| < draft-ietf-httpbis-h2-websockets-03.txt | draft-ietf-httpbis-h2-websockets-04.txt > | |||
|---|---|---|---|---|
| HTTP P. McManus | HTTP P. McManus | |||
| Internet-Draft Mozilla | Internet-Draft Mozilla | |||
| Updates: 6455 (if approved) May 2, 2018 | Updates: 6455 (if approved) May 3, 2018 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: November 3, 2018 | Expires: November 4, 2018 | |||
| Bootstrapping WebSockets with HTTP/2 | Bootstrapping WebSockets with HTTP/2 | |||
| draft-ietf-httpbis-h2-websockets-03 | draft-ietf-httpbis-h2-websockets-04 | |||
| Abstract | Abstract | |||
| This document defines a mechanism for running the WebSocket Protocol | This document defines a mechanism for running the WebSocket Protocol | |||
| over a single stream of an HTTP/2 connection. | [RFC6455] over a single stream of an HTTP/2 connection. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on November 3, 2018. | This Internet-Draft will expire on November 4, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 17 ¶ | skipping to change at page 2, line 17 ¶ | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. The SETTINGS_ENABLE_CONNECT_PROTOCOL SETTINGS Parameter . . . 3 | 3. The SETTINGS_ENABLE_CONNECT_PROTOCOL SETTINGS Parameter . . . 3 | |||
| 4. The Extended CONNECT Method . . . . . . . . . . . . . . . . . 3 | 4. The Extended CONNECT Method . . . . . . . . . . . . . . . . . 3 | |||
| 5. Using Extended CONNECT To Bootstrap The WebSocket Protocol . 4 | 5. Using Extended CONNECT To Bootstrap The WebSocket Protocol . 4 | |||
| 5.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 5.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 6. Design Considerations . . . . . . . . . . . . . . . . . . . . 5 | 6. Design Considerations . . . . . . . . . . . . . . . . . . . . 5 | |||
| 7. About Intermediaries . . . . . . . . . . . . . . . . . . . . 6 | 7. About Intermediaries . . . . . . . . . . . . . . . . . . . . 6 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 6 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 6 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 | 10. Normative References . . . . . . . . . . . . . . . . . . . . 6 | |||
| 11. Normative References . . . . . . . . . . . . . . . . . . . . 7 | Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 1. Introduction | 1. Introduction | |||
| The Hypertext Transfer Protocol (HTTP) provides compatible resource- | The Hypertext Transfer Protocol (HTTP) provides compatible resource- | |||
| level semantics across different versions but it does not offer | level semantics across different versions but it does not offer | |||
| compatibility at the connection management level. Other protocols, | compatibility at the connection management level. Other protocols, | |||
| such as WebSockets, that rely on connection management details of | such as WebSockets, that rely on connection management details of | |||
| HTTP must be updated for new versions of HTTP. | HTTP must be updated for new versions of HTTP. | |||
| skipping to change at page 3, line 13 ¶ | skipping to change at page 3, line 13 ¶ | |||
| flow control features of HTTP/2. | flow control features of HTTP/2. | |||
| Streams that successfully establish a WebSocket connection using a | Streams that successfully establish a WebSocket connection using a | |||
| tunneled stream and the modifications to the opening handshake | tunneled stream and the modifications to the opening handshake | |||
| defined in this document then use the traditional WebSocket Protocol, | defined in this document then use the traditional WebSocket Protocol, | |||
| treating the stream as if were the TCP connection in that | treating the stream as if were the TCP connection in that | |||
| specification. | specification. | |||
| 2. Terminology | 2. Terminology | |||
| In this document, the key words "MUST", "MUST NOT", "REQUIRED", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| and "OPTIONAL" are to be interpreted as described in BCP 14, | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| [RFC2119]. | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | ||||
| 3. The SETTINGS_ENABLE_CONNECT_PROTOCOL SETTINGS Parameter | 3. The SETTINGS_ENABLE_CONNECT_PROTOCOL SETTINGS Parameter | |||
| This document adds a new SETTINGS Parameter to those defined by | This document adds a new SETTINGS Parameter to those defined by | |||
| [RFC7540], Section 6.5.2. | [RFC7540], Section 6.5.2. | |||
| The new parameter name is SETTINGS_ENABLE_CONNECT_PROTOCOL. The | The new parameter name is SETTINGS_ENABLE_CONNECT_PROTOCOL. The | |||
| value of the parameter MUST be 0 or 1. | value of the parameter MUST be 0 or 1. | |||
| Upon receipt of SETTINGS_ENABLE_CONNECT_PROTOCOL with a value of 1, a | Upon receipt of SETTINGS_ENABLE_CONNECT_PROTOCOL with a value of 1, a | |||
| skipping to change at page 4, line 11 ¶ | skipping to change at page 4, line 11 ¶ | |||
| indicating the desired protocol to be spoken on the tunnel created | indicating the desired protocol to be spoken on the tunnel created | |||
| by CONNECT. The pseudo-header is single valued and contains a | by CONNECT. The pseudo-header is single valued and contains a | |||
| value from the HTTP Upgrade Token Registry defined by [RFC7230]. | value from the HTTP Upgrade Token Registry defined by [RFC7230]. | |||
| o On requests bearing the :protocol pseudo-header, the :scheme and | o On requests bearing the :protocol pseudo-header, the :scheme and | |||
| :path pseudo-header fields MUST be included. | :path pseudo-header fields MUST be included. | |||
| o On requests bearing the :protocol pseudo-header, the :authority | o On requests bearing the :protocol pseudo-header, the :authority | |||
| pseudo-header field is interpreted according to Section 8.1.2.3 of | pseudo-header field is interpreted according to Section 8.1.2.3 of | |||
| [RFC7540] instead of Section 8.3 of [RFC7540]. In particular the | [RFC7540] instead of Section 8.3 of [RFC7540]. In particular the | |||
| server MUST not make a new TCP connection to the host and port | server MUST NOT make a new TCP connection to the host and port | |||
| indicated by the :authority. | indicated by the :authority. | |||
| Upon receiving a CONNECT request bearing the :protocol pseudo-header | Upon receiving a CONNECT request bearing the :protocol pseudo-header | |||
| the server establishes a tunnel to another service of the protocol | the server establishes a tunnel to another service of the protocol | |||
| type indicated by the pseudo-header. This service may or may not be | type indicated by the pseudo-header. This service may or may not be | |||
| co-located with the server. | co-located with the server. | |||
| 5. Using Extended CONNECT To Bootstrap The WebSocket Protocol | 5. Using Extended CONNECT To Bootstrap The WebSocket Protocol | |||
| The pseudo-header :protocol MUST be included in the CONNECT request | The pseudo-header :protocol MUST be included in the CONNECT request | |||
| skipping to change at page 4, line 34 ¶ | skipping to change at page 4, line 34 ¶ | |||
| headers, such as those for manipulating cookies, may be included in | headers, such as those for manipulating cookies, may be included in | |||
| the HEADERS with the CONNECT method as usual. This request replaces | the HEADERS with the CONNECT method as usual. This request replaces | |||
| the GET-based request in [RFC6455] and is used to process the | the GET-based request in [RFC6455] and is used to process the | |||
| WebSockets opening handshake. | WebSockets opening handshake. | |||
| The scheme of the Target URI [RFC7230] MUST be "https" for "wss" | The scheme of the Target URI [RFC7230] MUST be "https" for "wss" | |||
| schemed WebSockets and "http" for "ws" schemed WebSockets. The | schemed WebSockets and "http" for "ws" schemed WebSockets. The | |||
| websocket URI is still used for proxy autoconfiguration. | websocket URI is still used for proxy autoconfiguration. | |||
| [RFC6455] requires the use of Connection and Upgrade headers that are | [RFC6455] requires the use of Connection and Upgrade headers that are | |||
| not part of HTTP/2. They MUST not be included in the CONNECT request | not part of HTTP/2. They MUST NOT be included in the CONNECT request | |||
| defined here. | defined here. | |||
| [RFC6455] requires the use of a Host header which is also not part of | [RFC6455] requires the use of a Host header which is also not part of | |||
| HTTP/2. The Host information is conveyed as part of the :authority | HTTP/2. The Host information is conveyed as part of the :authority | |||
| pseudo-header which is required on every HTTP/2 transaction. | pseudo-header which is required on every HTTP/2 transaction. | |||
| Implementations using this extended CONNECT to bootstrap WebSockets | Implementations using this extended CONNECT to bootstrap WebSockets | |||
| do not do the processing of the [RFC6455] Sec-WebSocket-Key and Sec- | do not do the processing of the [RFC6455] Sec-WebSocket-Key and Sec- | |||
| WebSocket-Accept headers as that functionality has been superseded by | WebSocket-Accept headers as that functionality has been superseded by | |||
| the :protocol pseudo-header. | the :protocol pseudo-header. | |||
| skipping to change at page 5, line 13 ¶ | skipping to change at page 5, line 13 ¶ | |||
| they be encoded as lower case. | they be encoded as lower case. | |||
| After successfully processing the opening handshake, the peers should | After successfully processing the opening handshake, the peers should | |||
| proceed with The WebSocket Protocol [RFC6455] using the HTTP/2 stream | proceed with The WebSocket Protocol [RFC6455] using the HTTP/2 stream | |||
| from the CONNECT transaction as if it were the TCP connection | from the CONNECT transaction as if it were the TCP connection | |||
| referred to in [RFC6455]. The state of the WebSocket connection at | referred to in [RFC6455]. The state of the WebSocket connection at | |||
| this point is OPEN as defined by [RFC6455], Section 4.1. | this point is OPEN as defined by [RFC6455], Section 4.1. | |||
| The HTTP/2 stream closure is also analogous to the TCP connection of | The HTTP/2 stream closure is also analogous to the TCP connection of | |||
| [RFC6455]. Orderly TCP level closures are represented as END_STREAM | [RFC6455]. Orderly TCP level closures are represented as END_STREAM | |||
| ([RFC7540] Section 6.1) flags and RST exceptions are represented with | ([RFC7540], Section 6.1) flags and RST exceptions are represented | |||
| the RST_STREAM ([RFC7540] Section 6.4) frame with the CANCEL | with the RST_STREAM ([RFC7540], Section 6.4) frame with the CANCEL | |||
| ([RFC7540] Secion 7) error code. | ([RFC7540], Section 7) error code. | |||
| 5.1. Example | 5.1. Example | |||
| [[ From Client ]] [[ From Server ]] | [[ From Client ]] [[ From Server ]] | |||
| SETTINGS | SETTINGS | |||
| SETTINGS_ENABLE_CONNECT_PROTOCOL = 1 | SETTINGS_ENABLE_CONNECT_P[..] = 1 | |||
| HEADERS + END_HEADERS | HEADERS + END_HEADERS | |||
| :method = CONNECT | :method = CONNECT | |||
| :protocol = websocket | :protocol = websocket | |||
| :scheme = https | :scheme = https | |||
| :path = /chat | :path = /chat | |||
| :authority = server.example.com | :authority = server.example.com | |||
| sec-websocket-protocol = chat, superchat | sec-websocket-protocol = chat, superchat | |||
| sec-websocket-extensions = permessage-deflate | sec-websocket-extensions = permessage-deflate | |||
| sec-websocket-version = 13 | sec-websocket-version = 13 | |||
| skipping to change at page 6, line 46 ¶ | skipping to change at page 6, line 46 ¶ | |||
| that was established by Section 11.3 of [RFC7540]. | that was established by Section 11.3 of [RFC7540]. | |||
| Name: SETTINGS_ENABLE_CONNECT_PROTOCOL | Name: SETTINGS_ENABLE_CONNECT_PROTOCOL | |||
| Code: 0x8 | Code: 0x8 | |||
| Initial Value: 0 | Initial Value: 0 | |||
| Specification: This document | Specification: This document | |||
| 10. Acknowledgments | 10. Normative References | |||
| The 2017 HTTP Workshop had a very productive discussion that helped | ||||
| determine the key problem and acceptable level of solution | ||||
| complexity. | ||||
| 11. Normative References | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC6454] Barth, A., "The Web Origin Concept", RFC 6454, | [RFC6454] Barth, A., "The Web Origin Concept", RFC 6454, | |||
| DOI 10.17487/RFC6454, December 2011, | DOI 10.17487/RFC6454, December 2011, | |||
| <https://www.rfc-editor.org/info/rfc6454>. | <https://www.rfc-editor.org/info/rfc6454>. | |||
| skipping to change at page 7, line 30 ¶ | skipping to change at page 7, line 23 ¶ | |||
| [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer | [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer | |||
| Protocol (HTTP/1.1): Message Syntax and Routing", | Protocol (HTTP/1.1): Message Syntax and Routing", | |||
| RFC 7230, DOI 10.17487/RFC7230, June 2014, | RFC 7230, DOI 10.17487/RFC7230, June 2014, | |||
| <https://www.rfc-editor.org/info/rfc7230>. | <https://www.rfc-editor.org/info/rfc7230>. | |||
| [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext | [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext | |||
| Transfer Protocol Version 2 (HTTP/2)", RFC 7540, | Transfer Protocol Version 2 (HTTP/2)", RFC 7540, | |||
| DOI 10.17487/RFC7540, May 2015, | DOI 10.17487/RFC7540, May 2015, | |||
| <https://www.rfc-editor.org/info/rfc7540>. | <https://www.rfc-editor.org/info/rfc7540>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | ||||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | ||||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | ||||
| Acknowledgments | ||||
| The 2017 HTTP Workshop had a very productive discussion that helped | ||||
| determine the key problem and acceptable level of solution | ||||
| complexity. | ||||
| Author's Address | Author's Address | |||
| Patrick McManus | Patrick McManus | |||
| Mozilla | Mozilla | |||
| Email: mcmanus@ducksong.com | Email: mcmanus@ducksong.com | |||
| End of changes. 13 change blocks. | ||||
| 24 lines changed or deleted | 29 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||