and PRIORITY) | |||
MUST NOT be sent on a connected stream and MUST be treated as a | MUST NOT be sent on a connected stream and MUST be treated as a | |||
stream error (Section 5.4.2) if received. | stream error (Section 5.4.2) if received. | |||
skipping to change at page 64, line 19 ¶ | skipping to change at line 2953 ¶ | |||
with the RST bit set if it detects an error with the stream or the | with the RST bit set if it detects an error with the stream or the | |||
HTTP/2 connection. | HTTP/2 connection. | |||
8.6. The Upgrade Header Field | 8.6. The Upgrade Header Field | |||
HTTP/2 does not support the 101 (Switching Protocols) informational | HTTP/2 does not support the 101 (Switching Protocols) informational | |||
status code (Section 15.2.2 of [HTTP]). | status code (Section 15.2.2 of [HTTP]). | |||
The semantics of 101 (Switching Protocols) aren't applicable to a | The semantics of 101 (Switching Protocols) aren't applicable to a | |||
multiplexed protocol. Similar functionality might be enabled through | multiplexed protocol. Similar functionality might be enabled through | |||
the use of extended CONNECT [RFC8441] and other protocols are able to | the use of extended CONNECT [RFC8441], and other protocols are able | |||
use the same mechanisms that HTTP/2 uses to negotiate their use (see | to use the same mechanisms that HTTP/2 uses to negotiate their use | |||
Section 3). | (see Section 3). | |||
8.7. Request Reliability | 8.7. Request Reliability | |||
In general, an HTTP client is unable to retry a non-idempotent | In general, an HTTP client is unable to retry a non-idempotent | |||
request when an error occurs because there is no means to determine | request when an error occurs because there is no means to determine | |||
the nature of the error (see Section 9.2.2 of [HTTP]). It is | the nature of the error (see Section 9.2.2 of [HTTP]). It is | |||
possible that some server processing occurred prior to the error, | possible that some server processing occurred prior to the error, | |||
which could result in undesirable effects if the request were | which could result in undesirable effects if the request were | |||
reattempted. | reattempted. | |||
skipping to change at page 65, line 7 ¶ | skipping to change at line 2990 ¶ | |||
A server MUST NOT indicate that a stream has not been processed | A server MUST NOT indicate that a stream has not been processed | |||
unless it can guarantee that fact. If frames that are on a stream | unless it can guarantee that fact. If frames that are on a stream | |||
are passed to the application layer for any stream, then | are passed to the application layer for any stream, then | |||
REFUSED_STREAM MUST NOT be used for that stream, and a GOAWAY frame | REFUSED_STREAM MUST NOT be used for that stream, and a GOAWAY frame | |||
MUST include a stream identifier that is greater than or equal to the | MUST include a stream identifier that is greater than or equal to the | |||
given stream identifier. | given stream identifier. | |||
In addition to these mechanisms, the PING frame provides a way for a | In addition to these mechanisms, the PING frame provides a way for a | |||
client to easily test a connection. Connections that remain idle can | client to easily test a connection. Connections that remain idle can | |||
become broken as some middleboxes (for instance, network address | become broken, because some middleboxes (for instance, network | |||
translators or load balancers) silently discard connection bindings. | address translators or load balancers) silently discard connection | |||
The PING frame allows a client to safely test whether a connection is | bindings. The PING frame allows a client to safely test whether a | |||
still active without sending a request. | connection is still active without sending a request. | |||
8.8. Examples | 8.8. Examples | |||
This section shows HTTP/1.1 requests and responses, with | This section shows HTTP/1.1 requests and responses, with | |||
illustrations of equivalent HTTP/2 requests and responses. | illustrations of equivalent HTTP/2 requests and responses. | |||
8.8.1. Simple Request | 8.8.1. Simple Request | |||
An HTTP GET request includes control data and a request header with | An HTTP GET request includes control data and a request header with | |||
no message content and is therefore transmitted as a single HEADERS | no message content and is therefore transmitted as a single HEADERS | |||
skipping to change at page 66, line 8 ¶ | skipping to change at line 3036 ¶ | |||
HTTP/1.1 304 Not Modified HEADERS | HTTP/1.1 304 Not Modified HEADERS | |||
ETag: "xyzzy" ==> + END_STREAM | ETag: "xyzzy" ==> + END_STREAM | |||
Expires: Thu, 23 Jan ... + END_HEADERS | Expires: Thu, 23 Jan ... + END_HEADERS | |||
:status = 304 | :status = 304 | |||
etag = "xyzzy" | etag = "xyzzy" | |||
expires = Thu, 23 Jan ... | expires = Thu, 23 Jan ... | |||
8.8.3. Complex Request | 8.8.3. Complex Request | |||
An HTTP POST request that includes control data and a request header | An HTTP POST request that includes control data and a request header | |||
and message content is transmitted as one HEADERS frame, followed by | with message content is transmitted as one HEADERS frame, followed by | |||
zero or more CONTINUATION frames containing the request header, | zero or more CONTINUATION frames containing the request header, | |||
followed by one or more DATA frames, with the last CONTINUATION (or | followed by one or more DATA frames, with the last CONTINUATION (or | |||
HEADERS) frame having the END_HEADERS flag set and the final DATA | HEADERS) frame having the END_HEADERS flag set and the final DATA | |||
frame having the END_STREAM flag set: | frame having the END_STREAM flag set: | |||
POST /resource HTTP/1.1 HEADERS | POST /resource HTTP/1.1 HEADERS | |||
Host: example.org ==> - END_STREAM | Host: example.org ==> - END_STREAM | |||
Content-Type: image/jpeg - END_HEADERS | Content-Type: image/jpeg - END_HEADERS | |||
Content-Length: 123 :method = POST | Content-Length: 123 :method = POST | |||
:authority = example.org | :authority = example.org | |||
skipping to change at page 66, line 38 ¶ | skipping to change at line 3066 ¶ | |||
DATA | DATA | |||
+ END_STREAM | + END_STREAM | |||
{binary data} | {binary data} | |||
Note that data contributing to any given field line could be spread | Note that data contributing to any given field line could be spread | |||
between field block fragments. The allocation of field lines to | between field block fragments. The allocation of field lines to | |||
frames in this example is illustrative only. | frames in this example is illustrative only. | |||
8.8.4. Response with Body | 8.8.4. Response with Body | |||
A response that includes control data and a response header and | A response that includes control data and a response header with | |||
message content is transmitted as a HEADERS frame, followed by zero | message content is transmitted as a HEADERS frame, followed by zero | |||
or more CONTINUATION frames, followed by one or more DATA frames, | or more CONTINUATION frames, followed by one or more DATA frames, | |||
with the last DATA frame in the sequence having the END_STREAM flag | with the last DATA frame in the sequence having the END_STREAM flag | |||
set: | set: | |||
HTTP/1.1 200 OK HEADERS | HTTP/1.1 200 OK HEADERS | |||
Content-Type: image/jpeg ==> - END_STREAM | Content-Type: image/jpeg ==> - END_STREAM | |||
Content-Length: 123 + END_HEADERS | Content-Length: 123 + END_HEADERS | |||
:status = 200 | :status = 200 | |||
{binary data} content-type = image/jpeg | {binary data} content-type = image/jpeg | |||
skipping to change at page 68, line 7 ¶ | skipping to change at line 3122 ¶ | |||
Foo: bar - END_STREAM | Foo: bar - END_STREAM | |||
{binary data} | {binary data} | |||
HEADERS | HEADERS | |||
+ END_STREAM | + END_STREAM | |||
+ END_HEADERS | + END_HEADERS | |||
foo = bar | foo = bar | |||
9. HTTP/2 Connections | 9. HTTP/2 Connections | |||
This section outlines attributes of the HTTP protocol that improve | This section outlines attributes of HTTP that improve | |||
interoperability, reduce exposure to known security vulnerabilities, | interoperability, reduce exposure to known security vulnerabilities, | |||
or reduce the potential for implementation variation. | or reduce the potential for implementation variation. | |||
9.1. Connection Management | 9.1. Connection Management | |||
HTTP/2 connections are persistent. For best performance, it is | HTTP/2 connections are persistent. For best performance, it is | |||
expected that clients will not close connections until it is | expected that clients will not close connections until it is | |||
determined that no further communication with a server is necessary | determined that no further communication with a server is necessary | |||
(for example, when a user navigates away from a particular web page) | (for example, when a user navigates away from a particular web page) | |||
or until the server closes the connection. | or until the server closes the connection. | |||
skipping to change at page 69, line 5 ¶ | skipping to change at line 3166 ¶ | |||
9.1.1. Connection Reuse | 9.1.1. Connection Reuse | |||
Connections that are made to an origin server, either directly or | Connections that are made to an origin server, either directly or | |||
through a tunnel created using the CONNECT method (Section 8.5), MAY | through a tunnel created using the CONNECT method (Section 8.5), MAY | |||
be reused for requests with multiple different URI authority | be reused for requests with multiple different URI authority | |||
components. A connection can be reused as long as the origin server | components. A connection can be reused as long as the origin server | |||
is authoritative (Section 10.1). For TCP connections without TLS, | is authoritative (Section 10.1). For TCP connections without TLS, | |||
this depends on the host having resolved to the same IP address. | this depends on the host having resolved to the same IP address. | |||
For https resources, connection reuse additionally depends on having | For "https" resources, connection reuse additionally depends on | |||
a certificate that is valid for the host in the URI. The certificate | having a certificate that is valid for the host in the URI. The | |||
presented by the server MUST satisfy any checks that the client would | certificate presented by the server MUST satisfy any checks that the | |||
perform when forming a new TLS connection for the host in the URI. A | client would perform when forming a new TLS connection for the host | |||
single certificate can be used to establish authority for multiple | in the URI. A single certificate can be used to establish authority | |||
origins. Section 4.3 of [HTTP] describes how a client determines | for multiple origins. Section 4.3 of [HTTP] describes how a client | |||
whether a server is authoritative for a URI. | determines whether a server is authoritative for a URI. | |||
In some deployments, reusing a connection for multiple origins can | In some deployments, reusing a connection for multiple origins can | |||
result in requests being directed to the wrong origin server. For | result in requests being directed to the wrong origin server. For | |||
example, TLS termination might be performed by a middlebox that uses | example, TLS termination might be performed by a middlebox that uses | |||
the TLS Server Name Indication (SNI) [TLS-EXT] extension to select an | the TLS Server Name Indication [TLS-EXT] extension to select an | |||
origin server. This means that it is possible for clients to send | origin server. This means that it is possible for clients to send | |||
requests to servers that might not be the intended target for the | requests to servers that might not be the intended target for the | |||
request, even though the server is otherwise authoritative. | request, even though the server is otherwise authoritative. | |||
A server that does not wish clients to reuse connections can indicate | A server that does not wish clients to reuse connections can indicate | |||
that it is not authoritative for a request by sending a 421 | that it is not authoritative for a request by sending a 421 | |||
(Misdirected Request) status code in response to the request (see | (Misdirected Request) status code in response to the request (see | |||
Section 15.5.20 of [HTTP]). | Section 15.5.20 of [HTTP]). | |||
A client that is configured to use a proxy over HTTP/2 directs | A client that is configured to use a proxy over HTTP/2 directs | |||
skipping to change at page 69, line 44 ¶ | skipping to change at line 3205 ¶ | |||
SHOULD be followed, with some additional restrictions that are | SHOULD be followed, with some additional restrictions that are | |||
specific to HTTP/2. | specific to HTTP/2. | |||
The TLS implementation MUST support the Server Name Indication (SNI) | The TLS implementation MUST support the Server Name Indication (SNI) | |||
[TLS-EXT] extension to TLS. If the server is identified by a domain | [TLS-EXT] extension to TLS. If the server is identified by a domain | |||
name [DNS-TERMS], clients MUST send the server_name TLS extension | name [DNS-TERMS], clients MUST send the server_name TLS extension | |||
unless an alternative mechanism to indicate the target host is used. | unless an alternative mechanism to indicate the target host is used. | |||
Requirements for deployments of HTTP/2 that negotiate TLS 1.3 [TLS13] | Requirements for deployments of HTTP/2 that negotiate TLS 1.3 [TLS13] | |||
are included in Section 9.2.3. Deployments of TLS 1.2 are subject to | are included in Section 9.2.3. Deployments of TLS 1.2 are subject to | |||
the requirements in Section 9.2.1 and Section 9.2.2. Implementations | the requirements in Sections 9.2.1 and 9.2.2. Implementations are | |||
are encouraged to provide defaults that comply, but it is recognized | encouraged to provide defaults that comply, but it is recognized that | |||
that deployments are ultimately responsible for compliance. | deployments are ultimately responsible for compliance. | |||
9.2.1. TLS 1.2 Features | 9.2.1. TLS 1.2 Features | |||
This section describes restrictions on the TLS 1.2 feature set that | This section describes restrictions on the TLS 1.2 feature set that | |||
can be used with HTTP/2. Due to deployment limitations, it might not | can be used with HTTP/2. Due to deployment limitations, it might not | |||
be possible to fail TLS negotiation when these restrictions are not | be possible to fail TLS negotiation when these restrictions are not | |||
met. An endpoint MAY immediately terminate an HTTP/2 connection that | met. An endpoint MAY immediately terminate an HTTP/2 connection that | |||
does not meet these TLS requirements with a connection error | does not meet these TLS requirements with a connection error | |||
(Section 5.4.1) of type INADEQUATE_SECURITY. | (Section 5.4.1) of type INADEQUATE_SECURITY. | |||
A deployment of HTTP/2 over TLS 1.2 MUST disable compression. TLS | A deployment of HTTP/2 over TLS 1.2 MUST disable compression. TLS | |||
compression can lead to the exposure of information that would not | compression can lead to the exposure of information that would not | |||
otherwise be revealed [RFC3749]. Generic compression is unnecessary | otherwise be revealed [RFC3749]. Generic compression is unnecessary, | |||
since HTTP/2 provides compression features that are more aware of | since HTTP/2 provides compression features that are more aware of | |||
context and therefore likely to be more appropriate for use for | context and therefore likely to be more appropriate for use for | |||
performance, security, or other reasons. | performance, security, or other reasons. | |||
A deployment of HTTP/2 over TLS 1.2 MUST disable renegotiation. An | A deployment of HTTP/2 over TLS 1.2 MUST disable renegotiation. An | |||
endpoint MUST treat a TLS renegotiation as a connection error | endpoint MUST treat a TLS renegotiation as a connection error | |||
(Section 5.4.1) of type PROTOCOL_ERROR. Note that disabling | (Section 5.4.1) of type PROTOCOL_ERROR. Note that disabling | |||
renegotiation can result in long-lived connections becoming unusable | renegotiation can result in long-lived connections becoming unusable | |||
due to limits on the number of messages the underlying cipher suite | due to limits on the number of messages the underlying cipher suite | |||
can encipher. | can encipher. | |||
skipping to change at page 70, line 38 ¶ | skipping to change at line 3242 ¶ | |||
An endpoint MAY use renegotiation to provide confidentiality | An endpoint MAY use renegotiation to provide confidentiality | |||
protection for client credentials offered in the handshake, but any | protection for client credentials offered in the handshake, but any | |||
renegotiation MUST occur prior to sending the connection preface. A | renegotiation MUST occur prior to sending the connection preface. A | |||
server SHOULD request a client certificate if it sees a renegotiation | server SHOULD request a client certificate if it sees a renegotiation | |||
request immediately after establishing a connection. | request immediately after establishing a connection. | |||
This effectively prevents the use of renegotiation in response to a | This effectively prevents the use of renegotiation in response to a | |||
request for a specific protected resource. A future specification | request for a specific protected resource. A future specification | |||
might provide a way to support this use case. Alternatively, a | might provide a way to support this use case. Alternatively, a | |||
server might use an error (Section 5.4) of type HTTP_1_1_REQUIRED to | server might use an error (Section 5.4) of type HTTP_1_1_REQUIRED to | |||
request the client use a protocol that supports renegotiation. | request that the client use a protocol that supports renegotiation. | |||
Implementations MUST support ephemeral key exchange sizes of at least | Implementations MUST support ephemeral key exchange sizes of at least | |||
2048 bits for cipher suites that use ephemeral finite field Diffie- | 2048 bits for cipher suites that use ephemeral finite field Diffie- | |||
Hellman (DHE) (Section 8.1.2 of [TLS12] and 224 bits for cipher | Hellman (DHE) (Section 8.1.2 of [TLS12]) and 224 bits for cipher | |||
suites that use ephemeral elliptic curve Diffie-Hellman (ECDHE) | suites that use ephemeral elliptic curve Diffie-Hellman (ECDHE) | |||
[RFC8422]. Clients MUST accept DHE sizes of up to 4096 bits. | [RFC8422]. Clients MUST accept DHE sizes of up to 4096 bits. | |||
Endpoints MAY treat negotiation of key sizes smaller than the lower | Endpoints MAY treat negotiation of key sizes smaller than the lower | |||
limits as a connection error (Section 5.4.1) of type | limits as a connection error (Section 5.4.1) of type | |||
INADEQUATE_SECURITY. | INADEQUATE_SECURITY. | |||
9.2.2. TLS 1.2 Cipher Suites | 9.2.2. TLS 1.2 Cipher Suites | |||
A deployment of HTTP/2 over TLS 1.2 SHOULD NOT use any of the cipher | A deployment of HTTP/2 over TLS 1.2 SHOULD NOT use any of the | |||
suites that are listed in the list of prohibited cipher suites | prohibited cipher suites listed in Appendix A. | |||
(Appendix A). | ||||
Endpoints MAY choose to generate a connection error (Section 5.4.1) | Endpoints MAY choose to generate a connection error (Section 5.4.1) | |||
of type INADEQUATE_SECURITY if one of the prohibited cipher suites is | of type INADEQUATE_SECURITY if one of the prohibited cipher suites is | |||
negotiated. A deployment that chooses to use a prohibited cipher | negotiated. A deployment that chooses to use a prohibited cipher | |||
suite risks triggering a connection error unless the set of potential | suite risks triggering a connection error unless the set of potential | |||
peers is known to accept that cipher suite. | peers is known to accept that cipher suite. | |||
Implementations MUST NOT generate this error in reaction to the | Implementations MUST NOT generate this error in reaction to the | |||
negotiation of a cipher suite that is not prohibited. Consequently, | negotiation of a cipher suite that is not prohibited. Consequently, | |||
when clients offer a cipher suite that is not prohibited, they have | when clients offer a cipher suite that is not prohibited, they have | |||
to be prepared to use that cipher suite with HTTP/2. | to be prepared to use that cipher suite with HTTP/2. | |||
The list of prohibited cipher suites includes the cipher suite that | The list of prohibited cipher suites includes the cipher suite that | |||
TLS 1.2 makes mandatory, which means that TLS 1.2 deployments could | TLS 1.2 makes mandatory, which means that TLS 1.2 deployments could | |||
have non-intersecting sets of permitted cipher suites. To avoid this | have non-intersecting sets of permitted cipher suites. To avoid this | |||
problem causing TLS handshake failures, deployments of HTTP/2 that | problem, which causes TLS handshake failures, deployments of HTTP/2 | |||
use TLS 1.2 MUST support TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | that use TLS 1.2 MUST support TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | |||
[TLS-ECDHE] with the P-256 elliptic curve [RFC8422]. | [TLS-ECDHE] with the P-256 elliptic curve [RFC8422]. | |||
Note that clients might advertise support of cipher suites that are | Note that clients might advertise support of cipher suites that are | |||
prohibited in order to allow for connection to servers that do not | prohibited in order to allow for connection to servers that do not | |||
support HTTP/2. This allows servers to select HTTP/1.1 with a cipher | support HTTP/2. This allows servers to select HTTP/1.1 with a cipher | |||
suite that is prohibited in HTTP/2. However, this can result in | suite that is prohibited in HTTP/2. However, this can result in | |||
HTTP/2 being negotiated with a prohibited cipher suite if the | HTTP/2 being negotiated with a prohibited cipher suite if the | |||
application protocol and cipher suite are independently selected. | application protocol and cipher suite are independently selected. | |||
9.2.3. TLS 1.3 Features | 9.2.3. TLS 1.3 Features | |||
skipping to change at page 73, line 18 ¶ | skipping to change at line 3361 ¶ | |||
treated as delimiters in other HTTP versions. An intermediary that | treated as delimiters in other HTTP versions. An intermediary that | |||
translates an HTTP/2 request or response MUST validate fields | translates an HTTP/2 request or response MUST validate fields | |||
according to the rules in Section 8.2 before translating a message to | according to the rules in Section 8.2 before translating a message to | |||
another HTTP version. Translating a field that includes invalid | another HTTP version. Translating a field that includes invalid | |||
delimiters could be used to cause recipients to incorrectly interpret | delimiters could be used to cause recipients to incorrectly interpret | |||
a message, which could be exploited by an attacker. | a message, which could be exploited by an attacker. | |||
Section 8.2 does not include specific rules for validation of pseudo- | Section 8.2 does not include specific rules for validation of pseudo- | |||
header fields. If the values of these fields are used, additional | header fields. If the values of these fields are used, additional | |||
validation is necessary. This is particularly important where | validation is necessary. This is particularly important where | |||
:scheme, :authority, and :path are combined to form a single URI | ":scheme", ":authority", and ":path" are combined to form a single | |||
string ([RFC3986]). Similar problems might occur when that URI or | URI string [RFC3986]. Similar problems might occur when that URI or | |||
just :path are combined with :method to construct a request line (as | just ":path" is combined with ":method" to construct a request line | |||
in Section 3 of [HTTP11]). Simple concatenation is not secure unless | (as in Section 3 of [HTTP/1.1]). Simple concatenation is not secure | |||
the input values are fully validated. | unless the input values are fully validated. | |||
An intermediary can reject fields that contain invalid field names or | An intermediary can reject fields that contain invalid field names or | |||
values for other reasons, in particular those that do not conform to | values for other reasons -- in particular, those fields that do not | |||
the HTTP ABNF grammar from Section 5 of [HTTP]. Intermediaries that | conform to the HTTP ABNF grammar from Section 5 of [HTTP]. | |||
do not perform any validation of fields other than the minimum | Intermediaries that do not perform any validation of fields other | |||
required by Section 8.2 could forward messages that contain invalid | than the minimum required by Section 8.2 could forward messages that | |||
field names or values. | contain invalid field names or values. | |||
An intermediary that receives any field that requires removal before | An intermediary that receives any fields that require removal before | |||
forwarding (see Section 7.6.1 of [HTTP]) MUST remove or replace those | forwarding (see Section 7.6.1 of [HTTP]) MUST remove or replace those | |||
header fields when forwarding messages. Additionally, intermediaries | header fields when forwarding messages. Additionally, intermediaries | |||
should take care when forwarding messages containing Content-Length | should take care when forwarding messages containing Content-Length | |||
fields to ensure that the message is well-formed (Section 8.1.1). | fields to ensure that the message is well-formed (Section 8.1.1). | |||
This ensures that if the message is translated into HTTP/1.1 at any | This ensures that if the message is translated into HTTP/1.1 at any | |||
point the framing will be correct. | point, the framing will be correct. | |||
10.4. Cacheability of Pushed Responses | 10.4. Cacheability of Pushed Responses | |||
Pushed responses do not have an explicit request from the client; the | Pushed responses do not have an explicit request from the client; the | |||
request is provided by the server in the PUSH_PROMISE frame. | request is provided by the server in the PUSH_PROMISE frame. | |||
Caching responses that are pushed is possible based on the guidance | Caching responses that are pushed is possible based on the guidance | |||
provided by the origin server in the Cache-Control header field. | provided by the origin server in the Cache-Control header field. | |||
However, this can cause issues if a single server hosts more than one | However, this can cause issues if a single server hosts more than one | |||
tenant. For example, a server might offer multiple users each a | tenant. For example, a server might offer multiple users each a | |||
skipping to change at page 74, line 14 ¶ | skipping to change at line 3406 ¶ | |||
this would allow a tenant to provide a representation that would be | this would allow a tenant to provide a representation that would be | |||
served out of cache, overriding the actual representation that the | served out of cache, overriding the actual representation that the | |||
authoritative tenant provides. | authoritative tenant provides. | |||
Pushed responses for which an origin server is not authoritative (see | Pushed responses for which an origin server is not authoritative (see | |||
Section 10.1) MUST NOT be used or cached. | Section 10.1) MUST NOT be used or cached. | |||
10.5. Denial-of-Service Considerations | 10.5. Denial-of-Service Considerations | |||
An HTTP/2 connection can demand a greater commitment of resources to | An HTTP/2 connection can demand a greater commitment of resources to | |||
operate than an HTTP/1.1 connection. The use of field section | operate than an HTTP/1.1 connection. Both field section compression | |||
compression and flow control depend on a commitment of resources for | and flow control depend on a commitment of a greater amount of state. | |||
storing a greater amount of state. Settings for these features | Settings for these features ensure that memory commitments for these | |||
ensure that memory commitments for these features are strictly | features are strictly bounded. | |||
bounded. | ||||
The number of PUSH_PROMISE frames is not constrained in the same | The number of PUSH_PROMISE frames is not constrained in the same | |||
fashion. A client that accepts server push SHOULD limit the number | fashion. A client that accepts server push SHOULD limit the number | |||
of streams it allows to be in the "reserved (remote)" state. An | of streams it allows to be in the "reserved (remote)" state. An | |||
excessive number of server push streams can be treated as a stream | excessive number of server push streams can be treated as a stream | |||
error (Section 5.4.2) of type ENHANCE_YOUR_CALM. | error (Section 5.4.2) of type ENHANCE_YOUR_CALM. | |||
A number of HTTP/2 implementations were found to be vulnerable to | A number of HTTP/2 implementations were found to be vulnerable to | |||
denial of service [NFLX-2019-002]. The following lists known ways | denial of service [NFLX-2019-002]. Below is a list of known ways | |||
that implementations might be subject to denial of service attack: | that implementations might be subject to denial-of-service attacks: | |||
* Inefficient tracking of outstanding outbound frames can lead to | * Inefficient tracking of outstanding outbound frames can lead to | |||
overload if an adversary can cause large numbers of frames to be | overload if an adversary can cause large numbers of frames to be | |||
enqueued for sending. A peer could use one of several techniques | enqueued for sending. A peer could use one of several techniques | |||
to cause large numbers of frames to be generated: | to cause large numbers of frames to be generated: | |||
- Providing tiny increments to flow control in WINDOW_UPDATE | - Providing tiny increments to flow control in WINDOW_UPDATE | |||
frames can cause a sender to generate a large number of DATA | frames can cause a sender to generate a large number of DATA | |||
frames. | frames. | |||
- An endpoint is required to respond to a PING frame. | - An endpoint is required to respond to a PING frame. | |||
- Each SETTINGS frame requires acknowledgment. | - Each SETTINGS frame requires acknowledgment. | |||
- An invalid request (or server push) can cause a peer to send | - An invalid request (or server push) can cause a peer to send | |||
RST_STREAM frames in response. | RST_STREAM frames in response. | |||
* An attacker can provide large amounts of flow control credit at | * An attacker can provide large amounts of flow-control credit at | |||
the HTTP/2 layer, but withhold credit at the TCP layer, preventing | the HTTP/2 layer but withhold credit at the TCP layer, preventing | |||
frames from being sent. An endpoint that constructs and remembers | frames from being sent. An endpoint that constructs and remembers | |||
frames for sending without considering TCP limits might be subject | frames for sending without considering TCP limits might be subject | |||
to resource exhaustion. | to resource exhaustion. | |||
* Large numbers of small or empty frames can be abused to cause a | * Large numbers of small or empty frames can be abused to cause a | |||
peer to expend time processing frame headers. Caution is required | peer to expend time processing frame headers. Caution is required | |||
here as some uses of small frames are entirely legitimate, such as | here as some uses of small frames are entirely legitimate, such as | |||
the sending of an empty DATA or CONTINUATION frame at the end of a | the sending of an empty DATA or CONTINUATION frame at the end of a | |||
stream. | stream. | |||
* The SETTINGS frame might also be abused to cause a peer to expend | * The SETTINGS frame might also be abused to cause a peer to expend | |||
additional processing time. This might be done by pointlessly | additional processing time. This might be done by pointlessly | |||
changing settings, sending multiple undefined settings, or | changing settings, sending multiple undefined settings, or | |||
changing the same setting multiple times in the same frame. | changing the same setting multiple times in the same frame. | |||
* Handling reprioritization with PRIORITY frames can require | * Handling reprioritization with PRIORITY frames can require | |||
significant processing time and can lead to overload if many | significant processing time and can lead to overload if many | |||
PRIORITY frames are sent. | PRIORITY frames are sent. | |||
* Field section compression also offers some opportunities to waste | * Field section compression also provides opportunities for an | |||
processing resources; see Section 7 of [COMPRESSION] for more | attacker to waste processing resources; see Section 7 of | |||
details on potential abuses. | [COMPRESSION] for more details on potential abuses. | |||
* Limits in SETTINGS cannot be reduced instantaneously, which leaves | * Limits in SETTINGS cannot be reduced instantaneously, which leaves | |||
an endpoint exposed to behavior from a peer that could exceed the | an endpoint exposed to behavior from a peer that could exceed the | |||
new limits. In particular, immediately after establishing a | new limits. In particular, immediately after establishing a | |||
connection, limits set by a server are not known to clients and | connection, limits set by a server are not known to clients and | |||
could be exceeded without being an obvious protocol violation. | could be exceeded without being an obvious protocol violation. | |||
Most of the features that might be exploited for denial of service -- | Most of the features that might be exploited for denial of service -- | |||
i.e., SETTINGS changes, small frames, field section compression -- | such as SETTINGS changes, small frames, field section compression -- | |||
have legitimate uses. These features become a burden only when they | have legitimate uses. These features become a burden only when they | |||
are used unnecessarily or to excess. | are used unnecessarily or to excess. | |||
An endpoint that doesn't monitor use of these features exposes itself | An endpoint that doesn't monitor use of these features exposes itself | |||
to a risk of denial of service. Implementations SHOULD track the use | to a risk of denial of service. Implementations SHOULD track the use | |||
of these features and set limits on their use. An endpoint MAY treat | of these features and set limits on their use. An endpoint MAY treat | |||
activity that is suspicious as a connection error (Section 5.4.1) of | activity that is suspicious as a connection error (Section 5.4.1) of | |||
type ENHANCE_YOUR_CALM. | type ENHANCE_YOUR_CALM. | |||
10.5.1. Limits on Field Block Size | 10.5.1. Limits on Field Block Size | |||
skipping to change at page 76, line 41 ¶ | skipping to change at line 3526 ¶ | |||
10.6. Use of Compression | 10.6. Use of Compression | |||
Compression can allow an attacker to recover secret data when it is | Compression can allow an attacker to recover secret data when it is | |||
compressed in the same context as data under attacker control. | compressed in the same context as data under attacker control. | |||
HTTP/2 enables compression of field lines (Section 4.3); the | HTTP/2 enables compression of field lines (Section 4.3); the | |||
following concerns also apply to the use of HTTP compressed content- | following concerns also apply to the use of HTTP compressed content- | |||
codings (Section 8.4.1 of [HTTP]). | codings (Section 8.4.1 of [HTTP]). | |||
There are demonstrable attacks on compression that exploit the | There are demonstrable attacks on compression that exploit the | |||
characteristics of the web (e.g., [BREACH]). The attacker induces | characteristics of the Web (e.g., [BREACH]). The attacker induces | |||
multiple requests containing varying plaintext, observing the length | multiple requests containing varying plaintext, observing the length | |||
of the resulting ciphertext in each, which reveals a shorter length | of the resulting ciphertext in each, which reveals a shorter length | |||
when a guess about the secret is correct. | when a guess about the secret is correct. | |||
Implementations communicating on a secure channel MUST NOT compress | Implementations communicating on a secure channel MUST NOT compress | |||
content that includes both confidential and attacker-controlled data | content that includes both confidential and attacker-controlled data | |||
unless separate compression dictionaries are used for each source of | unless separate compression dictionaries are used for each source of | |||
data. Compression MUST NOT be used if the source of data cannot be | data. Compression MUST NOT be used if the source of data cannot be | |||
reliably determined. Generic stream compression, such as that | reliably determined. Generic stream compression, such as that | |||
provided by TLS, MUST NOT be used with HTTP/2 (see Section 9.2). | provided by TLS, MUST NOT be used with HTTP/2 (see Section 9.2). | |||
skipping to change at page 77, line 19 ¶ | skipping to change at line 3552 ¶ | |||
Padding within HTTP/2 is not intended as a replacement for general | Padding within HTTP/2 is not intended as a replacement for general | |||
purpose padding, such as that provided by TLS [TLS13]. Redundant | purpose padding, such as that provided by TLS [TLS13]. Redundant | |||
padding could even be counterproductive. Correct application can | padding could even be counterproductive. Correct application can | |||
depend on having specific knowledge of the data that is being padded. | depend on having specific knowledge of the data that is being padded. | |||
To mitigate attacks that rely on compression, disabling or limiting | To mitigate attacks that rely on compression, disabling or limiting | |||
compression might be preferable to padding as a countermeasure. | compression might be preferable to padding as a countermeasure. | |||
Padding can be used to obscure the exact size of frame content and is | Padding can be used to obscure the exact size of frame content and is | |||
provided to mitigate specific attacks within HTTP, for example, | provided to mitigate specific attacks within HTTP -- for example, | |||
attacks where compressed content includes both attacker-controlled | attacks where compressed content includes both attacker-controlled | |||
plaintext and secret data (e.g., [BREACH]). | plaintext and secret data (e.g., [BREACH]). | |||
Use of padding can result in less protection than might seem | Use of padding can result in less protection than might seem | |||
immediately obvious. At best, padding only makes it more difficult | immediately obvious. At best, padding only makes it more difficult | |||
for an attacker to infer length information by increasing the number | for an attacker to infer length information by increasing the number | |||
of frames an attacker has to observe. Incorrectly implemented | of frames an attacker has to observe. Incorrectly implemented | |||
padding schemes can be easily defeated. In particular, randomized | padding schemes can be easily defeated. In particular, randomized | |||
padding with a predictable distribution provides very little | padding with a predictable distribution provides very little | |||
protection; similarly, padding frame payloads to a fixed size exposes | protection; similarly, padding frame payloads to a fixed size exposes | |||
information as frame payload sizes cross the fixed-sized boundary, | information as frame payload sizes cross the fixed-sized boundary, | |||
which could be possible if an attacker can control plaintext. | which could be possible if an attacker can control plaintext. | |||
Intermediaries SHOULD retain padding for DATA frames, but MAY drop | Intermediaries SHOULD retain padding for DATA frames but MAY drop | |||
padding for HEADERS and PUSH_PROMISE frames. A valid reason for an | padding for HEADERS and PUSH_PROMISE frames. A valid reason for an | |||
intermediary to change the amount of padding of frames is to improve | intermediary to change the amount of padding of frames is to improve | |||
the protections that padding provides. | the protections that padding provides. | |||
10.8. Privacy Considerations | 10.8. Privacy Considerations | |||
Several characteristics of HTTP/2 provide an observer an opportunity | Several characteristics of HTTP/2 provide an observer an opportunity | |||
to correlate actions of a single client or server over time. These | to correlate actions of a single client or server over time. These | |||
include the value of settings, the manner in which flow-control | include the values of settings, the manner in which flow-control | |||
windows are managed, the way priorities are allocated to streams, the | windows are managed, the way priorities are allocated to streams, the | |||
timing of reactions to stimulus, and the handling of any features | timing of reactions to stimulus, and the handling of any features | |||
that are controlled by settings. | that are controlled by settings. | |||
As far as these create observable differences in behavior, they could | As far as these create observable differences in behavior, they could | |||
be used as a basis for fingerprinting a specific client, as defined | be used as a basis for fingerprinting a specific client, as defined | |||
in Section 3.2 of [PRIVACY]. | in Section 3.2 of [PRIVACY]. | |||
HTTP/2's preference for using a single TCP connection allows | HTTP/2's preference for using a single TCP connection allows | |||
correlation of a user's activity on a site. Reusing connections for | correlation of a user's activity on a site. Reusing connections for | |||
skipping to change at page 78, line 25 ¶ | skipping to change at line 3604 ¶ | |||
Remote timing attacks extract secrets from servers by observing | Remote timing attacks extract secrets from servers by observing | |||
variations in the time that servers take when processing requests | variations in the time that servers take when processing requests | |||
that use secrets. HTTP/2 enables concurrent request creation and | that use secrets. HTTP/2 enables concurrent request creation and | |||
processing, which can give attackers better control over when request | processing, which can give attackers better control over when request | |||
processing commences. Multiple HTTP/2 requests can be included in | processing commences. Multiple HTTP/2 requests can be included in | |||
the same IP packet or TLS record. HTTP/2 can therefore make remote | the same IP packet or TLS record. HTTP/2 can therefore make remote | |||
timing attacks more efficient by eliminating variability in request | timing attacks more efficient by eliminating variability in request | |||
delivery, leaving only request order and the delivery of responses as | delivery, leaving only request order and the delivery of responses as | |||
sources of timing variability. | sources of timing variability. | |||
Ensuring that processing time is not dependent on the value of | Ensuring that processing time is not dependent on the value of a | |||
secrets is the best defense against any form of timing attack. | secret is the best defense against any form of timing attack. | |||
11. IANA Considerations | 11. IANA Considerations | |||
This revision of the document marks the HTTP2-Settings header field | This revision of HTTP/2 marks the HTTP2-Settings header field and the | |||
and the h2c Upgrade token, both defined in [RFC7540], as obsolete. | h2c upgrade token, both defined in [RFC7540], as obsolete. | |||
Section 11 of [RFC7540] registered the h2 and h2c ALPN identifiers | Section 11 of [RFC7540] registered the h2 and h2c ALPN identifiers | |||
along with the PRI HTTP method. RFC 7540 also established a registry | along with the PRI HTTP method. RFC 7540 also established a registry | |||
for frame types, settings, and error codes. These registrations and | for frame types, settings, and error codes. These registrations and | |||
registries apply to HTTP/2, but are not redefined in this document. | registries apply to HTTP/2, but are not redefined in this document. | |||
IANA is requested to update references to RFC 7540 in the following | IANA has updated references to RFC 7540 in the following registries | |||
registries to refer to this document: Application-Layer Protocol | to refer to this document: "TLS Application-Layer Protocol | |||
Negotiation (ALPN) Protocol IDs, HTTP/2 Frame Type, HTTP/2 Settings, | Negotiation (ALPN) Protocol IDs", "HTTP/2 Frame Type", "HTTP/2 | |||
HTTP/2 Error Code, and HTTP Method Registry. The registration of the | Settings", "HTTP/2 Error Code", and "HTTP Method Registry". The | |||
PRI method needs to be updated to refer to Section 3.4; all other | registration of the PRI method has been updated to refer to | |||
section numbers have not changed. | Section 3.4; all other section numbers have not changed. | |||
IANA is requested to change the policy on those portions of the | IANA has changed the policy on those portions of the "HTTP/2 Frame | |||
"HTTP/2 Frame Type" and "HTTP/2 Settings" registries that were | Type" and "HTTP/2 Settings" registries that were reserved for | |||
reserved for Experimental Use in RFC 7540. These portions of the | Experimental Use in RFC 7540. These portions of the registries shall | |||
registry shall operate on the same policy as the remainder of each | operate on the same policy as the remainder of each registry. | |||
registry. | ||||
11.1. HTTP2-Settings Header Field Registration | 11.1. HTTP2-Settings Header Field Registration | |||
This section marks the HTTP2-Settings header field registered by | This section marks the HTTP2-Settings header field registered by | |||
Section 11.5 of [RFC7540] in the Hypertext Transfer Protocol (HTTP) | Section 11.5 of [RFC7540] in the "Hypertext Transfer Protocol (HTTP) | |||
Field Name Registry as obsolete. This capability has been removed: | Field Name Registry" as obsolete. This capability has been removed: | |||
see Section 3.1. The registration is updated to include the details | see Section 3.1. The registration is updated to include the details | |||
as required by Section 18.4 of [HTTP]: | as required by Section 18.4 of [HTTP]: | |||
Field Name: HTTP2-Settings | Field Name: HTTP2-Settings | |||
Status: Standard | Status: obsoleted | |||
Ref.: Section 3.2.1 of [RFC7540] | Reference: Section 3.2.1 of [RFC7540] | |||
Comments: Obsolete; see Section 11.1 of this document | Comments: Obsolete; see Section 11.1 of this document. | |||
11.2. The h2c Upgrade Token | 11.2. The h2c Upgrade Token | |||
This section records the h2c upgrade token registered by Section 11.8 | This section records the h2c upgrade token registered by Section 11.8 | |||
of [RFC7540] in the Hypertext Transfer Protocol (HTTP) Upgrade Token | of [RFC7540] in the "Hypertext Transfer Protocol (HTTP) Upgrade Token | |||
Registry as obsolete. This capability has been removed: see | Registry" as obsolete. This capability has been removed: see | |||
Section 3.1. The registration is updated as follows: | Section 3.1. The registration is updated as follows: | |||
Value: h2c | Value: h2c | |||
Description: Hypertext Transfer Protocol version 2 (HTTP/2) | Description: (OBSOLETE) Hypertext Transfer Protocol version 2 | |||
(HTTP/2) | ||||
Expected Version Tokens: None | Expected Version Tokens: None | |||
Reference: Section 3.1 of this document | Reference: Section 3.1 of this document | |||
12. References | 12. References | |||
12.1. Normative References | 12.1. Normative References | |||
[CACHE] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | [CACHING] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
Ed., "HTTP Caching", Work in Progress, Internet-Draft, | Ed., "HTTP Caching", STD 98, RFC 9111, | |||
draft-ietf-httpbis-cache-18, 18 August 2021, | DOI 10.17487/RFC9111, June 2022, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | <https://www.rfc-editor.org/info/rfc9111>. | |||
cache-18>. | ||||
[COMPRESSION] | [COMPRESSION] | |||
Peon, R. and H. Ruellan, "HPACK: Header Compression for | Peon, R. and H. Ruellan, "HPACK: Header Compression for | |||
HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015, | HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015, | |||
<https://www.rfc-editor.org/rfc/rfc7541>. | <https://www.rfc-editor.org/info/rfc7541>. | |||
[COOKIE] Barth, A., "HTTP State Management Mechanism", RFC 6265, | [COOKIE] Barth, A., "HTTP State Management Mechanism", RFC 6265, | |||
DOI 10.17487/RFC6265, April 2011, | DOI 10.17487/RFC6265, April 2011, | |||
<https://www.rfc-editor.org/rfc/rfc6265>. | <https://www.rfc-editor.org/info/rfc6265>. | |||
[HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
Ed., "HTTP Semantics", Work in Progress, Internet-Draft, | Ed., "HTTP Semantics", STD 97, RFC 9110, | |||
draft-ietf-httpbis-semantics-18, 18 August 2021, | DOI 10.17487/RFC9110, June 2022, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | <https://www.rfc-editor.org/info/rfc9110>. | |||
semantics-18>. | ||||
[QUIC] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | [QUIC] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | |||
Multiplexed and Secure Transport", RFC 9000, | Multiplexed and Secure Transport", RFC 9000, | |||
DOI 10.17487/RFC9000, May 2021, | DOI 10.17487/RFC9000, May 2021, | |||
<https://www.rfc-editor.org/info/rfc9000>. | <https://www.rfc-editor.org/info/rfc9000>. | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://www.rfc-editor.org/rfc/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | |||
Resource Identifier (URI): Generic Syntax", STD 66, | Resource Identifier (URI): Generic Syntax", STD 66, | |||
RFC 3986, DOI 10.17487/RFC3986, January 2005, | RFC 3986, DOI 10.17487/RFC3986, January 2005, | |||
<https://www.rfc-editor.org/rfc/rfc3986>. | <https://www.rfc-editor.org/info/rfc3986>. | |||
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
May 2017, <https://www.rfc-editor.org/rfc/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
[RFC8422] Nir, Y., Josefsson, S., and M. Pegourie-Gonnard, "Elliptic | [RFC8422] Nir, Y., Josefsson, S., and M. Pegourie-Gonnard, "Elliptic | |||
Curve Cryptography (ECC) Cipher Suites for Transport Layer | Curve Cryptography (ECC) Cipher Suites for Transport Layer | |||
Security (TLS) Versions 1.2 and Earlier", RFC 8422, | Security (TLS) Versions 1.2 and Earlier", RFC 8422, | |||
DOI 10.17487/RFC8422, August 2018, | DOI 10.17487/RFC8422, August 2018, | |||
<https://www.rfc-editor.org/info/rfc8422>. | <https://www.rfc-editor.org/info/rfc8422>. | |||
[RFC8470] Thomson, M., Nottingham, M., and W. Tarreau, "Using Early | [RFC8470] Thomson, M., Nottingham, M., and W. Tarreau, "Using Early | |||
Data in HTTP", RFC 8470, DOI 10.17487/RFC8470, September | Data in HTTP", RFC 8470, DOI 10.17487/RFC8470, September | |||
2018, <https://www.rfc-editor.org/rfc/rfc8470>. | 2018, <https://www.rfc-editor.org/info/rfc8470>. | |||
[TCP] Postel, J., "Transmission Control Protocol", STD 7, | [TCP] Postel, J., "Transmission Control Protocol", STD 7, | |||
RFC 793, DOI 10.17487/RFC793, September 1981, | RFC 793, DOI 10.17487/RFC0793, September 1981, | |||
<https://www.rfc-editor.org/rfc/rfc793>. | <https://www.rfc-editor.org/info/rfc793>. | |||
[TLS-ALPN] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [TLS-ALPN] Friedl, S., Popov, A., Langley, A., and E. Stephan, | |||
"Transport Layer Security (TLS) Application-Layer Protocol | "Transport Layer Security (TLS) Application-Layer Protocol | |||
Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | |||
July 2014, <https://www.rfc-editor.org/rfc/rfc7301>. | July 2014, <https://www.rfc-editor.org/info/rfc7301>. | |||
[TLS-ECDHE] | [TLS-ECDHE] | |||
Rescorla, E., "TLS Elliptic Curve Cipher Suites with SHA- | Rescorla, E., "TLS Elliptic Curve Cipher Suites with SHA- | |||
256/384 and AES Galois Counter Mode (GCM)", RFC 5289, | 256/384 and AES Galois Counter Mode (GCM)", RFC 5289, | |||
DOI 10.17487/RFC5289, August 2008, | DOI 10.17487/RFC5289, August 2008, | |||
<https://www.rfc-editor.org/rfc/rfc5289>. | <https://www.rfc-editor.org/info/rfc5289>. | |||
[TLS-EXT] Eastlake 3rd, D., "Transport Layer Security (TLS) | [TLS-EXT] Eastlake 3rd, D., "Transport Layer Security (TLS) | |||
Extensions: Extension Definitions", RFC 6066, | Extensions: Extension Definitions", RFC 6066, | |||
DOI 10.17487/RFC6066, January 2011, | DOI 10.17487/RFC6066, January 2011, | |||
<https://www.rfc-editor.org/rfc/rfc6066>. | <https://www.rfc-editor.org/info/rfc6066>. | |||
[TLS12] Dierks, T. and E. Rescorla, "The Transport Layer Security | [TLS12] Dierks, T. and E. Rescorla, "The Transport Layer Security | |||
(TLS) Protocol Version 1.2", RFC 5246, | (TLS) Protocol Version 1.2", RFC 5246, | |||
DOI 10.17487/RFC5246, August 2008, | DOI 10.17487/RFC5246, August 2008, | |||
<https://www.rfc-editor.org/rfc/rfc5246>. | <https://www.rfc-editor.org/info/rfc5246>. | |||
[TLS13] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [TLS13] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
<https://www.rfc-editor.org/rfc/rfc8446>. | <https://www.rfc-editor.org/info/rfc8446>. | |||
[TLSBCP] Sheffer, Y., Holz, R., and P. Saint-Andre, | [TLSBCP] Sheffer, Y., Holz, R., and P. Saint-Andre, | |||
"Recommendations for Secure Use of Transport Layer | "Recommendations for Secure Use of Transport Layer | |||
Security (TLS) and Datagram Transport Layer Security | Security (TLS) and Datagram Transport Layer Security | |||
(DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May | (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May | |||
2015, <https://www.rfc-editor.org/rfc/rfc7525>. | 2015, <https://www.rfc-editor.org/info/rfc7525>. | |||
12.2. Informative References | 12.2. Informative References | |||
[ALT-SVC] Nottingham, M., McManus, P., and J. Reschke, "HTTP | [ALT-SVC] Nottingham, M., McManus, P., and J. Reschke, "HTTP | |||
Alternative Services", RFC 7838, DOI 10.17487/RFC7838, | Alternative Services", RFC 7838, DOI 10.17487/RFC7838, | |||
April 2016, <https://www.rfc-editor.org/rfc/rfc7838>. | April 2016, <https://www.rfc-editor.org/info/rfc7838>. | |||
[BREACH] Gluck, Y., Harris, N., and A. Prado, "BREACH: Reviving the | [BREACH] Gluck, Y., Harris, N., and A. Prado, "BREACH: Reviving the | |||
CRIME Attack", 12 July 2013, | CRIME Attack", 12 July 2013, | |||
<https://breachattack.com/resources/ | <https://breachattack.com/resources/ | |||
BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf>. | BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf>. | |||
[DNS-TERMS] | [DNS-TERMS] | |||
Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | |||
Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, | Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, | |||
January 2019, <https://www.rfc-editor.org/rfc/rfc8499>. | January 2019, <https://www.rfc-editor.org/info/rfc8499>. | |||
[HTTP11] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | ||||
Ed., "HTTP/1.1", Work in Progress, Internet-Draft, draft- | ||||
ietf-httpbis-messaging-18, 18 August 2021, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | ||||
messaging-18>. | ||||
[I-D.ietf-httpbis-priority] | [HTTP-PRIORITY] | |||
Oku, K. and L. Pardue, "Extensible Prioritization Scheme | Oku, K. and L. Pardue, "Extensible Prioritization Scheme | |||
for HTTP", Work in Progress, Internet-Draft, draft-ietf- | for HTTP", RFC 9218, DOI 10.17487/RFC9218, June 2022, | |||
httpbis-priority-12, 17 January 2022, | <https://www.rfc-editor.org/info/rfc9218>. | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | ||||
priority-12>. | [HTTP/1.1] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
Ed., "HTTP/1.1", STD 99, RFC 9112, DOI 10.17487/RFC9112, | ||||
June 2022, <https://www.rfc-editor.org/info/rfc9112>. | ||||
[NFLX-2019-002] | [NFLX-2019-002] | |||
Netflix, "HTTP/2 Denial of Service Advisory", 13 August | Netflix, "HTTP/2 Denial of Service Advisory", 13 August | |||
2019, <https://github.com/Netflix/security- | 2019, <https://github.com/Netflix/security- | |||
bulletins/blob/master/advisories/third-party/2019-002.md>. | bulletins/blob/master/advisories/third-party/2019-002.md>. | |||
[PRIVACY] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., | [PRIVACY] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., | |||
Morris, J., Hansen, M., and R. Smith, "Privacy | Morris, J., Hansen, M., and R. Smith, "Privacy | |||
Considerations for Internet Protocols", RFC 6973, | Considerations for Internet Protocols", RFC 6973, | |||
DOI 10.17487/RFC6973, July 2013, | DOI 10.17487/RFC6973, July 2013, | |||
<https://www.rfc-editor.org/rfc/rfc6973>. | <https://www.rfc-editor.org/info/rfc6973>. | |||
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - | [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - | |||
Communication Layers", RFC 1122, DOI 10.17487/RFC1122, | Communication Layers", STD 3, RFC 1122, | |||
October 1989, <https://www.rfc-editor.org/rfc/rfc1122>. | DOI 10.17487/RFC1122, October 1989, | |||
<https://www.rfc-editor.org/info/rfc1122>. | ||||
[RFC3749] Hollenbeck, S., "Transport Layer Security Protocol | [RFC3749] Hollenbeck, S., "Transport Layer Security Protocol | |||
Compression Methods", RFC 3749, DOI 10.17487/RFC3749, May | Compression Methods", RFC 3749, DOI 10.17487/RFC3749, May | |||
2004, <https://www.rfc-editor.org/rfc/rfc3749>. | 2004, <https://www.rfc-editor.org/info/rfc3749>. | |||
[RFC6125] Saint-Andre, P. and J. Hodges, "Representation and | [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and | |||
Verification of Domain-Based Application Service Identity | Verification of Domain-Based Application Service Identity | |||
within Internet Public Key Infrastructure Using X.509 | within Internet Public Key Infrastructure Using X.509 | |||
(PKIX) Certificates in the Context of Transport Layer | (PKIX) Certificates in the Context of Transport Layer | |||
Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March | Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March | |||
2011, <https://www.rfc-editor.org/info/rfc6125>. | 2011, <https://www.rfc-editor.org/info/rfc6125>. | |||
[RFC6585] Nottingham, M. and R. Fielding, "Additional HTTP Status | [RFC6585] Nottingham, M. and R. Fielding, "Additional HTTP Status | |||
Codes", RFC 6585, DOI 10.17487/RFC6585, April 2012, | Codes", RFC 6585, DOI 10.17487/RFC6585, April 2012, | |||
<https://www.rfc-editor.org/rfc/rfc6585>. | <https://www.rfc-editor.org/info/rfc6585>. | |||
[RFC7323] Borman, D., Braden, B., Jacobson, V., and R. | [RFC7323] Borman, D., Braden, B., Jacobson, V., and R. | |||
Scheffenegger, Ed., "TCP Extensions for High Performance", | Scheffenegger, Ed., "TCP Extensions for High Performance", | |||
RFC 7323, DOI 10.17487/RFC7323, September 2014, | RFC 7323, DOI 10.17487/RFC7323, September 2014, | |||
<https://www.rfc-editor.org/rfc/rfc7323>. | <https://www.rfc-editor.org/info/rfc7323>. | |||
[RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext | [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext | |||
Transfer Protocol Version 2 (HTTP/2)", RFC 7540, | Transfer Protocol Version 2 (HTTP/2)", RFC 7540, | |||
DOI 10.17487/RFC7540, May 2015, | DOI 10.17487/RFC7540, May 2015, | |||
<https://www.rfc-editor.org/rfc/rfc7540>. | <https://www.rfc-editor.org/info/rfc7540>. | |||
[RFC8441] McManus, P., "Bootstrapping WebSockets with HTTP/2", | [RFC8441] McManus, P., "Bootstrapping WebSockets with HTTP/2", | |||
RFC 8441, DOI 10.17487/RFC8441, September 2018, | RFC 8441, DOI 10.17487/RFC8441, September 2018, | |||
<https://www.rfc-editor.org/rfc/rfc8441>. | <https://www.rfc-editor.org/info/rfc8441>. | |||
[RFC8740] Benjamin, D., "Using TLS 1.3 with HTTP/2", RFC 8740, | [RFC8740] Benjamin, D., "Using TLS 1.3 with HTTP/2", RFC 8740, | |||
DOI 10.17487/RFC8740, February 2020, | DOI 10.17487/RFC8740, February 2020, | |||
<https://www.rfc-editor.org/rfc/rfc8740>. | <https://www.rfc-editor.org/info/rfc8740>. | |||
[TALKING] Huang, L., Chen, E., Barth, A., Rescorla, E., and C. | [TALKING] Huang, L., Chen, E., Barth, A., Rescorla, E., and C. | |||
Jackson, "Talking to Yourself for Fun and Profit", 2011, | Jackson, "Talking to Yourself for Fun and Profit", 2011, | |||
<https://www.adambarth.com/papers/2011/huang-chen-barth- | <https://www.adambarth.com/papers/2011/huang-chen-barth- | |||
rescorla-jackson.pdf>. | rescorla-jackson.pdf>. | |||
Appendix A. Prohibited TLS 1.2 Cipher Suites | Appendix A. Prohibited TLS 1.2 Cipher Suites | |||
An HTTP/2 implementation MAY treat the negotiation of any of the | An HTTP/2 implementation MAY treat the negotiation of any of the | |||
following cipher suites with TLS 1.2 as a connection error | following cipher suites with TLS 1.2 as a connection error | |||
skipping to change at page 89, line 20 ¶ | skipping to change at line 4118 ¶ | |||
* TLS_PSK_WITH_AES_256_CCM_8 | * TLS_PSK_WITH_AES_256_CCM_8 | |||
| Note: This list was assembled from the set of registered TLS | | Note: This list was assembled from the set of registered TLS | |||
| cipher suites when [RFC7540] was developed. This list includes | | cipher suites when [RFC7540] was developed. This list includes | |||
| those cipher suites that do not offer an ephemeral key exchange | | those cipher suites that do not offer an ephemeral key exchange | |||
| and those that are based on the TLS null, stream, or block | | and those that are based on the TLS null, stream, or block | |||
| cipher type (as defined in Section 6.2.3 of [TLS12]). | | cipher type (as defined in Section 6.2.3 of [TLS12]). | |||
| Additional cipher suites with these properties could be | | Additional cipher suites with these properties could be | |||
| defined; these would not be explicitly prohibited. | | defined; these would not be explicitly prohibited. | |||
For more details, see Section 9.2.2 | For more details, see Section 9.2.2. | |||
Appendix B. Changes from RFC 7540 | Appendix B. Changes from RFC 7540 | |||
This revision includes the following substantive changes: | This revision includes the following substantive changes: | |||
* Use of TLS 1.3 was defined based on RFC 8740, which this document | * Use of TLS 1.3 was defined based on [RFC8740], which this document | |||
obsoletes. | obsoletes. | |||
* The priority scheme defined in RFC 7540 is deprecated. | * The priority scheme defined in RFC 7540 is deprecated. | |||
Definitions for the format of the PRIORITY frame and the priority | Definitions for the format of the PRIORITY frame and the priority | |||
fields in the HEADERS frame have been retained, plus the rules | fields in the HEADERS frame have been retained, plus the rules | |||
governing when PRIORITY frames can be sent and received, but the | governing when PRIORITY frames can be sent and received, but the | |||
semantics of these fields are only described in RFC 7540. The | semantics of these fields are only described in RFC 7540. The | |||
priority signaling scheme from RFC 7540 was not successful. Using | priority signaling scheme from RFC 7540 was not successful. Using | |||
the simpler successor signaling [I-D.ietf-httpbis-priority] is | the simpler signaling in [HTTP-PRIORITY] is recommended. | |||
recommended. | ||||
* The HTTP/1.1 Upgrade mechanism is deprecated and no longer | * The HTTP/1.1 Upgrade mechanism is deprecated and no longer | |||
specified in this document. It was never widely deployed, with | specified in this document. It was never widely deployed, with | |||
plaintext HTTP/2 users choosing to use the prior-knowledge | plaintext HTTP/2 users choosing to use the prior-knowledge | |||
implementation instead. | implementation instead. | |||
* Validation for field names and values has been narrowed. The | * Validation for field names and values has been narrowed. The | |||
validation that is mandatory for intermediaries is precisely | validation that is mandatory for intermediaries is precisely | |||
defined and error reporting for requests has been amended to | defined, and error reporting for requests has been amended to | |||
encourage sending 400-series status codes. | encourage sending 400-series status codes. | |||
* The ranges of codepoints for settings and frame types that were | * The ranges of codepoints for settings and frame types that were | |||
reserved for "Experimental Use" are now available for general use. | reserved for Experimental Use are now available for general use. | |||
* Connection-specific header fields - which are prohibited - are | * Connection-specific header fields -- which are prohibited -- are | |||
more precisely and comprehensively identified. | more precisely and comprehensively identified. | |||
* Host and :authority are no longer permitted to disagree. | * Host and ":authority" are no longer permitted to disagree. | |||
* Rules for sending Dynamic Table Size Update instructions after | * Rules for sending Dynamic Table Size Update instructions after | |||
changes in settings have been clarified in Section 4.3.1. | changes in settings have been clarified in Section 4.3.1. | |||
Editorial changes are also included. In particular, changes to | Editorial changes are also included. In particular, changes to | |||
terminology and document structure are in response to updates to core | terminology and document structure are in response to updates to core | |||
HTTP semantics [HTTP]. Those documents now include some concepts | HTTP semantics [HTTP]. Those documents now include some concepts | |||
that were first defined in RFC 7540, such as the 421 status code or | that were first defined in RFC 7540, such as the 421 status code or | |||
connection coalescing. | connection coalescing. | |||
Contributors | ||||
The previous version of this document was authored by Mike Belshe and | ||||
Roberto Peon. | ||||
Acknowledgments | Acknowledgments | |||
Credit for non-trivial input to this document is owed to a large | Credit for non-trivial input to this document is owed to a large | |||
number of people who have contributed to the HTTP working group over | number of people who have contributed to the HTTP Working Group over | |||
the years. [RFC7540] contains a more extensive list of people that | the years. [RFC7540] contains a more extensive list of people that | |||
deserve acknowledgment for their contributions. | deserve acknowledgment for their contributions. | |||
Contributors | ||||
Mike Belshe and Roberto Peon authored the text that this document is | ||||
based on. | ||||
Authors' Addresses | Authors' Addresses | |||
Martin Thomson (editor) | Martin Thomson (editor) | |||
Mozilla | Mozilla | |||
Australia | Australia | |||
Email: mt@lowentropy.net | Email: mt@lowentropy.net | |||
Cory Benfield (editor) | Cory Benfield (editor) | |||
Apple Inc. | Apple Inc. | |||
Email: cbenfield@apple.com | Email: cbenfield@apple.com | |||
End of changes. 239 change blocks. | ||||
565 lines changed or deleted | 548 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |