Network Working Group R. Polli Internet-Draft Team Digitale, Italian Government Intended status: Standards Track 9 March 2020 Expires: 10 September 2020 Retry-Scope header field draft-polli-retry-scope-00 Abstract This document defines the Retry-Scope header field for HTTP thus allowing a server to communicate the scope of the returned Retry- After header field. Note to Readers _RFC EDITOR: please remove this section before publication_ Discussion of this draft takes place on the HTTP working group mailing list (ietf-http-wg@w3.org), which is archived at https://lists.w3.org/Archives/Public/ietf-http-wg/ (https://lists.w3.org/Archives/Public/ietf-http-wg/). The source code and issues list for this draft can be found at https://github.com/ioggstream/draft-polli-Retry-Scope (https://github.com/ioggstream/draft-polli-Retry-Scope). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 10 September 2020. Polli Expires 10 September 2020 [Page 1] Internet-Draft Retry-Scope header field March 2020 Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 2. Header Specifications . . . . . . . . . . . . . . . . . . . . 3 2.1. Retry-Scope . . . . . . . . . . . . . . . . . . . . . . . 3 3. Security Considerations . . . . . . . . . . . . . . . . . . . 4 3.1. Role of intermediaries . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 4.1. Retry-Scope Header Field Registration . . . . . . . . . . 4 5. Normative References . . . . . . . . . . . . . . . . . . . . 4 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 5 FAQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction The Retry-After header defined in Section 7.1.3 of [SEMANTICS] allows a server to indicate how long the user agent ought to wait before making a follow-up request. While Retry-After applies to the issued request, it may be useful for the server to communicate to the user agent that the conditions that lead to returning Retry-After are broader in scope than a single request. This proposal allows a server to convey that scope in the Retry-Scope response header field, and ask the client to temporarily refrain from making other requests to the same resource, or even to all resources on the same server. Polli Expires 10 September 2020 [Page 2] Internet-Draft Retry-Scope header field March 2020 1.1. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. These words may also appear in this document in lower case as plain English words, absent their normative meanings. This document uses the Augmented BNF defined in [RFC5234] and updated by [RFC7405] along with the "#rule" extension defined in Section 7 of [MESSAGING] and the URI-reference rule defined in Section 2.7 of [MESSAGING]. The terms "intermediaries" and "target URI" are to be interpreted as described in [MESSAGING]. 2. Header Specifications The following header is defined 2.1. Retry-Scope The Retry-Scope response header field indicates that the conditions that lead to returning Retry-After are broader in scope than a single request. Retry-Scope = URI-reference Two examples of Retry-Scope: Retry-Scope: /books Retry-Scope: https://api.example/ A user agent receiving the Retry-Scope header field in conjunction with a Retry-After header field ought to wait before making further request to the resource identified by the Retry-Scope field value. This header MUST NOT be repeated; if a user agent receives multiple Retry-Scope header fields, then it SHOULD ignore them. Intermediaries aware of the Retry-Scope semantics (eg. reverse proxies) MAY modify the Retry-Scope in order to help the user agent to correctly identify the scope and ensure that the field value matches the target URI, like they would have done for the Location header field defined in Section 7.1.2 of [SEMANTICS]. Polli Expires 10 September 2020 [Page 3] Internet-Draft Retry-Scope header field March 2020 3. Security Considerations 3.1. Role of intermediaries An intermediary, by chance or purpose, might alter the scope of the Retry-Scope thus causing the user agent to refrain contacting other server resource. When the server originating the Retry-Scope is behind one or more intermediaries it is possible that the field value is not consistent with the target URI. 4. IANA Considerations 4.1. Retry-Scope Header Field Registration This section registers the "Retry-Scope" header field in the "Permanent Message Header Field Names" registry ([RFC3864]). Header field name: "Retry-Scope" Applicable protocol: http Status: standard Author/Change controller: IETF Specification document(s): Section 2.1 of this document 5. Normative References [MESSAGING] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, DOI 10.17487/RFC7230, June 2014, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration Procedures for Message Header Fields", BCP 90, RFC 3864, DOI 10.17487/RFC3864, September 2004, . Polli Expires 10 September 2020 [Page 4] Internet-Draft Retry-Scope header field March 2020 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, DOI 10.17487/RFC5234, January 2008, . [RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF", RFC 7405, DOI 10.17487/RFC7405, December 2014, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [SEMANTICS] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content", RFC 7231, DOI 10.17487/RFC7231, June 2014, . Appendix A. Acknowledgements This specification was born from a thread created by Martin Thomson, and the subsequent discussion. FAQ Q: Why not using link relations? This solution is simpler and was previously discussed here (https://github.com/httpwg/http-core/ pull/317#issuecomment-585868767). Change Log RFC EDITOR PLEASE DELETE THIS SECTION. Author's Address Roberto Polli Team Digitale, Italian Government Email: robipolli@gmail.com Polli Expires 10 September 2020 [Page 5]