MASQUE                                                       D. Schinazi
Internet-Draft                                                Google LLC
Intended status: Standards Track                               L. Pardue
Expires: 28 April 5 September 2022                                     Cloudflare
                                                         25 October 2021
                                                            4 March 2022

                       Using Datagrams with HTTP
                    draft-ietf-masque-h3-datagram-05
                    draft-ietf-masque-h3-datagram-06

Abstract

   The QUIC DATAGRAM extension provides application protocols running
   over QUIC with a mechanism to send unreliable data while leveraging
   the security and congestion-control properties of QUIC.  However,
   QUIC DATAGRAM frames do not provide a means to demultiplex
   application contexts.  This document describes how to use QUIC
   DATAGRAM frames when the application protocol running over QUIC is
   HTTP/3.  It associates datagrams with client-initiated bidirectional
   streams and defines an optional additional demultiplexing layer. HTTP/3 by association with HTTP requests.
   Additionally, this document defines how to the Capsule Protocol that can
   convey datagrams over prior versions of HTTP.

Discussion Venues

   This note is to be removed before publishing as an RFC.

   Discussion of this document takes place on the MASQUE WG mailing list
   (masque@ietf.org), which is archived at
   https://mailarchive.ietf.org/arch/browse/masque/.

   Source for this draft and an issue tracker can be found at
   https://github.com/ietf-wg-masque/draft-ietf-masque-h3-datagram.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 28 April 5 September 2022.

Copyright Notice

   Copyright (c) 2021 2022 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Conventions and Definitions . . . . . . . . . . . . . . .   4   3
   2.  Multiplexing  . . . . . . . . . . . . . . . . . . . . . . . .   4
     2.1.   3
   3.  HTTP/3 Datagram Contexts . Format  . . . . . . . . . . . . . . . . . . .   4
     2.2.  Datagram Formats  . . . . . . . . . . . . . . . . . . . .   5
     2.3.  Context ID Allocation . . . . . . . . . .
     3.1.  The H3_DATAGRAM HTTP/3 SETTINGS Parameter . . . . . . . .   5
   3.  HTTP/3 DATAGRAM Format  . . . . .
       3.1.1.  Note About Draft Versions . . . . . . . . . . . . . .   6
   4.  Capsules  . . . . . . . . . . . . . . . . . . . . . . . . . .   7   6
     4.1.  Capsule Protocol  . . . . . . . . . . . . . . . . . . . .   8   7
     4.2.  Requirements  .  Error Handling  . . . . . . . . . . . . . . . . . . . . .   9   8
     4.3.  Intermediary Processing . . . . .  The Capsule-Protocol Header Field . . . . . . . . . . . .   9   8
     4.4.  Capsule Types . . . . . . . . . . . . . . . . . . . . . .  10
       4.4.1.  The Datagram Registration Capsules  . . . . . . . . .  10
       4.4.2.  The Datagram Close DATAGRAM Capsule  . . . . . . . . . . . . .  11
       4.4.3.  The Datagram Capsules . . . . . . . . . . . . . . . .  13   9
   5.  The H3_DATAGRAM HTTP/3 SETTINGS Parameter . . . . . . . . . .  14
     5.1.  Note About Draft Versions . . . . . . . . . . . . . . . .  15
   6.  The Sec-Use-Datagram-Contexts HTTP Header . . . . . . . . . .  15
   7.  Prioritization  . . . . . . . . . . . . . . . . . . . . . . .  16
   8.  10
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  17
   9.  11
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  17
     9.1.  11
     7.1.  HTTP/3 SETTINGS Parameter . . . . . . . . . . . . . . . .  17
     9.2.  HTTP Header Field Name  . .  11
     7.2.  HTTP/3 Error Code . . . . . . . . . . . . . . .  17
     9.3.  Capsule Types . . . . .  11
     7.3.  HTTP Header Field Name  . . . . . . . . . . . . . . . . .  18
     9.4.  Datagram Format  12
     7.4.  Capsule Types . . . . . . . . . . . . . . . . . .  18
     9.5.  Context Close Codes . . . . . . . . . . . . . . . . . . .  19
   10.  12
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  20
     10.1.  13
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  20
     10.2.  13
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  21  14
   Appendix A.  Examples . . . . . . . . . . . . . . . . . . . . . .  21  14
     A.1.  CONNECT-UDP . . . . . . . . . . . . . . . . . . . . . . .  21  14
     A.2.  CONNECT-UDP with Delayed Timestamp Extension  . . . . . .  22
       A.2.1.  With Delay  . . . . . . . . . . . . . . . . . . . . .  22
     A.3.  Successful Optimistic . . . . . . . . . . . . . . . . . .  23
     A.4.  Optimistic but Unsupported  . . . . . . . . . . . . . . .  24
     A.5.  CONNECT-IP with IP compression  . . . . . . . . . . . . .  25
     A.6.  WebTransport  . . . . . . . . . . . . . . . . . . . . . .  26  15
   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .  27  16
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  27  16

1.  Introduction

   The QUIC DATAGRAM extension [DGRAM] provides application protocols
   running over QUIC [QUIC] with a mechanism to send unreliable data
   while leveraging the security and congestion-control properties of
   QUIC.  However, QUIC DATAGRAM frames do not provide a means to
   demultiplex application contexts.  This document describes how to use
   QUIC DATAGRAM frames when the application protocol running over QUIC
   is with HTTP/3 [H3].  It associates datagrams [H3] by association with client-initiated
   bidirectional streams and defines an optional additional
   demultiplexing layer. HTTP
   requests.  Additionally, this document defines how to the Capsule Protocol
   that can convey datagrams over prior versions of HTTP.

   This document is structured as follows:

   *  Section 2 presents core concepts for multiplexing across HTTP
      versions.

      -  Section 2.1 defines datagram contexts, an optional end-to-end
         multiplexing concept scoped to each HTTP request.  Whether
         contexts are in use is defined in Section 6.

      -  Section 2.2 defines datagram formats, which are scoped to
         contexts.  Formats communicate the format and encoding of
         datagrams sent using the associated context.

      -  Contexts are identified using a variable-length integer.
         Requirements for allocating identifier values are detailed in
         Section 2.3.

   *  Section 3 defines how QUIC DATAGRAM frames are used with HTTP/3.

      -  Section 5 3.1 defines an HTTP/3 setting that endpoints can use to
         advertise support of the frame.

   *  Section 4 introduces the Capsule Protocol and the "data stream"
      concept.  Data streams are initiated using special-purpose HTTP
      requests, after which Capsules, an end-to-end message, can be
      sent.

      -  The following  Section 4.4 defines Datagram Capsule types are defined, together types, along with guidance
         for defining specifying new types:

         o  Datagram registration capsules Section 4.4.1

         o  Datagram close capsule Section 4.4.2

         o  Datagram capsules Section 4.4.3 types.

1.1.  Conventions and Definitions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  Multiplexing

   All HTTP Datagrams are associated with an HTTP request.

   When running over HTTP/3, multiple exchanges of datagrams need the
   ability to coexist on a given QUIC connection.  To allow this, HTTP
   datagrams contain two layers of multiplexing.  First, the
   QUIC DATAGRAM frame payload starts with an encoded stream identifier
   that associates the datagram with a given QUIC request stream.  Second, datagrams
   optionally carry a context identifier (see Section 2.1) that allows
   multiplexing multiple datagram contexts related to a given HTTP
   request.  Conceptually, the first layer of multiplexing is per-hop,
   while the second is end-to-end.

   When running over HTTP/2, the first level of demultiplexing is provided by the HTTP/2
   framing layer.  When running over HTTP/1, requests are strictly
   serialized in the connection, therefore the
   first layer of demultiplexing is not needed.

2.1.  Datagram Contexts

   Within the scope of a given HTTP request, contexts provide an
   additional demultiplexing layer.  Contexts determine the encoding of
   datagrams, and can be used to implicitly convey metadata.  For
   example, contexts can be used for compression to elide some parts of
   the datagram: the context identifier then maps to a compression
   context that the receiver can use to reconstruct the elided data.

   While stream IDs are a per-hop concept, context IDs are an end-to-end
   concept.  In other words, if a datagram travels through one or more
   intermediaries on its way from client to server, the stream ID will
   most likely change from hop to hop, but the context ID will remain
   the same.  Context IDs are opaque to intermediaries.

   Contexts are OPTIONAL to implement for both endpoints.
   Intermediaries do not require any context-specific software to enable
   contexts.  When contexts are supported by the implementation, their
   use is optional and can be selected on each stream.  Endpoints inform
   their peer of whether they wish to use contexts via the Sec-Use-
   Datagram-Contexts HTTP header, see Section 6.

   When contexts are used, they are identified within the scope of a
   given request by a numeric value, referred to as the context ID.  A
   context ID is a 62-bit integer (0 to 2^62-1).

2.2.  Datagram Formats

   When an endpoint registers a datagram context (or the lack of
   contexts), it communicates the format (i.e., the semantics and
   encoding) of datagrams sent using this context.  This is
   acccomplished by sending a Datagram Format Type as part of the
   datagram registration capsule, see Section 4.4.1.  This type
   identifier is registered with IANA (see Section 9.4) and allows
   applications that use HTTP Datagrams to indicate what the content of
   datagrams are.  Registration capsules carry a Datagram Format
   Additional Data field which allows sending some additional
   information that would impact the format of datagrams.

   For example, a protocol which proxies IP packets can define a
   Datagram Format Type which represents an IP packet.  The
   corresponding Datagram Format Additional Data field would be empty.
   An extension to such a protocol that wishes to compress IP addresses
   could define a distinct Datagram Format Type and exchange two IP
   addresses via the Datagram Format Additional Data field.  Then any
   datagrams with that type would contain the IP packet with addresses
   elided.

2.3.  Context ID Allocation

   Implementations of HTTP Datagrams that support datagram contexts MUST
   provide a context ID allocation service.  That service will allow
   applications co-located with HTTP to request a unique context ID that
   they can subsequently use for their own purposes.  The HTTP
   implementation will then parse the context ID of incoming HTTP
   Datagrams and use it to deliver the frame to the appropriate
   application context.

   Even-numbered context IDs are client-initiated, while odd-numbered
   context IDs are server-initiated.  This means that an HTTP client
   implementation of the context ID allocation service MUST only provide
   even-numbered IDs, while a server implementation MUST only provide
   odd-numbered IDs.  Note that, once allocated, any context ID can be
   used by both client and server - only allocation carries separate
   namespaces to avoid requiring synchronization.  Additionally, note
   that the context ID namespace is tied to a given HTTP request: it is
   possible for the same numeral context ID to be used simultaneously in
   distinct requests.

3.  HTTP/3 DATAGRAM Datagram Format

   When used with HTTP/3, the Datagram Data field of QUIC DATAGRAM
   frames uses the following format (using the notation from the
   "Notational Conventions" section of [QUIC]):

   HTTP/3 Datagram {
     Quarter Stream ID (i),
     [Context ID (i)],
     HTTP Datagram Payload (..),
   }

                      Figure 1: HTTP/3 DATAGRAM Format

   Quarter Stream ID:  A variable-length integer that contains the value
      of the client-initiated bidirectional stream that this datagram is
      associated with, divided by four (the division by four stems from
      the fact that HTTP requests are sent on client-initiated
      bidirectional streams, and those have stream IDs that are
      divisible by four).  The largest legal QUIC stream ID value is
      2^62-1, so the largest legal value of Quarter Stream ID is 2^62-1
      / 4. 2^60-1.
      Receipt of a frame that includes a larger value MUST be treated as a
      an HTTP/3 connection error of type FRAME_ENCODING_ERROR.

   Context ID:  A variable-length integer indicating the context ID of
      the datagram (see Section 2.1).  Whether or not this field is
      present depends on whether datagram contexts are in use on this
      stream, see Section 6.  If this QUIC DATAGRAM frame is reordered
      and arrives before the receiver knows whether datagram contexts
      are in use on this stream, then the receiver cannot parse this
      datagram and the receiver MUST either drop that datagram silently
      or buffer it temporarily. H3_DATAGRAM_ERROR.

   HTTP Datagram Payload:  The payload of the datagram, whose semantics
      are defined by individual applications.  Note that this field can
      be empty.

   Intermediaries parse the Quarter Stream ID field in order to
   associate the QUIC DATAGRAM frame with a stream.  If an intermediary
   receives a QUIC DATAGRAM frame whose payload is too short to allow
   parsing the Quarter Stream ID field, the intermediary MUST treat it
   as an HTTP/3 connection error

   Receipt of type H3_GENERAL_PROTOCOL_ERROR.  The
   Context ID field is optional and whether it is present or not is
   decided end-to-end by the endpoints, see Section 6.  Therefore
   intermediaries cannot know whether the Context ID field is present or
   absent and they MUST ignore any HTTP/3 Datagram fields after the
   Quarter Stream ID.

   Endpoints parse both the Quarter Stream ID field and the Context ID
   field in order to associate the QUIC DATAGRAM frame with a stream and
   context within that stream.  If an endpoint receives a QUIC DATAGRAM frame whose payload is too short to allow
   parsing the Quarter Stream ID field, the endpoint field MUST treat it be treated as an HTTP/3
   connection error of type H3_GENERAL_PROTOCOL_ERROR.  If an endpoint receives a QUIC
   DATAGRAM frame whose payload is long enough to allow parsing the
   Quarter Stream ID field but too short to allow parsing the Context ID
   field, the endpoint MUST abruptly terminate the corresponding stream
   with a stream error of type H3_GENERAL_PROTOCOL_ERROR. H3_DATAGRAM_ERROR.

   Endpoints MUST NOT send HTTP/3 datagrams unless the corresponding
   stream's send side is open.  On a given endpoint, once the receive
   side of a stream is closed, incoming datagrams for this stream are no
   longer expected so the endpoint can release related state.  Endpoints
   MAY keep state for a short time to account for reordering.  Once the
   state is released, the endpoint MUST silently drop received
   associated datagrams.

   If an HTTP/3 datagram is received and its Quarter Stream ID maps to a
   stream that has not yet been created, the receiver SHALL either drop
   that datagram silently or buffer it temporarily (on the order of a
   round trip) while awaiting the creation of the corresponding stream.

   If an HTTP/3 datagram is received and its Quarter Stream ID maps to a
   stream that cannot be created due to client-initiated bidirectional
   stream limits, it SHOULD be treated as an HTTP/3 connection error of
   type H3_ID_ERROR.  Generating an error is not mandatory in this case
   because HTTP/3 implementations might have practical barriers to
   determining the active stream concurrency limit that is applied by
   the QUIC layer.

   HTTP/3 datagrams MUST only be sent with an association to a stream
   that supports semantics for HTTP Datagrams.  For example, existing
   HTTP methods GET and POST do not define semantics for associated HTTP
   Datagrams; therefore, HTTP/3 datagrams cannot be sent associated with
   GET or POST request streams.  If an endpoint receives an HTTP/3
   datagram associated with a method that has no known semantics for
   HTTP Datagrams, it MUST abort the corresponding stream with
   H3_DATAGRAM_ERROR.  Future extensions MAY remove these requirements
   if they define semantics for such HTTP Datagrams and negotiate mutual
   support.

3.1.  The H3_DATAGRAM HTTP/3 SETTINGS Parameter

   Implementations of HTTP/3 that support HTTP Datagrams can indicate
   that to their peer by sending the H3_DATAGRAM SETTINGS parameter with
   a value of 1.  The value of the H3_DATAGRAM SETTINGS parameter MUST
   be either 0 or 1.  A value of 0 indicates that HTTP Datagrams are not
   supported.  An endpoint that receives the H3_DATAGRAM SETTINGS
   parameter with a value that is neither 0 or 1 MUST terminate the
   connection with error H3_SETTINGS_ERROR.

   Endpoints MUST NOT send QUIC DATAGRAM frames until they have both
   sent and received the H3_DATAGRAM SETTINGS parameter with a value of
   1.

   When clients use 0-RTT, they MAY store the value of the server's
   H3_DATAGRAM SETTINGS parameter.  Doing so allows the client to send
   QUIC DATAGRAM frames in 0-RTT packets.  When servers decide to accept
   0-RTT data, they MUST send a H3_DATAGRAM SETTINGS parameter greater
   than or equal to the value they sent to the client in the connection
   where they sent them the NewSessionTicket message.  If a client
   stores the value of the H3_DATAGRAM SETTINGS parameter with their
   0-RTT state, they MUST validate that the new value of the H3_DATAGRAM
   SETTINGS parameter sent by the server in the handshake is greater
   than or equal to the stored value; if not, the client MUST terminate
   the connection with error H3_SETTINGS_ERROR.  In all cases, the
   maximum permitted value of the H3_DATAGRAM SETTINGS parameter is 1.

   It is RECOMMENDED that implementations that support receiving HTTP
   Datagrams using QUIC always send the H3_DATAGRAM SETTINGS parameter
   with a value of 1, even if the application does not intend to use
   HTTP Datagrams.  This helps to avoid "sticking out"; see Section 6.

3.1.1.  Note About Draft Versions

   [[RFC editor: please remove this section before publication.]]

   Some revisions of this draft specification use a different value (the
   Identifier field of a Setting in the HTTP/3 SETTINGS frame) for the
   H3_DATAGRAM Settings Parameter.  This allows new draft revisions to
   make incompatible changes.  Multiple draft versions MAY be supported
   by either endpoint in a connection.  Such endpoints MUST send
   multiple values for H3_DATAGRAM.  Once an endpoint has sent and
   received SETTINGS, it MUST compute the intersection of the values it
   has sent and received, and then it MUST select and use the most
   recent draft version from the intersection set.  This ensures that
   both endpoints negotiate the same draft version.

4.  Capsules

   This specification introduces the Capsule Protocol.  The Capsule
   Protocol is a sequence of type-length-value tuples that new HTTP
   Upgrade Tokens (see Section 16.7 of [HTTP]) can choose to use.  It
   allows endpoints to reliably communicate request-related information end-to-
   end,
   end-to-end on HTTP request streams, even in the presence of HTTP
   intermediaries.

4.1.  The Capsule Protocol can be used to exchange HTTP
   Datagrams when HTTP is running over a transport that does not support
   the QUIC DATAGRAM frame.

   This specification defines the "data stream" of an HTTP request as
   the bidirectional stream of bytes that follow the headers in both
   directions.  In HTTP/1.x, the data stream consists of all bytes on
   the connection that follow the blank line that concludes either the
   request header section, or the 2xx (Successful) response header
   section.  (Note that only a single HTTP request starting the capsule
   protocol can be sent on HTTP/1.x connections.)  In HTTP/2 and HTTP/3,
   the data stream of a given HTTP request consists of all bytes sent in
   DATA frames with the corresponding stream ID.  The concept of a data
   stream is particularly relevant for methods such as CONNECT where
   there is no HTTP message content after the headers.

   Definitions

   Note that use of the Capsule Protocol is not required to use HTTP
   Datagrams.  If a new HTTP Upgrade Token is only defined over
   transports that support QUIC DATAGRAM frames, they might not need a
   stream encoding.  Additionally, definitions of new HTTP Methods or Upgrade
   Tokens can use HTTP Datagrams with their own data stream protocol.

   However, new HTTP Upgrade Tokens that wish to use HTTP Datagrams
   SHOULD use the Capsule Protocol unless they have a good reason not
   to.

4.1.  Capsule Protocol

   Definitions of new HTTP Upgrade Tokens can state that their data
   stream uses the Capsule Protocol.  If they do so, that means that the
   contents of their data stream uses the following format (using the
   notation from the "Notational Conventions" section of [QUIC]):

   Capsule Protocol {
     Capsule (..) ...,
   }

                  Figure 2: Capsule Protocol Stream Format

   Capsule {
     Capsule Type (i),
     Capsule Length (i),
     Capsule Value (..),
   }

                          Figure 3: Capsule Format

   Capsule Type:  A variable-length integer indicating the Type of the
      capsule.  Endpoints that receive a capsule with an unknown Capsule
      Type MUST silently skip over that capsule.

   Capsule Length:  The length of the Capsule Value field following this
      field, encoded as a variable-length integer.  Note that this field
      can have a value of zero.

   Capsule Value:  The payload of this capsule.  Its semantics are
      determined by the value of the Capsule Type field.

4.2.  Requirements

   If the definition of an HTTP Method

   Because new protocols or HTTP Upgrade Token states that
   it uses the extensions may involve defining new capsule protocol, its implementations MUST follow the
   following requirements:

   *  A server MUST NOT send any Transfer-Encoding or Content-Length
      header fields in a 2xx (Successful) response.  If a client
      receives a Content-Length or Transfer-Encoding header fields in a
      successful response, it MUST treat
   types, intermediaries that response as malformed.

   *  A request message does not have content.

   *  A successful response message does not have content.

   *  Responses are not cacheable.

4.3.  Intermediary Processing

   Intermediaries MUST operate in one of the two following modes:

   Pass-through mode:  In wish to allow for future extensibility
   SHOULD forward capsules unmodified.  One exception to this mode, rule is
   the DATAGRAM capsule; see Section 4.4.  An intermediary forwards can identify
   the data
      stream between two associated streams without any modification use of the data stream.

   Participant mode:  In this mode, capsule protocol either through the intermediary terminates presence of the data
      stream and parses all Capsule Type and Capsule Length fields it
      receives.

   Each Capsule Type determines whether it is opaque or transparent to
   intermediaries in participant mode: opaque capsules are forwarded
   unmodified while transparent ones can be parsed, added,
   Capsule-Protocol header field (Section 4.3) or removed by
   intermediaries.  Intermediaries MAY modify understanding the contents of
   chosen HTTP Upgrade token.  An intermediary that identifies the
   Capsule Data field use
   of transparent the capsule types.

   Unless otherwise specified, all Capsule Types are defined as opaque
   to intermediaries.  Intermediaries MUST forward all received opaque
   CAPSULE frames in their unmodified entirety.  Intermediaries MUST NOT
   send any opaque CAPSULE protocol MAY convert between DATAGRAM capsules and
   QUIC DATAGRAM frames other than the ones it is when forwarding.
   All Capsule Types defined in this document are opaque, with the
   exception of the datagram capsules, see Section 4.4.3.  Definitions of new Capsule
   Types MAY specify that the newly introduced type is
   transparent.  Intermediaries MUST treat unknown Capsule Types as
   opaque.

   Intermediaries respect the order of opaque CAPSULE frames: if an optional custom intermediary receives two opaque CAPSULE frames in a given order, it
   MUST forward them in the same order. processing.

   Endpoints which receive a Capsule with an unknown Capsule Type MUST
   silently drop that Capsule.

4.4.  Capsule Types

4.4.1.  The Datagram Registration Capsules

   This document defines the REGISTER_DATAGRAM and
   REGISTER_DATAGRAM_CONTEXT capsules types, known collectively as the
   datagram registration capsules (see Section 9.3 for the value

   By virtue of the
   capsule types).  The REGISTER_DATAGRAM capsule is used by endpoints
   to inform their peer definition of the encoding and semantics of all datagrams
   associated with a stream.  The REGISTER_DATAGRAM_CONTEXT capsule is
   used by endpoints to inform their peer of data stream, the encoding and semantics
   of all datagrams associated with a given context ID on this stream.

   Datagram Registration Capsule {
     Type (i) = REGISTER_DATAGRAM or REGISTER_DATAGRAM_CONTEXT,
     Length (i),
     [Context ID (i)],
     Datagram Format Type (i),
     Datagram Format Additional Data (..),
   }

             Figure 4: REGISTER_DATAGRAM_CONTEXT Capsule Format

   Context ID:  A variable-length integer indicating the context ID to
      register (see Section 2.1).  This field Protocol
   is present in
      REGISTER_DATAGRAM_CONTEXT capsules but not in REGISTER_DATAGRAM
      capsules.  If a REGISTER_DATAGRAM capsule is used use on responses unless the response includes a stream
      where datagram contexts are in use, it is associated 2xx
   (Successful) status code.

   The Capsule Protocol MUST NOT be used with context
      ID 0.  REGISTER_DATAGRAM_CONTEXT capsules messages that contain
   Content-Length, Content-Type, or Transfer-Encoding header fields.
   Additionally, HTTP status codes 204 (No Content), 205 (Reset
   Content), and 206 (Partial Content) MUST NOT carry context
      ID 0 as be sent on responses
   that context ID is conveyed using use the REGISTER_DATAGRAM
      capsule.

   Datagram Format Type:  A variable-length integer that defines Capsule Protocol.

4.2.  Error Handling

   When an error occurs processing the
      semantics and encoding of capsule protocol, the HTTP Datagram Payload field receiver
   MUST treat the message as malformed or incomplete, according to the
   underlying transport protocol.  For HTTP/3, the handling of
      datagrams with this context ID, see malformed
   messages is described in Section 2.2.

   Datagram Format Additional Data:  This field carries additional
      information that impact 4.1.3 of [H3].  For HTTP/2, the format
   handling of datagrams with this context
      ID, see malformed messages is described in Section 2.2.

   Note that these registrations are unilateral and bidirectional: the
   sender 8.1.1 of [H2].
   For HTTP/1.1, the capsule unilaterally defines the semantics it will
   apply to the datagrams it sends and receives using this context ID.
   Once a context ID handling of incomplete messages is registered, it can be used described in both directions.

   Endpoints
   Section 8 of [H1].

   Each capsule's payload MUST NOT send HTTP Datagrams until they have either sent contain exactly the fields identified in
   its description.  A capsule payload that contains additional bytes
   after the identified fields or
   received a datagram registration capsule with payload that terminates
   before the same Context ID.
   However, reordering can cause HTTP Datagrams to be received with an
   unknown Context ID.  Receipt end of such HTTP datagrams the identified fields MUST NOT be treated as an error.  Endpoints SHALL drop the HTTP Datagram
   silently, or buffer it temporarily while awaiting the corresponding
   datagram registration capsule.  Intermediaries SHALL drop the HTTP
   Datagram silently, MAY buffer it, a
   malformed or forward it on immediately.

   Endpoints incomplete message.  In particular, redundant length
   encodings MUST NOT register the same Context ID twice on the same
   stream.  This also applies be verified to Context IDs that have been closed using
   a CLOSE_DATAGRAM_CONTEXT capsule.  Clients MUST NOT register server-
   initiated Context IDs and servers MUST NOT register client-initiated
   Context IDs.  If an endpoint receives be self-consistent.

   When a REGISTER_DATAGRAM_CONTEXT
   capsule that violates one or more of these requirements, stream carrying capsules terminates cleanly, if the endpoint
   MUST abruptly terminate last
   capsule on the corresponding stream with was truncated, this MUST be treated as a stream error
   of type H3_GENERAL_PROTOCOL_ERROR.

   If datagrams contexts are not in use,
   malformed or incomplete message.

4.3.  The Capsule-Protocol Header Field

   This document defines the client "Capsule-Protocol" header field.  It is responsible for
   choosing the datagram format and informing the server via a
   REGISTER_DATAGRAM capsule.  Servers an
   Item Structured Field, see Section 3.3 of [STRUCT-FIELD]; its value
   MUST NOT send the
   REGISTER_DATAGRAM capsule.  If a client receives be a REGISTER_DATAGRAM
   capsule, Boolean.  Its ABNF is:

   Capsule-Protocol = sf-item
   Endpoints indicate that the client MUST abruptly terminate Capsule Protocol is in use on the corresponding data
   stream by sending the Capsule-Protocol header field with a stream error of type H3_GENERAL_PROTOCOL_ERROR.

4.4.2.  The Datagram Close Capsule

   The CLOSE_DATAGRAM_CONTEXT capsule (see Section 9.3 for the value of
   the capsule type) allows an endpoint to inform its peer that it will
   no longer send or parse received datagrams associated
   ?1.  A Capsule-Protocol header field with a given
   context ID.

   CLOSE_DATAGRAM_CONTEXT Capsule {
     Type (i) = CLOSE_DATAGRAM_CONTEXT,
     Length (i),
     Context ID (i),
     Close Code (i),
     Close Details (..),
   }

              Figure 5: CLOSE_DATAGRAM_CONTEXT Capsule Format

   Context ID:  The context ID to close.

   Close Code:  The close code allows an endpoint to provide additional
      information as to why a datagram context was closed.
      Section 4.4.2.1 defines a set of codes, the circumstances under
      which an implementation sends them, and how receivers react.

   Close Details:  This is meant for debugging purposes.  It consists of
      a human-readable string encoded in UTF-8.

   Note that this close is unilateral and bidirectional: the sender value of ?0 has the frame unilaterally informs its peer of same
   semantics as when the closure.  Endpoints
   can use CLOSE_DATAGRAM_CONTEXT capsules to close a context that was
   initially registered by either themselves, or by their peer.
   Endpoints header is not present.  Intermediaries MAY use the CLOSE_DATAGRAM_CONTEXT capsule to immediately
   reject a context that was just registered using a
   REGISTER_DATAGRAM_CONTEXT capsule if they find its Datagram Format
   Type
   this header field to be unacceptable.

   After an endpoint has either sent or received a
   CLOSE_DATAGRAM_CONTEXT frame, it MUST NOT send any allow processing of HTTP Datagrams
   with that Context ID.  However, due to reordering, an endpoint that
   receives an for unknown
   HTTP Datagram with a closed Context ID MUST NOT treat it
   as an error, it SHALL instead drop the Upgrade Tokens; note that this is only possible for HTTP Datagram silently.

   Endpoints Upgrade
   or Extended CONNECT.

   The Capsule-Protocol header field MUST NOT close be sent multiple times on
   a Context ID that was not previously
   registered.  Endpoints message.  The Capsule-Protocol header field MUST NOT close a Context ID that has already
   been closed.  If an endpoint receives a CLOSE_DATAGRAM_CONTEXT
   capsule that violates one or more of these requirements, the endpoint
   MUST abruptly terminate the corresponding stream be used on
   HTTP responses with a stream error
   of type H3_GENERAL_PROTOCOL_ERROR.

4.4.2.1.  Close Codes

   Close codes are intended to allow implementations to react
   differently when they receive them - for example, some close codes
   require the receiver to not open another context under certain
   conditions. status code different from 2xx (Successful).
   This specification defines the close codes below.  Their numeric
   values are in Section 9.5.  Extensions to this mechanism MAY does not define
   new close codes and they SHOULD state how receivers react to them.

   NO_ERROR:  This indicates that a context was closed without any
      action specified parameters for the receiver.

   UNKNOWN_FORMAT:  This indicates that the sender does not know how to
      interpret the datagram format type associated with this context.
      The endpoint that had originally registered this context Capsule-
   Protocol header field value, but future documents MAY define
   parameters.  Receivers MUST NOT
      try to register another context with the same datagram format type
      on this stream.

   DENIED:  This indicates that the sender has rejected the context
      registration based on its local policy.  The endpoint ignore unknown parameters.

   Definitions of new HTTP Upgrade Tokens that had
      originally registered this context MUST NOT try to register
      another context with use the same datagram format type and datagram
      format data on this stream.

   RESOURCE_LIMIT:  This indicates that Capsule Protocol
   MAY use the context was closed Capsule-Protocol header field to save
      resources.  The recipient SHOULD limit its future registration of
      resource-intensive contexts.

   Receipt of an unknown close code MUST be treated as if the NO_ERROR
   code was present.  Close codes are registered with IANA, see
   Section 9.5.

4.4.3. simplify intermediary
   processing.

4.4.  The Datagram Capsules DATAGRAM Capsule

   This document defines the DATAGRAM and DATAGRAM_WITH_CONTEXT capsules
   types, known collectively as the datagram capsules capsule type (see Section 9.3 7.4 for
   the value of the capsule types).  These capsules allow type).  This capsule allows an endpoint to
   send a datagram frame over an HTTP stream. Datagram on a stream using the Capsule Protocol.  This
   is particularly useful when using a version of HTTP is running over a transport that
   does not support the QUIC DATAGRAM frames. frame.

   Datagram Capsule {
     Type (i) = DATAGRAM or DATAGRAM_WITH_CONTEXT, DATAGRAM,
     Length (i),
     [Context ID (i)],
     HTTP Datagram Payload (..),
   }

                     Figure 6: 4: DATAGRAM Capsule Format

   Context ID:  A variable-length integer indicating the context ID of
      the datagram (see Section 2.1).  This field is present in
      DATAGRAM_WITH_CONTEXT capsules but not in DATAGRAM capsules.  If a
      DATAGRAM capsule is used on a stream where datagram contexts are
      in use, it is associated with context ID 0.  DATAGRAM_WITH_CONTEXT
      capsules MUST NOT carry context ID 0 as that context ID is
      conveyed using the DATAGRAM capsule.

   HTTP Datagram Payload:  The payload of the datagram, whose semantics
      are defined by individual applications.  Note that this field can
      be empty.

   Datagrams sent using the datagram DATAGRAM capsule have the exact same semantics as
   datagrams sent in QUIC DATAGRAM frames.  In particular, the
   restrictions on when it is allowed to send an HTTP Datagram and how
   to process them from Section 3 also apply to HTTP Datagrams sent and
   received using the datagram capsules.

   The datagram capsules are transparent to intermediaries, meaning that
   intermediaries MAY parse them and send datagram capsules that they
   did not receive.  This allows an DATAGRAM capsule.

   An intermediary to can reencode HTTP Datagrams as it forwards them: in them.  In
   other words, an intermediary MAY send a datagram DATAGRAM capsule to forward
   an HTTP Datagram which was received in a QUIC DATAGRAM frame, and
   vice versa.

   Note that while datagram DATAGRAM capsules that are sent on a stream, stream are
   reliably delivered in order, intermediaries can reencode HTTP Datagrams DATAGRAM
   capsules into QUIC DATAGRAM frames
   over the next hop, and those when forwarding messages, which
   could be dropped.  Because of this,
   applications have to always consider HTTP Datagrams to be unreliable,
   even if they were initially sent result in a capsule. loss or reordering.

   If an intermediary receives an HTTP Datagram in a QUIC DATAGRAM frame
   and is forwarding it on a connection that supports QUIC DATAGRAM
   frames, the intermediary SHOULD NOT convert that HTTP Datagram to a
   DATAGRAM capsule.  If the HTTP Datagram is too large to fit in a
   DATAGRAM frame (for example because the path MTU of that QUIC
   connection is too low or if the maximum UDP payload size advertised
   on that connection is too low), the intermediary SHOULD drop the HTTP
   Datagram instead of converting it to a DATAGRAM capsule.  This
   preserves the end-to-end unreliability characteristic that methods
   such as Datagram Packetization Layer Path MTU Discovery (DPLPMTUD)
   depend on [RFC8899]. [DPLPMTUD].  An intermediary that converts QUIC DATAGRAM
   frames to datagram DATAGRAM capsules allows HTTP Datagrams to be arbitrarily
   large without suffering any loss; this can misrepresent the true path
   properties, defeating methods such a as DPLPMTUD.

5.  The H3_DATAGRAM HTTP/3 SETTINGS Parameter

   Implementations of HTTP/3 that support HTTP Datagrams can indicate
   that to their peer by sending the H3_DATAGRAM SETTINGS parameter with
   a value of 1.  The value of the H3_DATAGRAM SETTINGS parameter MUST
   be either 0 or 1.  A value of 0 indicates that HTTP Datagrams are not
   supported.  An endpoint that receives the H3_DATAGRAM SETTINGS
   parameter with a value that is neither 0 or 1 MUST terminate the
   connection with error H3_SETTINGS_ERROR.

   Endpoints MUST NOT send QUIC DATAGRAM frames until they have both
   sent and received the H3_DATAGRAM SETTINGS parameter with a value of
   1.

   When clients use 0-RTT, they MAY store the value of the server's
   H3_DATAGRAM SETTINGS parameter.  Doing so allows the client to send
   QUIC

   While DATAGRAM frames in 0-RTT packets.  When servers decide to accept
   0-RTT data, they MUST send a H3_DATAGRAM SETTINGS parameter greater
   than or equal to the value they sent to the client in the connection
   where they sent them the NewSessionTicket message.  If a client
   stores the value of the H3_DATAGRAM SETTINGS parameter with their
   0-RTT state, they MUST validate that the new value of the H3_DATAGRAM
   SETTINGS parameter sent by the server in the handshake is greater
   than or equal to the stored value; if not, the client MUST terminate
   the connection with error H3_SETTINGS_ERROR.  In all cases, the
   maximum permitted value of the H3_DATAGRAM SETTINGS parameter is 1.

5.1.  Note About Draft Versions

   [[RFC editor: please remove this section before publication.]]

   Some revisions of this draft specification use a different value (the
   Identifier field of a Setting in the HTTP/3 SETTINGS frame) for the
   H3_DATAGRAM Settings Parameter.  This allows new draft revisions to
   make incompatible changes.  Multiple draft versions MAY be supported
   by either endpoint in capsules can theoretically carry a connection.  Such endpoints MUST send
   multiple values for H3_DATAGRAM.  Once an endpoint has sent and
   received SETTINGS, it MUST compute the intersection payload of the values it
   has sent and received, and then it MUST select and use the length
   2^62-1, most
   recent draft version from the intersection set.  This ensures that
   both endpoints negotiate the same draft version.

6.  The Sec-Use-Datagram-Contexts HTTP Header

   Endpoints indicate applications will have their support for datagram contexts by sending the
   Sec-Use-Datagram-Contexts header with a value of ?1.  If the header
   is missing or has a value different from ?1, that indicates that its
   sender does not wish to use datagram contexts.  Endpoints that wish
   to use datagram contexts SHALL send the Sec-Use-Datagram-Contexts
   header with a value of ?1 on requests and responses that use the
   capsule protocol.

   "Sec-Use-Datagram-Contexts" is an Item Structured Header [RFC8941].
   Its value MUST be a Boolean, its ABNF is:

   Sec-Use-Datagram-Contexts = sf-boolean

   The REGISTER_DATAGRAM_CONTEXT, DATAGRAM_WITH_CONTEXT, and
   CLOSE_DATAGRAM_CONTEXT capsules as refered to as context-related
   capsules.  Endpoints which do not wish to use contexts MUST NOT send
   context-related capsules, and MUST silently ignore any received
   context-related capsules.

   Both endpoints unilaterally decide whether they wish to use datagram
   contexts own limits on a given stream.  Contexts what datagran
   payload sizes are used on a given stream if
   and only practical.  Implementations SHOULD take those
   limits into account when parsing DATAGRAM capsules: if both endpoints indicate they wish to use them on this
   stream.  Once an endpoint incoming
   DATAGRAM capsule has received the HTTP request or response,
   it knows whether datagram contexts are in use on this stream or not.

   Conceptually, when datagram contexts are not in use on a stream, all
   datagrams use context ID 0, which is client-initiated.  This means
   that the client chooses the datagram format for all datagrams when
   datagram contexts are not in use.

   If datagram contexts are not in use on a stream, endpoints MUST NOT
   send context-related capsules to the peer on that stream.  Clients
   MAY optimistically send context-related capsules before learning
   whether the server wishes to support datagram contexts or not.

   This allows a client to optimistically use extensions length that rely on
   datagram contexts without knowing a priori whether the server
   supports them, and without incurring a latency cost to negotiate
   extension support.  In this scenario, the client would send its
   request with the Sec-Use-Datagram-Contexts header set to ?1, and
   register two datagram contexts: the main context would use context ID
   0 and the extension context would use context ID 2.  The client then
   sends a REGISTER_DATAGRAM capsule to register the main context, and a
   REGISTER_DATAGRAM_CONTEXT to register the extension context.  The
   client can then immediately send DATAGRAM capsules to send main
   datagrams and DATAGRAM_WITH_CONTEXT capsules to send extension
   datagrams.

   *  If the server wishes is known to use datagram contexts, it will set Sec-
      Use-Datagram-Contexts be so large as to ?1 on its response and correctly parse
      all the received capsules.

   *  If the server does not wish to use datagram contexts (for example
      if
   be usable, the server implementation does not support them), it will not
      set Sec-Use-Datagram-Contexts to ?1 on its response.  It will then
      parse SHOULD discard the REGISTER_DATAGRAM and DATAGRAM capsules capsule without datagram
      contexts being in use on this stream, and parse the main datagrams
      correctly while silently dropping the extension datagrams.  Once
      the client receives the server's response, it will know datagram
      contexts are not in use, and then will be able to send HTTP
      Datagrams via the QUIC DATAGRAM frame.

   Extensions MAY define a different mechanism to communicate whether
   contexts are in use, and they MAY do so in a way which is opaque to
   intermediaries.

7.
   buffering its contents into memory.

5.  Prioritization

   Data streams (see Section 4.1) can be prioritized using any means
   suited to stream or request prioritization.  For example, see
   Section 11 of [PRIORITY].

   Prioritization of HTTP/3 datagrams is not defined in this document.
   Future extensions MAY define how to prioritize datagrams, and MAY
   define signaling to allow endpoints to communicate their
   prioritization preferences.

8.

6.  Security Considerations

   Since this feature transmitting HTTP Datagrams using QUIC DATAGRAM frames requires
   sending an HTTP/3 Settings parameter, it "sticks out".  In other
   words, probing clients can learn whether a server supports this feature.  Implementations HTTP
   Datagrams over QUIC DATAGRAM frames.  As some servers might wish to
   obfuscate the fact that they offer application services that use HTTP
   datagrams, it's best for all implementations that support this
   feature SHOULD to always send this Settings parameter to avoid leaking parameter, see Section 3.1.

   Since use of the fact that there are applications using HTTP/3 datagrams enabled
   on this endpoint.

9. Capsule Protocol is restricted to new HTTP Upgrade
   Tokens, it is not accessible from Web Platform APIs (such as those
   commonly accessed via JavaScript in web browsers).

7.  IANA Considerations

9.1.

7.1.  HTTP/3 SETTINGS Parameter

   This document will request IANA to register the following entry in
   the "HTTP/3 Settings" registry:

           +==============+==========+===============+=========+
           |

   Value:  0xffd277 (note that this will switch to a lower value before
      publication)

   Setting Name | Value    | Specification | Default |
           +==============+==========+===============+=========+
           | Name:  H3_DATAGRAM  | 0xffd277 |

   Default:  0

   Status:  provisional (permanent if this document is approved)

   Specification:  This Document | 0       |
           +--------------+----------+---------------+---------+

                        Table 1: New

   Change Controller:  IETF

   Contact:  HTTP_WG; HTTP working group; ietf-http-wg@w3.org

7.2.  HTTP/3 Settings

9.2. Error Code

   This document will request IANA to register the following entry in
   the "HTTP/3 Error Codes" registry:

   Value:  0x4A1268 (note that this will switch to a lower value before
      publication)

   Name:  H3_DATAGRAM_ERROR

   Description:  Datagram or capsule protocol parse error
   Status:  provisional (permanent if this document is approved)

   Specification:  This Document

   Change Controller:  IETF

   Contact:  HTTP_WG; HTTP working group; ietf-http-wg@w3.org

7.3.  HTTP Header Field Name

   This document will request IANA to register the following entry in
   the "HTTP Field Name" registry:

   Field Name:  Sec-Use-Datagram-Contexts  Capsule-Protocol

   Template:  None

   Status:  provisional (permanent if this document is approved)

   Reference:  This document

   Comments:  None

9.3.

7.4.  Capsule Types

   This document establishes a registry for HTTP capsule type codes.
   The "HTTP Capsule Types" registry governs a 62-bit space.
   Registrations in this registry MUST include the following fields:

   Type:  A name or label for the capsule type.

   Value:  The value of the Capsule Type field (see Section 4.1) is a
      62-bit integer.

   Reference:  An optional reference to a specification for the type.
      This field MAY be empty.

   Registrations follow the "First Come First Served" policy (see
   Section 4.4 of [IANA-POLICY]) where two registrations MUST NOT have
   the same Type.

   This registry initially contains the following entries:

         +===========================+==========+===============+ entry:

                +==============+==========+===============+
                | Capsule Type | Value    | Specification |
         +===========================+==========+===============+
         | REGISTER_DATAGRAM_CONTEXT | 0xff37a1 | This Document |
         +---------------------------+----------+---------------+
         | REGISTER_DATAGRAM         | 0xff37a2 | This Document |
         +---------------------------+----------+---------------+
         | CLOSE_DATAGRAM_CONTEXT    | 0xff37a3 | This Document |
         +---------------------------+----------+---------------+
         | DATAGRAM_WITH_CONTEXT     | 0xff37a4 | This Document |
         +---------------------------+----------+---------------+
                +==============+==========+===============+
                | DATAGRAM     | 0xff37a5 | This Document |
         +---------------------------+----------+---------------+
                +--------------+----------+---------------+

                  Table 2: 1: Initial Capsule Types Registry Entries

   Capsule types with a value of the form 41 * N + 23 for integer values
   of N are reserved to exercise the requirement that unknown capsule
   types be ignored.  These capsules have no semantics and can carry
   arbitrary values.  These values MUST NOT be assigned by IANA and MUST
   NOT appear in the listing of assigned values.

9.4.  Datagram Format Types

   This document establishes a registry for HTTP datagram format type
   codes.  The "HTTP Datagram Format Types" registry governs a 62-bit
   space.  Registrations in this registry MUST include the following
   fields:

   Type:  A name or label for the datagram format type.

   Value:  The value of the Datagram Format Type field (see Section 2.2)
      is a 62-bit integer.

   Reference:  An optional reference to a specification for the
      parameter.  This field MAY be empty.

   Registrations follow the "First Come First Served" policy (see
   Section 4.4 of [IANA-POLICY]) where two registrations MUST NOT have
   the same Type nor Value.

   This registry is initially empty.

   Datagram format types with a value of the form 41 * N + 17 for
   integer values of N are reserved to exercise the requirement that
   unknown datagram format types be ignored.  These format types have no
   semantics and can carry arbitrary values.  These values MUST NOT be
   assigned by IANA and MUST NOT appear in the listing of assigned
   values.

9.5.  Context Close Codes

   This document establishes a registry for HTTP context close codes.
   The "HTTP Context Close Codes" registry governs a 62-bit space.
   Registrations in this registry MUST include the following fields:

   Type:  A name or label for the close code.

   Value:  The value of the Close Code field (see Section 4.4.2) is a
      62-bit integer.

   Reference:  An optional reference to a specification for the
      parameter.  This field MAY be empty.

   Registrations follow the "First Come First Served" policy (see
   Section 4.4 of [IANA-POLICY]) where two registrations MUST NOT have
   the same Type nor Value.

   This registry initially contains the following entries:

             +====================+==========+===============+
             | Context Close Code | Value    | Specification |
             +====================+==========+===============+
             | NO_ERROR           | 0xff78a0 | This Document |
             +--------------------+----------+---------------+
             | UNKNOWN_FORMAT     | 0xff78a1 | This Document |
             +--------------------+----------+---------------+
             | DENIED             | 0xff78a2 | This Document |
             +--------------------+----------+---------------+
             | RESOURCE_LIMIT     | 0xff78a3 | This Document |
             +--------------------+----------+---------------+

                Table 3: Initial Context Close Code Registry
                                  Entries

   Context close codes with a value of the form 41 * N + 19 for integer
   values of N are reserved to exercise the requirement that unknown
   context close codes be treated as NO_ERROR.  These values MUST NOT be
   assigned by IANA and MUST NOT appear in the listing of assigned
   values.

10.

8.  References

10.1.

8.1.  Normative References

   [DGRAM]    Pauly, T., Kinnear, E., and D. Schinazi, "An Unreliable
              Datagram Extension to QUIC", Work in Progress, Internet-
              Draft, draft-ietf-quic-datagram-06, 5 October 2021, draft-ietf-quic-datagram-10, 4 February 2022,
              <https://datatracker.ietf.org/doc/html/draft-ietf-quic-
              datagram-06>.
              datagram-10>.

   [H1]       Fielding, R. T., Nottingham, M., and J. Reschke,
              "HTTP/1.1", Work in Progress, Internet-Draft, draft-ietf-
              httpbis-messaging-19, 12 September 2021,
              <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
              messaging-19>.

   [H2]       Thomson, M. and C. Benfield, "HTTP/2", Work in Progress,
              Internet-Draft, draft-ietf-httpbis-http2bis-07, 24 January
              2022, <https://datatracker.ietf.org/doc/html/draft-ietf-
              httpbis-http2bis-07>.

   [H3]       Bishop, M., "Hypertext Transfer Protocol Version 3
              (HTTP/3)", Work in Progress, Internet-Draft, draft-ietf-
              quic-http-34, 2 February 2021,
              <https://datatracker.ietf.org/doc/html/draft-ietf-quic-
              http-34>.

   [HTTP]     Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP
              Semantics", Work in Progress, Internet-Draft, draft-ietf-
              httpbis-semantics-19, 12 September 2021,
              <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
              semantics-19>.

   [IANA-POLICY]
              Cotton, M., Leiba, B., and T. Narten, "Guidelines for
              Writing an IANA Considerations Section in RFCs", BCP 26,
              RFC 8126, DOI 10.17487/RFC8126, June 2017,
              <https://www.rfc-editor.org/rfc/rfc8126>.

   [QUIC]     Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
              Multiplexed and Secure Transport", RFC 9000,
              DOI 10.17487/RFC9000, May 2021,
              <https://www.rfc-editor.org/rfc/rfc9000>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/rfc/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.

   [RFC8941]

   [STRUCT-FIELD]
              Nottingham, M. and P-H. Kamp, "Structured Field Values for
              HTTP", RFC 8941, DOI 10.17487/RFC8941, February 2021,
              <https://www.rfc-editor.org/rfc/rfc8941>.

10.2.

8.2.  Informative References

   [PRIORITY] Oku, K. and L. Pardue, "Extensible Prioritization Scheme
              for HTTP", Work in Progress, Internet-Draft, draft-ietf-
              httpbis-priority-07, 25 October 2021,
              <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
              priority-07>.

   [RFC8899]

   [DPLPMTUD] Fairhurst, G., Jones, T., Tüxen, M., Rüngeler, I., and T.
              Völker, "Packetization Layer Path MTU Discovery for
              Datagram Transports", RFC 8899, DOI 10.17487/RFC8899,
              September 2020, <https://www.rfc-editor.org/rfc/rfc8899>.

   [PRIORITY] Oku, K. and L. Pardue, "Extensible Prioritization Scheme
              for HTTP", Work in Progress, Internet-Draft, draft-ietf-
              httpbis-priority-12, 17 January 2022,
              <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
              priority-12>.

Appendix A.  Examples

A.1.  CONNECT-UDP

   In

   [[RFC editor: please remove this example, the client does not support any appendix before publication.]]

A.1.  CONNECT-UDP nor HTTP
   Datagram extensions, and therefore has no use for datagram contexts
   on this stream.
   Client                                             Server

   STREAM(44): HEADERS             -------->
     :method = CONNECT
     :protocol = connect-udp
     :scheme = https
     :path = /target.example.org/443/
     :authority = proxy.example.org:443

   STREAM(44): DATA                -------->
     Capsule Type
     capsule-protocol = REGISTER_DATAGRAM
     Datagram Format Type = UDP_PAYLOAD
     Datagram Format Additional Data = "" ?1

   DATAGRAM                        -------->
     Quarter Stream ID = 11
     Payload = Encapsulated UDP Payload

              <--------  STREAM(44): HEADERS
                           :status = 200
                           capsule-protocol = ?1

   /* Wait for target server to respond to UDP packet. */

              <--------  DATAGRAM
                           Quarter Stream ID = 11
                           Payload = Encapsulated UDP Payload

A.2.  CONNECT-UDP with Delayed Timestamp Extension

   In these examples, the client supports a CONNECT-UDP Timestamp
   Extension, which uses a different Datagram Format Type that carries a
   timestamp followed by the encapsulated UDP payload.

A.2.1.  With Delay

   In this instance, the client prefers to wait a round trip to learn
   whether the server supports datagram contexts.

   Client                                             Server

   STREAM(44): HEADERS            -------->
     :method = CONNECT
     :protocol = connect-udp
     :scheme = https
     :path = /target.example.org/443/
     :authority = proxy.example.org:443
     Sec-Use-Datagram-Contexts = ?1

              <--------  STREAM(44): HEADERS
                           :status = 200
                           Sec-Use-Datagram-Contexts = ?1

   STREAM(44): DATA               -------->
     Capsule Type = REGISTER_DATAGRAM_CONTEXT
     Context ID = 0
     Datagram Format Type = UDP_PAYLOAD
     Datagram Format Additional Data = ""

   DATAGRAM                        -------->
     Quarter Stream ID = 11
     Context ID = 0
     Payload = Encapsulated UDP Payload

              <--------  DATAGRAM
                           Quarter Stream ID = 11
                           Context ID = 0
                           Payload = Encapsulated UDP Payload

   STREAM(44): DATA               -------->
     Capsule Type = REGISTER_DATAGRAM_CONTEXT
     Context ID = 2
     Datagram Format Type = UDP_PAYLOAD_WITH_TIMESTAMP
     Datagram Format Additional Data = ""

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Context ID = 2
     Payload = Encapsulated UDP Payload With Timestamp

A.3.  Successful Optimistic

   In this instance, the client does not wish to spend a round trip
   waiting to learn whether the server supports datagram contexts.  It
   registers its context optimistically in such a way that the server
   will react well whether it supports contexts or not.  In this case,
   the server does support datagram contexts.

   Client                                             Server

   STREAM(44): HEADERS            -------->
     :method = CONNECT
     :protocol = connect-udp
     :scheme = https
     :path = /target.example.org/443/
     :authority = proxy.example.org:443
     Sec-Use-Datagram-Contexts = ?1

   STREAM(44): DATA               -------->
     Capsule Type = REGISTER_DATAGRAM
     Datagram Format Type = UDP_PAYLOAD
     Datagram Format Additional Data = ""

   STREAM(44): DATA               -------->
     Capsule Type = DATAGRAM
     Payload = Encapsulated UDP Payload

              <--------  STREAM(44): HEADERS
                           :status = 200
                           Sec-Use-Datagram-Contexts = ?1

   /* Datagram contexts are in use on this stream */

              <--------  DATAGRAM
                           Quarter Stream ID = 11
                           Context ID = 0
                           Payload = Encapsulated UDP Payload

   STREAM(44): DATA               -------->
     Capsule Type = REGISTER_DATAGRAM_CONTEXT
     Context ID = 2
     Datagram Format Type = UDP_PAYLOAD_WITH_TIMESTAMP
     Datagram Format Additional Data = ""

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Context ID = 2
     Payload = Encapsulated UDP Payload With Timestamp

A.4.  Optimistic but Unsupported

   In this instance, the client does not wish to spend a round trip
   waiting to learn whether the server supports datagram contexts.  It
   registers its context optimistically in such a way that the server
   will react well whether it supports contexts or not.  In this case,
   the server does not support datagram contexts.

   Client                                             Server

   STREAM(44): HEADERS            -------->
     :method = CONNECT
     :protocol = connect-udp
     :scheme = https
     :path = /target.example.org/443/
     :authority = proxy.example.org:443
     Sec-Use-Datagram-Contexts = ?1

   STREAM(44): DATA               -------->
     Capsule Type = REGISTER_DATAGRAM
     Datagram Format Type = UDP_PAYLOAD
     Datagram Format Additional Data = ""

   STREAM(44): DATA               -------->
     Capsule Type = DATAGRAM
     Payload = Encapsulated UDP Payload

              <--------  STREAM(44): HEADERS
                           :status = 200

   /* Datagram contexts are not in use on this stream */

              <--------  DATAGRAM
                           Quarter Stream ID = 11
                           Payload = Encapsulated UDP Payload

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Payload = Encapsulated UDP Payload

A.5.  CONNECT-IP with IP compression

   Client                                             Server

   STREAM(44): HEADERS            -------->
     :method = CONNECT
     :protocol = connect-ip
     :scheme = https
     :path = /
     :authority = proxy.example.org:443
     Sec-Use-Datagram-Contexts = ?1

              <--------  STREAM(44): HEADERS
                           :status = 200
                           Sec-Use-Datagram-Contexts = ?1

   /* Exchange CONNECT-IP configuration information. */

   STREAM(44): DATA                -------->
     Capsule Type = REGISTER_DATAGRAM_CONTEXT
     Context ID = 0
     Datagram Format Type = IP_PACKET
     Datagram Format Additional Data = ""

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Context ID = 0
     Payload = Encapsulated IP Packet

   /* Endpoint happily exchange encapsulated IP packets */
   /* using Quarter Stream ID 11 and Context ID 0.      */

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Context ID = 0
     Payload = Encapsulated IP Packet

   /* After performing some analysis on traffic patterns, */
   /* the client decides it wants to compress a 2-tuple.  */

   STREAM(44): DATA                -------->
     Capsule Type = REGISTER_DATAGRAM_CONTEXT
     Context ID = 2
     Datagram Format Type = COMPRESSED_IP_PACKET
     Datagram Format Additional Data = "192.0.2.6,192.0.2.7"

   DATAGRAM                       -------->
     Quarter Stream ID = 11
     Context ID = 2
     Payload = Compressed IP Packet

A.6.  WebTransport

   Client                                             Server

   STREAM(44): HEADERS            -------->
     :method = CONNECT
     :scheme = https
     :method
     :protocol = webtransport
     :path = /hello
     :authority = webtransport.example.org:443
     Origin
     origin = https://www.example.org:443

   STREAM(44): DATA                -------->
     Capsule Type = REGISTER_DATAGRAM
     Datagram Format Type = WEBTRANSPORT_DATAGRAM
     Datagram Format Additional Data = ""

              <--------  STREAM(44): HEADERS
                           :status = 200

   /* Both endpoints can now send WebTransport datagrams. */

Acknowledgments

   The DATAGRAM context identifier was

   Portions of this document were previously part of the QUIC DATAGRAM
   frame definition itself, the authors would like to acknowledge the
   authors of that document and the members of the IETF MASQUE working
   group for their suggestions.  Additionally, the authors would like to
   thank Martin Thomson for suggesting the use of an HTTP/3 SETTINGS
   parameter.  Furthermore, the authors would like to thank Ben Schwartz
   for writing the first proposal that used two layers of indirection.
   The final design in this document came out of the HTTP Datagrams
   Design Team, whose members were Alan Frindell, Alex Chernyakhovsky,
   Ben Schwartz, Eric Rescorla, Marcus Ihlar, Martin Thomson, Mike
   Bishop, Tommy Pauly, Victor Vasiliev, and the authors of this
   document.

Authors' Addresses

   David Schinazi
   Google LLC
   1600 Amphitheatre Parkway
   Mountain View, California 94043,
   United States of America
   Email: dschinazi.ietf@gmail.com

   Lucas Pardue
   Cloudflare
   Email: lucaspardue.24.7@gmail.com