idnits 2.17.1 draft-ietf-httpbis-header-compression-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The abstract seems to contain references ([2], [3], [1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 1165 has weird spacing: '... as hex len...' == Line 1166 has weird spacing: '...aligned in...' -- The document date (November 29, 2014) is 3436 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 19 -- Looks like a reference, but probably isn't: '2' on line 21 -- Looks like a reference, but probably isn't: '3' on line 22 -- Looks like a reference, but probably isn't: '13' on line 1294 -- Looks like a reference, but probably isn't: '23' on line 1407 -- Looks like a reference, but probably isn't: '28' on line 1417 -- Looks like a reference, but probably isn't: '24' on line 1405 -- Looks like a reference, but probably isn't: '30' on line 1424 -- Looks like a reference, but probably isn't: '10' on line 1231 -- Looks like a reference, but probably isn't: '12' on line 1230 -- Looks like a reference, but probably isn't: '11' on line 1292 -- Looks like a reference, but probably isn't: '15' on line 1291 -- Looks like a reference, but probably isn't: '19' on line 1376 -- Looks like a reference, but probably isn't: '14' on line 1293 -- Looks like a reference, but probably isn't: '20' on line 1394 -- Looks like a reference, but probably isn't: '22' on line 1401 -- Looks like a reference, but probably isn't: '21' on line 1398 -- Looks like a reference, but probably isn't: '26' on line 1423 -- Looks like a reference, but probably isn't: '25' on line 1403 -- Looks like a reference, but probably isn't: '27' on line 1422 == Outdated reference: A later version (-17) exists of draft-ietf-httpbis-http2-16 ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 21 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 HTTPbis Working Group R. Peon 3 Internet-Draft Google, Inc 4 Intended status: Standards Track H. Ruellan 5 Expires: June 2, 2015 Canon CRF 6 November 29, 2014 8 HPACK - Header Compression for HTTP/2 9 draft-ietf-httpbis-header-compression-10 11 Abstract 13 This specification defines HPACK, a compression format for 14 efficiently representing HTTP header fields, to be used in HTTP/2. 16 Editorial Note (To be removed by RFC Editor) 18 Discussion of this draft takes place on the HTTPBIS working group 19 mailing list (ietf-http-wg@w3.org), which is archived at [1]. 21 Working Group information can be found at [2]; that specific to 22 HTTP/2 are at [3]. 24 The changes in this draft are summarized in Appendix D.1. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on June 2, 2015. 43 Copyright Notice 45 Copyright (c) 2014 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 61 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 4 62 1.2. Conventions . . . . . . . . . . . . . . . . . . . . . . . 5 63 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 64 2. Compression Process Overview . . . . . . . . . . . . . . . . 5 65 2.1. Header List Ordering . . . . . . . . . . . . . . . . . . 6 66 2.2. Encoding and Decoding Contexts . . . . . . . . . . . . . 6 67 2.3. Indexing Tables . . . . . . . . . . . . . . . . . . . . . 6 68 2.3.1. Static Table . . . . . . . . . . . . . . . . . . . . 6 69 2.3.2. Dynamic Table . . . . . . . . . . . . . . . . . . . . 6 70 2.3.3. Index Address Space . . . . . . . . . . . . . . . . . 7 71 2.4. Header Field Representation . . . . . . . . . . . . . . . 7 72 3. Header Block Decoding . . . . . . . . . . . . . . . . . . . . 8 73 3.1. Header Block Processing . . . . . . . . . . . . . . . . . 8 74 3.2. Header Field Representation Processing . . . . . . . . . 8 75 4. Dynamic Table Management . . . . . . . . . . . . . . . . . . 9 76 4.1. Calculating Table Size . . . . . . . . . . . . . . . . . 9 77 4.2. Maximum Table Size . . . . . . . . . . . . . . . . . . . 9 78 4.3. Entry Eviction when Dynamic Table Size Changes . . . . . 10 79 4.4. Entry Eviction when Adding New Entries . . . . . . . . . 10 80 5. Primitive Type Representations . . . . . . . . . . . . . . . 11 81 5.1. Integer Representation . . . . . . . . . . . . . . . . . 11 82 5.2. String Literal Representation . . . . . . . . . . . . . . 12 83 6. Binary Format . . . . . . . . . . . . . . . . . . . . . . . . 13 84 6.1. Indexed Header Field Representation . . . . . . . . . . . 14 85 6.2. Literal Header Field Representation . . . . . . . . . . . 14 86 6.2.1. Literal Header Field with Incremental Indexing . . . 14 87 6.2.2. Literal Header Field without Indexing . . . . . . . . 15 88 6.2.3. Literal Header Field never Indexed . . . . . . . . . 16 89 6.3. Dynamic Table Size Update . . . . . . . . . . . . . . . . 17 90 7. Security Considerations . . . . . . . . . . . . . . . . . . . 18 91 7.1. Probing Dynamic Table State . . . . . . . . . . . . . . . 18 92 7.1.1. Applicability to HPACK and HTTP . . . . . . . . . . . 19 93 7.1.2. Mitigation . . . . . . . . . . . . . . . . . . . . . 20 94 7.1.3. Never Indexed Literals . . . . . . . . . . . . . . . 21 95 7.2. Static Huffman Encoding . . . . . . . . . . . . . . . . . 21 96 7.3. Memory Consumption . . . . . . . . . . . . . . . . . . . 21 97 7.4. Implementation Limits . . . . . . . . . . . . . . . . . . 21 98 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 99 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 100 9.1. Normative References . . . . . . . . . . . . . . . . . . 22 101 9.2. Informative References . . . . . . . . . . . . . . . . . 22 102 Appendix A. Static Table Definition . . . . . . . . . . . . . . 24 103 Appendix B. Huffman Code . . . . . . . . . . . . . . . . . . . . 25 104 Appendix C. Examples . . . . . . . . . . . . . . . . . . . . . . 31 105 C.1. Integer Representation Examples . . . . . . . . . . . . . 32 106 C.1.1. Example 1: Encoding 10 Using a 5-bit Prefix . . . . . 32 107 C.1.2. Example 2: Encoding 1337 Using a 5-bit Prefix . . . . 32 108 C.1.3. Example 3: Encoding 42 Starting at an Octet Boundary 33 109 C.2. Header Field Representation Examples . . . . . . . . . . 33 110 C.2.1. Literal Header Field with Indexing . . . . . . . . . 33 111 C.2.2. Literal Header Field without Indexing . . . . . . . . 34 112 C.2.3. Literal Header Field never Indexed . . . . . . . . . 35 113 C.2.4. Indexed Header Field . . . . . . . . . . . . . . . . 35 114 C.3. Request Examples without Huffman Coding . . . . . . . . . 36 115 C.3.1. First Request . . . . . . . . . . . . . . . . . . . . 36 116 C.3.2. Second Request . . . . . . . . . . . . . . . . . . . 37 117 C.3.3. Third Request . . . . . . . . . . . . . . . . . . . . 38 118 C.4. Request Examples with Huffman Coding . . . . . . . . . . 39 119 C.4.1. First Request . . . . . . . . . . . . . . . . . . . . 39 120 C.4.2. Second Request . . . . . . . . . . . . . . . . . . . 40 121 C.4.3. Third Request . . . . . . . . . . . . . . . . . . . . 41 122 C.5. Response Examples without Huffman Coding . . . . . . . . 43 123 C.5.1. First Response . . . . . . . . . . . . . . . . . . . 43 124 C.5.2. Second Response . . . . . . . . . . . . . . . . . . . 45 125 C.5.3. Third Response . . . . . . . . . . . . . . . . . . . 46 126 C.6. Response Examples with Huffman Coding . . . . . . . . . . 48 127 C.6.1. First Response . . . . . . . . . . . . . . . . . . . 48 128 C.6.2. Second Response . . . . . . . . . . . . . . . . . . . 50 129 C.6.3. Third Response . . . . . . . . . . . . . . . . . . . 51 130 Appendix D. Change Log (to be removed by RFC Editor before 131 publication) . . . . . . . . . . . . . . . . . . . . 53 132 D.1. Since draft-ietf-httpbis-header-compression-09 . . . . . 54 133 D.2. Since draft-ietf-httpbis-header-compression-08 . . . . . 54 134 D.3. Since draft-ietf-httpbis-header-compression-07 . . . . . 54 135 D.4. Since draft-ietf-httpbis-header-compression-06 . . . . . 54 136 D.5. Since draft-ietf-httpbis-header-compression-05 . . . . . 55 137 D.6. Since draft-ietf-httpbis-header-compression-04 . . . . . 55 138 D.7. Since draft-ietf-httpbis-header-compression-03 . . . . . 55 139 D.8. Since draft-ietf-httpbis-header-compression-02 . . . . . 56 140 D.9. Since draft-ietf-httpbis-header-compression-01 . . . . . 56 141 D.10. Since draft-ietf-httpbis-header-compression-00 . . . . . 56 143 1. Introduction 145 In HTTP/1.1 (see [RFC7230]), header fields are not compressed. As 146 Web pages have grown to include dozens to hundreds of requests, the 147 redundant header fields in these requests unnecessarily consume 148 bandwidth, measurably increasing latency. 150 SPDY [SPDY] initially addressed this redundancy by compressing header 151 fields using the DEFLATE [DEFLATE] format, which proved very 152 effective at efficiently representing the redundant header fields. 153 However, that approach exposed a security risk as demonstrated by the 154 CRIME attack (see [CRIME]). 156 This specification defines HPACK, a new compressor for header fields 157 which eliminates redundant header fields, limits vulnerability to 158 known security attacks, and which has a bounded memory requirement 159 for use in constrained environments. 161 1.1. Overview 163 The format defined in this specification treats a list of header 164 fields as an ordered collection of name-value pairs that can include 165 duplicates. Names and values are considered to be opaque sequences 166 of octets, and the order of header fields is preserved after being 167 compressed and decompressed. 169 Encoding is informed by header tables that map name-value pairs to 170 indexed values. These header tables can be incrementally updated as 171 new pairs are encoded or decoded. 173 In the encoded form, a header field is represented either literally 174 or as a reference to a name-value pair in one of the header tables. 175 Therefore, a list of header fields can be encoded using a mixture of 176 references and literal values. 178 The encoder is responsible for deciding which header fields to insert 179 as new entries in the header tables. The decoder executes the 180 modifications to the header tables prescribed by the encoder, 181 reconstructing the list of header fields in the process. This 182 enables decoders to remain simple and interoperate with a wide 183 variety of encoders. 185 Examples illustrating the use of these different mechanisms to 186 represent header fields are available in Appendix C. 188 1.2. Conventions 190 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 191 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 192 document are to be interpreted as described in RFC 2119 [RFC2119]. 194 All numeric values are in network byte order. Values are unsigned 195 unless otherwise indicated. Literal values are provided in decimal 196 or hexadecimal as appropriate. 198 1.3. Terminology 200 This specification uses the following terms: 202 Header Field: A name-value pair. Both the name and value are 203 treated as opaque sequences of octets. 205 Dynamic Table: The dynamic table (see Section 2.3.2) is a header 206 table used to associate stored header fields to index values. 207 This table is dynamic and specific to an encoding or decoding 208 context. 210 Static Table: The static table (see Section 2.3.1) is a header table 211 used to associate static header fields to index values. This 212 table is ordered, read-only, always accessible, and may be shared 213 amongst all encoding or decoding contexts. 215 Header List: A header list is an ordered collection of header fields 216 that are encoded jointly, and can contain duplicate header fields. 217 A complete list of key-value pairs contained in an HTTP/2 header 218 block is a header list. 220 Header Field Representation: A header field can be represented in 221 encoded form either as a literal or as an index (see Section 2.4). 223 Header Block: An ordered list of header field representations which, 224 when decoded, yields a complete header list. 226 2. Compression Process Overview 228 This specification does not describe a specific algorithm for an 229 encoder. Instead, it defines precisely how a decoder is expected to 230 operate, allowing encoders to produce any encoding that this 231 definition permits. 233 2.1. Header List Ordering 235 HPACK preserves the ordering of header fields inside the header list. 236 An encoder MUST order header field representations in the header 237 block according to their ordering in the original header list. A 238 decoder MUST order header fields in the decoded header list according 239 to their ordering in the header block. 241 2.2. Encoding and Decoding Contexts 243 To decompress header blocks, a decoder only needs to maintain a 244 dynamic table (see Section 2.3.2) as a decoding context. No other 245 state is needed. 247 When used for bidirectional communication, such as in HTTP, the 248 encoding and decoding dynamic tables maintained by an endpoint are 249 completely independent. I.e., the request and response dynamic 250 tables are separate. 252 2.3. Indexing Tables 254 HPACK uses two tables for associating header fields to indexes. The 255 static table (see Section 2.3.1) is predefined and contains common 256 header fields (most of them with an empty value). The dynamic table 257 (see Section 2.3.2) is dynamic and can be used by the encoder to 258 index header fields repeated in the encoded header lists. 260 These two tables are combined into a single address space for 261 defining index values (see Section 2.3.3). 263 2.3.1. Static Table 265 The static table consists of a predefined static list of header 266 fields. Its entries are defined in Appendix A. 268 2.3.2. Dynamic Table 270 The dynamic table consists of a list of header fields maintained in 271 first-in, first-out order. The first and newest entry in a dynamic 272 table is at the lowest index, and the oldest entry of a dynamic table 273 is at the highest index. 275 The dynamic table is initially empty. Entries are added as each 276 header block is decompressed. 278 The dynamic table can contain duplicate entries. Therefore, 279 duplicate entries MUST NOT be treated as an error by a decoder. 281 The encoder decides how to update the dynamic table and as such can 282 control how much memory is used by the dynamic table. To limit the 283 memory requirements of the decoder, the dynamic table size is 284 strictly bounded (see Section 4.2). 286 The decoder updates the dynamic table during the processing of a list 287 of header field representations (see Section 3.2). 289 2.3.3. Index Address Space 291 The static table and the dynamic table are combined into a single 292 index address space. 294 Indices between 1 and the length of the static table (inclusive) 295 refer to elements in the static table (see Section 2.3.1). 297 Indices strictly greater than the length of the static table refer to 298 elements in the dynamic table (see Section 2.3.2). The length of the 299 static table is subtracted to find the index into the dynamic table. 301 Indices strictly greater than the sum of the lengths of both tables 302 MUST be treated as a decoding error. 304 For a static table size of s and a dynamic table size of k, the 305 following diagram shows the entire valid index address space. 307 <---------- Index Address Space ----------> 308 <-- Static Table --> <-- Dynamic Table --> 309 +---+-----------+---+ +---+-----------+---+ 310 | 1 | ... | s | |s+1| ... |s+k| 311 +---+-----------+---+ +---+-----------+---+ 312 ^ | 313 | V 314 Insertion Point Dropping Point 316 Figure 1: Index Address Space 318 2.4. Header Field Representation 320 An encoded header field can be represented either as a literal or as 321 an index. 323 A literal representation defines a header field by specifying its 324 name and value. The header field name can be represented literally 325 or as a reference to an entry in either the static table or the 326 dynamic table. The header field value is represented literally. 328 Three different literal representations are defined: 330 o A literal representation that does not add the header field to the 331 dynamic table (see Section 6.2.2). 333 o A literal representation that does not add the header field to the 334 dynamic table, with the additional stipulation that this header 335 field always use a literal representation, in particular when re- 336 encoded by an intermediary (see Section 6.2.3). 338 o A literal representation that adds the header field as a new entry 339 at the beginning of the dynamic table (see Section 6.2.1). 341 An indexed representation defines a header field as a reference to an 342 entry in either the static table or the dynamic table (see 343 Section 6.1). 345 3. Header Block Decoding 347 3.1. Header Block Processing 349 A decoder processes a header block sequentially to reconstruct the 350 original header list. 352 Once a header field is decoded and added to the reconstructed header 353 list, it cannot be removed from it. A header field added to the 354 header list can be safely passed to the application. 356 By passing the resulting header fields to the application, a decoder 357 can be implemented with minimal transitory memory commitment in 358 addition to the dynamic table. 360 3.2. Header Field Representation Processing 362 The processing of a header block to obtain a header list is defined 363 in this section. To ensure that the decoding will successfully 364 produce a header list, a decoder MUST obey the following rules. 366 All the header field representations contained in a header block are 367 processed in the order in which they appear, as specified below. 368 Details on the formatting of the various header field 369 representations, and some additional processing instructions are 370 found in Section 6. 372 An _indexed representation_ entails the following actions: 374 o The header field corresponding to the referenced entry in either 375 the static table or dynamic table is appended to the decoded 376 header list. 378 A _literal representation_ that is _not added_ to the dynamic table 379 entails the following action: 381 o The header field is appended to the decoded header list. 383 A _literal representation_ that is _added_ to the dynamic table 384 entails the following actions: 386 o The header field is appended to the decoded header list. 388 o The header field is inserted at the beginning of the dynamic 389 table. This insertion could result in the eviction of previous 390 entries in the dynamic table (see Section 4.4). 392 4. Dynamic Table Management 394 To limit the memory requirements on the decoder side, the dynamic 395 table is constrained in size. 397 4.1. Calculating Table Size 399 The size of the dynamic table is the sum of the size of its entries. 401 The size of an entry is the sum of its name's length in octets (as 402 defined in Section 5.2), its value's length in octets (see 403 Section 5.2), plus 32. 405 The size of an entry is calculated using the length of the name and 406 value without any Huffman encoding applied. 408 NOTE: The additional 32 octets account for the overhead associated 409 with an entry. For example, an entry structure using two 64-bit 410 pointers to reference the name and the value of the entry, and two 411 64-bit integers for counting the number of references to the name and 412 value would have 32 octets of overhead. 414 4.2. Maximum Table Size 416 Protocols that use HPACK determine the maximum size that the encoder 417 is permitted to use for the dynamic table. In HTTP/2, this value is 418 determined by the SETTINGS_HEADER_TABLE_SIZE setting (see 419 Section 6.5.2 of [HTTP2]). 421 An encoder can choose to use less capacity than this maximum size 422 (see Section 6.3), but the chosen size MUST stay lower than or equal 423 to the maximum set by the protocol. 425 The maximum size of the dynamic table can be changed by the protocol 426 at any time other than during the encoding of a header block. After 427 changing the maximum size of the dynamic table used by the encoder, 428 the encoder MUST signal this change via an encoding context update 429 (see Section 6.3). This encoding context update MUST occur at the 430 beginning of the first header block following the change to the 431 header table size. In HTTP/2, this follows a settings 432 acknowledgement (see Section 6.5.3 of [HTTP2]). 434 Multiple updates to the maximum table size can occur between the 435 sending of two header blocks. In the case that the value of this 436 parameter is changed more than once, if any changed value is smaller 437 than the new maximum size, the smallest value for the parameter MUST 438 be sent in an encoding context update. The altered maximum size is 439 always sent, resulting in at most two encoding context updates. This 440 ensures that the decoder is able to perform eviction based on the 441 decoder table size (see Section 4.3). 443 This mechanism can be used to completely clear entries from the 444 dynamic table by setting a maximum size of 0, which can subsequently 445 be restored. 447 4.3. Entry Eviction when Dynamic Table Size Changes 449 Whenever the maximum size for the dynamic table is reduced, entries 450 are evicted from the end of the dynamic table until the size of the 451 dynamic table is less than or equal to the maximum size. 453 4.4. Entry Eviction when Adding New Entries 455 Whenever a new entry is to be added to the dynamic table, entries are 456 evicted from the end of the dynamic table until the size of the 457 dynamic table is less than or equal to (maximum size - new entry 458 size), or until the table is empty. 460 If the representation of the added entry references the name of an 461 entry in the dynamic table, the referenced name is cached prior to 462 performing eviction to avoid having the name inadvertently evicted. 464 If the size of the new entry is less than or equal to the maximum 465 size, that entry is added to the table. It is not an error to 466 attempt to add an entry that is larger than the maximum size; an 467 attempt to add an entry larger than the entire table causes the table 468 to be emptied of all existing entries, and results in an empty table. 470 5. Primitive Type Representations 472 HPACK encoding uses two primitive types: unsigned variable length 473 integers, and strings of octets. 475 5.1. Integer Representation 477 Integers are used to represent name indexes, pair indexes or string 478 lengths. To allow for optimized processing, an integer 479 representation always finishes at the end of an octet. 481 An integer is represented in two parts: a prefix that fills the 482 current octet and an optional list of octets that are used if the 483 integer value does not fit within the prefix. The number of bits of 484 the prefix (called N) is a parameter of the integer representation. 486 0 1 2 3 4 5 6 7 487 +---+---+---+---+---+---+---+---+ 488 | ? | ? | ? | Value (N) | 489 +---+---+---+-------------------+ 491 Figure 2: Integer Value Encoded within the Prefix (shown for N = 5) 493 If the integer value is small enough, i.e. strictly less than 2^N-1, 494 it is encoded within the N-bit prefix. 496 0 1 2 3 4 5 6 7 497 +---+---+---+---+---+---+---+---+ 498 | ? | ? | ? | 1 1 1 1 1 | 499 +---+---+---+-------------------+ 500 | 1 | Value-(2^N-1) LSB (7) | 501 +---+---------------------------+ 502 ... 503 +---+---------------------------+ 504 | 0 | Value-(2^N-1) MSB (7) | 505 +---+---------------------------+ 507 Figure 3: Integer Value Encoded after the Prefix (shown for N = 5) 509 Otherwise, all the bits of the prefix are set to 1 and the value, 510 decreased by 2^N-1, is encoded using a list of one or more octets. 511 The most significant bit of each octet is used as a continuation 512 flag: its value is set to 1 except for the last octet in the list. 513 The remaining bits of the octets are used to encode the decreased 514 value. 516 Decoding the integer value from the list of octets starts by 517 reversing the order of the octets in the list. Then, for each octet, 518 its most significant bit is removed. The remaining bits of the 519 octets are concatenated and the resulting value is increased by 2^N-1 520 to obtain the integer value. 522 The prefix size, N, is always between 1 and 8 bits. An integer 523 starting at an octet-boundary will have an 8-bit prefix. 525 Pseudo-code to represent an integer I is as follows: 527 if I < 2^N - 1, encode I on N bits 528 else 529 encode (2^N - 1) on N bits 530 I = I - (2^N - 1) 531 while I >= 128 532 encode (I % 128 + 128) on 8 bits 533 I = I / 128 534 encode I on 8 bits 536 Pseudo-code to decode an integer I is as follows: 538 decode I from the next N bits 539 if I < 2^N - 1, return I 540 else 541 M = 0 542 repeat 543 B = next octet 544 I = I + (B & 127) * 2^M 545 M = M + 7 546 while B & 128 == 128 547 return I 549 Examples illustrating the encoding of integers are available in 550 Appendix C.1. 552 This integer representation allows for values of indefinite size. It 553 is also possible for an encoder to send a large number of zero 554 values, which can waste octets and could be used to overflow integer 555 values. Excessively large integer encodings - in value or octet 556 length - MUST be treated as a decoding error. Different limits can 557 be set for each of the different uses of integers, based on 558 implementation constraints. 560 5.2. String Literal Representation 562 Header field names and header field values can be represented as 563 literal string. A literal string is encoded as a sequence of octets, 564 either by directly encoding the literal string's octets, or by using 565 a Huffman code (see [HUFFMAN]). 567 0 1 2 3 4 5 6 7 568 +---+---+---+---+---+---+---+---+ 569 | H | String Length (7+) | 570 +---+---------------------------+ 571 | String Data (Length octets) | 572 +-------------------------------+ 574 Figure 4: String Literal Representation 576 A literal string representation contains the following fields: 578 H: A one bit flag, H, indicating whether or not the octets of the 579 string are Huffman encoded. 581 String Length: The number of octets used to encode the string 582 literal, encoded as an integer with 7-bit prefix (see 583 Section 5.1). 585 String Data: The encoded data of the string literal. If H is '0', 586 then the encoded data is the raw octets of the string literal. If 587 H is '1', then the encoded data is the Huffman encoding of the 588 string literal. 590 String literals which use Huffman encoding are encoded with the 591 Huffman code defined in Appendix B (see examples for requests in 592 Appendix C.4 and for responses in Appendix C.6). The encoded data is 593 the bitwise concatenation of the codes corresponding to each octet of 594 the string literal. 596 As the Huffman encoded data doesn't always end at an octet boundary, 597 some padding is inserted after it, up to the next octet boundary. To 598 prevent this padding to be misinterpreted as part of the string 599 literal, the most significant bits of the code corresponding to the 600 EOS (end-of-string) symbol are used. 602 Upon decoding, an incomplete code at the end of the encoded data is 603 to be considered as padding and discarded. A padding strictly longer 604 than 7 bits MUST be treated as a decoding error. A padding not 605 corresponding to the most significant bits of the code for the EOS 606 symbol MUST be treated as a decoding error. A Huffman encoded string 607 literal containing the EOS symbol MUST be treated as a decoding 608 error. 610 6. Binary Format 612 This section describes the detailed format of each of the different 613 header field representations, plus the encoding context update 614 instruction. 616 6.1. Indexed Header Field Representation 618 An indexed header field representation identifies an entry in either 619 the static table or the dynamic table (see Section 2.3). 621 An indexed header field representation causes a header field to be 622 added to the decoded header list, as described in Section 3.2. 624 0 1 2 3 4 5 6 7 625 +---+---+---+---+---+---+---+---+ 626 | 1 | Index (7+) | 627 +---+---------------------------+ 629 Figure 5: Indexed Header Field 631 An indexed header field starts with the '1' 1-bit pattern, followed 632 by the index of the matching pair, represented as an integer with a 633 7-bit prefix (see Section 5.1). 635 The index value of 0 is not used. It MUST be treated as a decoding 636 error if found in an indexed header field representation. 638 6.2. Literal Header Field Representation 640 A literal header field representation contains a literal header field 641 value. Header field names are either provided as a literal or by 642 reference to an existing table entry, either from the static table or 643 the dynamic table (see Section 2.3). 645 This specification defines three forms of literal header field 646 representations; with indexing, without indexing, and never indexed. 648 6.2.1. Literal Header Field with Incremental Indexing 650 A literal header field with incremental indexing representation 651 results in appending a header field to the decoded header list and 652 inserting it as a new entry into the dynamic table. 654 0 1 2 3 4 5 6 7 655 +---+---+---+---+---+---+---+---+ 656 | 0 | 1 | Index (6+) | 657 +---+---+-----------------------+ 658 | H | Value Length (7+) | 659 +---+---------------------------+ 660 | Value String (Length octets) | 661 +-------------------------------+ 663 Figure 6: Literal Header Field with Incremental Indexing - Indexed 664 Name 666 0 1 2 3 4 5 6 7 667 +---+---+---+---+---+---+---+---+ 668 | 0 | 1 | 0 | 669 +---+---+-----------------------+ 670 | H | Name Length (7+) | 671 +---+---------------------------+ 672 | Name String (Length octets) | 673 +---+---------------------------+ 674 | H | Value Length (7+) | 675 +---+---------------------------+ 676 | Value String (Length octets) | 677 +-------------------------------+ 679 Figure 7: Literal Header Field with Incremental Indexing - New Name 681 A literal header field with incremental indexing representation 682 starts with the '01' 2-bit pattern. 684 If the header field name matches the header field name of an entry 685 stored in the static table or the dynamic table, the header field 686 name can be represented using the index of that entry. In this case, 687 the index of the entry is represented as an integer with a 6-bit 688 prefix (see Section 5.1). This value is always non-zero. 690 Otherwise, the header field name is represented as a literal string 691 (see Section 5.2). A value 0 is used in place of the 6-bit index, 692 followed by the header field name. 694 Either form of header field name representation is followed by the 695 header field value represented as a literal string (see Section 5.2). 697 6.2.2. Literal Header Field without Indexing 699 A literal header field without indexing representation results in 700 appending a header field to the decoded header list without altering 701 the dynamic table. 703 0 1 2 3 4 5 6 7 704 +---+---+---+---+---+---+---+---+ 705 | 0 | 0 | 0 | 0 | Index (4+) | 706 +---+---+-----------------------+ 707 | H | Value Length (7+) | 708 +---+---------------------------+ 709 | Value String (Length octets) | 710 +-------------------------------+ 712 Figure 8: Literal Header Field without Indexing - Indexed Name 714 0 1 2 3 4 5 6 7 715 +---+---+---+---+---+---+---+---+ 716 | 0 | 0 | 0 | 0 | 0 | 717 +---+---+-----------------------+ 718 | H | Name Length (7+) | 719 +---+---------------------------+ 720 | Name String (Length octets) | 721 +---+---------------------------+ 722 | H | Value Length (7+) | 723 +---+---------------------------+ 724 | Value String (Length octets) | 725 +-------------------------------+ 727 Figure 9: Literal Header Field without Indexing - New Name 729 A literal header field without indexing representation starts with 730 the '0000' 4-bit pattern. 732 If the header field name matches the header field name of an entry 733 stored in the static table or the dynamic table, the header field 734 name can be represented using the index of that entry. In this case, 735 the index of the entry is represented as an integer with a 4-bit 736 prefix (see Section 5.1). This value is always non-zero. 738 Otherwise, the header field name is represented as a literal string 739 (see Section 5.2). A value 0 is used in place of the 4-bit index, 740 followed by the header field name. 742 Either form of header field name representation is followed by the 743 header field value represented as a literal string (see Section 5.2). 745 6.2.3. Literal Header Field never Indexed 747 A literal header field never indexed representation results in 748 appending a header field to the decoded header list without altering 749 the dynamic table. Intermediaries MUST use the same representation 750 for encoding this header field. 752 0 1 2 3 4 5 6 7 753 +---+---+---+---+---+---+---+---+ 754 | 0 | 0 | 0 | 1 | Index (4+) | 755 +---+---+-----------------------+ 756 | H | Value Length (7+) | 757 +---+---------------------------+ 758 | Value String (Length octets) | 759 +-------------------------------+ 761 Figure 10: Literal Header Field never Indexed - Indexed Name 763 0 1 2 3 4 5 6 7 764 +---+---+---+---+---+---+---+---+ 765 | 0 | 0 | 0 | 1 | 0 | 766 +---+---+-----------------------+ 767 | H | Name Length (7+) | 768 +---+---------------------------+ 769 | Name String (Length octets) | 770 +---+---------------------------+ 771 | H | Value Length (7+) | 772 +---+---------------------------+ 773 | Value String (Length octets) | 774 +-------------------------------+ 776 Figure 11: Literal Header Field never Indexed - New Name 778 A literal header field never indexed representation starts with the 779 '0001' 4-bit pattern. 781 When a header field is represented as a literal header field never 782 indexed, it MUST always be encoded with this specific literal 783 representation. In particular, when a peer sends a header field that 784 it received represented as a literal header field never indexed, it 785 MUST use the same representation to forward this header field. 787 This representation is intended for protecting header field values 788 that are not to be put at risk by compressing them (see Section 7.1 789 for more details). 791 The encoding of the representation is identical to the literal header 792 field without indexing (see Section 6.2.2). 794 6.3. Dynamic Table Size Update 796 A dynamic table size update signals a change to the size of the 797 dynamic table. 799 0 1 2 3 4 5 6 7 800 +---+---+---+---+---+---+---+---+ 801 | 0 | 0 | 1 | Max size (5+) | 802 +---+---------------------------+ 804 Figure 12: Maximum Dynamic Table Size Change 806 A dynamic table size update starts with the '001' 3-bit pattern, 807 followed by the new maximum size, represented as an integer with a 808 5-bit prefix (see Section 5.1). 810 The new maximum size MUST be lower than or equal to the last value of 811 the SETTINGS_HEADER_TABLE_SIZE parameter (see Section 6.5.2 of 812 [HTTP2]) received from the decoder and acknowledged by the encoder 813 (see Section 6.5.3 of [HTTP2]). 815 Reducing the maximum size of the dynamic table can cause entries to 816 be evicted (see Section 4.3). 818 7. Security Considerations 820 This section describes potential areas of security concern with 821 HPACK: 823 o Use of compression as a length-based oracle for verifying guesses 824 about secrets that are compressed into a shared compression 825 context. 827 o Denial of service resulting from exhausting processing or memory 828 capacity at a decoder. 830 7.1. Probing Dynamic Table State 832 HPACK reduces the length of header field encodings by exploiting the 833 redundancy inherent in protocols like HTTP. The ultimate goal of 834 this is to reduce the amount of data that is required to send HTTP 835 requests or responses. 837 The compression context used to encode header fields can be probed by 838 an attacker who can both define header fields to be encoded and 839 transmitted and observe the length of those fields once they are 840 encoded. When an attacker can do both, they can adaptively modify 841 requests in order to confirm guesses about the dynamic table state. 842 If a guess is compressed into a shorter length, the attacker can 843 observe the encoded length and infer that the guess was correct. 845 This is possible even over TLS, because while TLS provides 846 confidentiality protection for content, it only provides a limited 847 amount of protection for the length of that content. 849 Note: Padding schemes only provide limited protection against an 850 attacker with these capabilities, potentially only forcing an 851 increased number of guesses to learn the length associated with a 852 given guess. Padding schemes also work directly against 853 compression by increasing the number of bits that are transmitted. 855 Attacks like CRIME [CRIME] demonstrated the existence of these 856 general attacker capabilities. The specific attack exploited the 857 fact that DEFLATE [DEFLATE] removes redundancy based on prefix 858 matching. This permitted the attacker to confirm guesses a character 859 at a time, reducing an exponential-time attack into a linear-time 860 attack. 862 7.1.1. Applicability to HPACK and HTTP 864 HPACK mitigates but does not completely prevent attacks modelled on 865 CRIME [CRIME] by forcing a guess to match an entire header field 866 value, rather than individual characters. An attacker can only learn 867 whether a guess is correct or not, so is reduced to a brute force 868 guess for the header field values. 870 The viability of recovering specific header field values therefore 871 depends on the entropy of values. As a result, values with high 872 entropy are unlikely to be recovered successfully. However, values 873 with low entropy remain vulnerable. 875 Attacks of this nature are possible any time that two mutually 876 distrustful entities control requests or responses that are placed 877 onto a single HTTP/2 connection. If the shared HPACK compressor 878 permits one entity to add entries to the dynamic table, and the other 879 to access those entries, then the state of the table can be learned. 881 Having requests or responses from mutually distrustful entities 882 occurs when an intermediary either: 884 o sends requests from multiple clients on a single connection toward 885 an origin server, or 887 o takes responses from multiple origin servers and places them on a 888 shared connection toward a client. 890 Web browsers also need to assume that requests made on the same 891 connection by different web origins [ORIGIN] are made by mutually 892 distrustful entities. 894 7.1.2. Mitigation 896 Users of HTTP that require confidentiality for header fields can use 897 values with entropy sufficient to make guessing infeasible. However, 898 this is impractical as a general solution because it forces all users 899 of HTTP to take steps to mitigate attacks. It would impose new 900 constraints on how HTTP is used. 902 Rather than impose constraints on users of HTTP, an implementation of 903 HPACK can instead constrain how compression is applied in order to 904 limit the potential for dynamic table probing. 906 An ideal solution segregates access to the dynamic table based on the 907 entity that is constructing header fields. Header field values that 908 are added to the table are attributed to an entity, and only the 909 entity that created a particular value can extract that value. 911 To improve compression performance of this option, certain entries 912 might be tagged as being public. For example, a web browser might 913 make the values of the Accept-Encoding header field available in all 914 requests. 916 An encoder without good knowledge of the provenance of header fields 917 might instead introduce a penalty for bad guesses, such that attempts 918 to guess a header field value results in all values being removed 919 from consideration in all future requests, effectively preventing 920 further guesses. 922 Note: Simply removing values from the dynamic table can be 923 ineffectual if the attacker has a reliable way of causing values 924 to be reinstalled. For example, a request to load an image in a 925 web browser typically includes the Cookie header field (a 926 potentially highly valued target for this sort of attack), and web 927 sites can easily force an image to be loaded, thereby refreshing 928 the entry in the dynamic table. 930 This response might be made inversely proportional to the length of 931 the header field. Marking as inaccessible might occur for shorter 932 values more quickly or with higher probability than for longer 933 values. 935 Implementations might also choose to protect certain header fields 936 that are known to be highly valued, such as the Authorization or 937 Cookie header fields, by disabling or further limiting compression. 939 7.1.3. Never Indexed Literals 941 Refusing to generate an indexed representation for a header field is 942 only effective if compression is avoided on all hops. The never 943 indexed literal (see Section 6.2.3) can be used to signal to 944 intermediaries that a particular value was intentionally sent as a 945 literal. An intermediary MUST NOT re-encode a value that uses the 946 never indexed literal with a representation that would index it. 948 7.2. Static Huffman Encoding 950 There is no currently known attack against a fixed Huffman encoding. 951 A study has shown that using a fixed Huffman encoding table created 952 an information leakage, however this same study concluded that an 953 attacker could not take advantage of this information leakage to 954 recover any meaningful amount of information (see [PETAL]). 956 7.3. Memory Consumption 958 An attacker can try to cause an endpoint to exhaust its memory. 959 HPACK is designed to limit both the peak and state amounts of memory 960 allocated by an endpoint. 962 The amount of memory used by the compressor state is limited by the 963 decoder using the value of the HTTP/2 setting parameter 964 SETTINGS_HEADER_TABLE_SIZE (see Section 6.5.2 of [HTTP2]). This 965 limit takes into account both the size of the data stored in the 966 dynamic table, plus a small allowance for overhead. 968 A decoder can limit the amount of state memory used by setting an 969 appropriate value for the SETTINGS_HEADER_TABLE_SIZE parameter. An 970 encoder can limit the amount of state memory it uses by signalling 971 lower dynamic table size than the decoder allows (see Section 6.3). 973 The amount of temporary memory consumed by an encoder or decoder can 974 be limited by processing header fields sequentially. An 975 implementation does not need to retain a complete list of header 976 fields. Note however that it might be necessary for an application 977 to retain a complete header list for other reasons; even though HPACK 978 does not force this to occur, application constraints might make this 979 necessary. 981 7.4. Implementation Limits 983 An implementation of HPACK needs to ensure that large values for 984 integers, long encoding for integers, or long string literals do not 985 create security weaknesses. 987 An implementation has to set a limit for the values it accepts for 988 integers, as well as for the encoded length (see Section 5.1). In 989 the same way, it has to set a limit to the length it accepts for 990 string literals (see Section 5.2). 992 8. Acknowledgements 994 This specification includes substantial input from the following 995 individuals: 997 o Mike Bishop, Jeff Pinner, Julian Reschke, Martin Thomson 998 (substantial editorial contributions). 1000 o Johnny Graettinger (Huffman code statistics). 1002 9. References 1004 9.1. Normative References 1006 [HTTP2] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 1007 Transfer Protocol version 2", draft-ietf-httpbis-http2-16 1008 (work in progress), October 2014. 1010 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1011 Requirement Levels", BCP 14, RFC 2119, March 1997. 1013 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 1014 Protocol (HTTP/1.1): Message Syntax and Routing", RFC 1015 7230, June 2014. 1017 9.2. Informative References 1019 [CANONICAL] 1020 Schwartz, E. and B. Kallick, "Generating a canonical 1021 prefix encoding", Communications of the ACM Volume 7 Issue 1022 3, pp. 166-169, March 1964, . 1025 [CRIME] Rizzo, J. and T. Duong, "The CRIME Attack", September 1026 2012, . 1030 [DEFLATE] Deutsch, P., "DEFLATE Compressed Data Format Specification 1031 version 1.3", RFC 1951, May 1996. 1033 [HUFFMAN] Huffman, D., "A Method for the Construction of Minimum 1034 Redundancy Codes", Proceedings of the Institute of Radio 1035 Engineers Volume 40, Number 9, pp. 1098-1101, September 1036 1952, . 1039 [ORIGIN] Barth, A., "The Web Origin Concept", RFC 6454, December 1040 2011. 1042 [PETAL] Tan, J. and J. Nahata, "PETAL: Preset Encoding 1043 Table Information Leakage", April 2013, 1044 . 1047 [SPDY] Belshe, M. and R. Peon, "SPDY Protocol", draft-mbelshe- 1048 httpbis-spdy-00 (work in progress), February 2012. 1050 Appendix A. Static Table Definition 1052 The static table (see Section 2.3.1) consists of a predefined and 1053 unchangeable list of header fields. 1055 The static table was created by listing the most common header fields 1056 that are valid for messages exchanged inside a HTTP/2 connection. 1057 For header fields with a few frequent values, an entry was added for 1058 each of these frequent values. For other header fields, an entry was 1059 added with an empty value. 1061 The following table lists the pre-defined header fields that make-up 1062 the static table. 1064 +-------+-----------------------------+---------------+ 1065 | Index | Header Name | Header Value | 1066 +-------+-----------------------------+---------------+ 1067 | 1 | :authority | | 1068 | 2 | :method | GET | 1069 | 3 | :method | POST | 1070 | 4 | :path | / | 1071 | 5 | :path | /index.html | 1072 | 6 | :scheme | http | 1073 | 7 | :scheme | https | 1074 | 8 | :status | 200 | 1075 | 9 | :status | 204 | 1076 | 10 | :status | 206 | 1077 | 11 | :status | 304 | 1078 | 12 | :status | 400 | 1079 | 13 | :status | 404 | 1080 | 14 | :status | 500 | 1081 | 15 | accept-charset | | 1082 | 16 | accept-encoding | gzip, deflate | 1083 | 17 | accept-language | | 1084 | 18 | accept-ranges | | 1085 | 19 | accept | | 1086 | 20 | access-control-allow-origin | | 1087 | 21 | age | | 1088 | 22 | allow | | 1089 | 23 | authorization | | 1090 | 24 | cache-control | | 1091 | 25 | content-disposition | | 1092 | 26 | content-encoding | | 1093 | 27 | content-language | | 1094 | 28 | content-length | | 1095 | 29 | content-location | | 1096 | 30 | content-range | | 1097 | 31 | content-type | | 1098 | 32 | cookie | | 1099 | 33 | date | | 1100 | 34 | etag | | 1101 | 35 | expect | | 1102 | 36 | expires | | 1103 | 37 | from | | 1104 | 38 | host | | 1105 | 39 | if-match | | 1106 | 40 | if-modified-since | | 1107 | 41 | if-none-match | | 1108 | 42 | if-range | | 1109 | 43 | if-unmodified-since | | 1110 | 44 | last-modified | | 1111 | 45 | link | | 1112 | 46 | location | | 1113 | 47 | max-forwards | | 1114 | 48 | proxy-authenticate | | 1115 | 49 | proxy-authorization | | 1116 | 50 | range | | 1117 | 51 | referer | | 1118 | 52 | refresh | | 1119 | 53 | retry-after | | 1120 | 54 | server | | 1121 | 55 | set-cookie | | 1122 | 56 | strict-transport-security | | 1123 | 57 | transfer-encoding | | 1124 | 58 | user-agent | | 1125 | 59 | vary | | 1126 | 60 | via | | 1127 | 61 | www-authenticate | | 1128 +-------+-----------------------------+---------------+ 1130 Table 1: Static Table Entries 1132 Table 1 gives the index of each entry in the static table. 1134 Appendix B. Huffman Code 1136 The following Huffman code is used when encoding string literals with 1137 a Huffman coding (see Section 5.2). 1139 This Huffman code was generated from statistics obtained on a large 1140 sample of HTTP headers. It is a canonical Huffman code (see 1141 [CANONICAL]) with some tweaking to ensure that no symbol has a unique 1142 code length. 1144 Each row in the table defines the code used to represent a symbol: 1146 sym: The symbol to be represented. It is the decimal value of an 1147 octet, possibly prepended with its ASCII representation. A 1148 specific symbol, "EOS", is used to indicate the end of a string 1149 literal. 1151 code as bits: The Huffman code for the symbol represented as a 1152 base-2 integer, aligned on the most significant bit (MSB). 1154 code as hex: The Huffman code for the symbol, represented as a 1155 hexadecimal integer, aligned on the least significant bit (LSB). 1157 len: The number of bits for the code representing the symbol. 1159 As an example, the code for the symbol 47 (corresponding to the ASCII 1160 character "/") consists in the 6 bits "0", "1", "1", "0", "0", "0". 1161 This corresponds to the value 0x18 (in hexadecimal) encoded on 6 1162 bits. 1164 code 1165 code as bits as hex len 1166 sym aligned to MSB aligned in 1167 to LSB bits 1168 ( 0) |11111111|11000 1ff8 [13] 1169 ( 1) |11111111|11111111|1011000 7fffd8 [23] 1170 ( 2) |11111111|11111111|11111110|0010 fffffe2 [28] 1171 ( 3) |11111111|11111111|11111110|0011 fffffe3 [28] 1172 ( 4) |11111111|11111111|11111110|0100 fffffe4 [28] 1173 ( 5) |11111111|11111111|11111110|0101 fffffe5 [28] 1174 ( 6) |11111111|11111111|11111110|0110 fffffe6 [28] 1175 ( 7) |11111111|11111111|11111110|0111 fffffe7 [28] 1176 ( 8) |11111111|11111111|11111110|1000 fffffe8 [28] 1177 ( 9) |11111111|11111111|11101010 ffffea [24] 1178 ( 10) |11111111|11111111|11111111|111100 3ffffffc [30] 1179 ( 11) |11111111|11111111|11111110|1001 fffffe9 [28] 1180 ( 12) |11111111|11111111|11111110|1010 fffffea [28] 1181 ( 13) |11111111|11111111|11111111|111101 3ffffffd [30] 1182 ( 14) |11111111|11111111|11111110|1011 fffffeb [28] 1183 ( 15) |11111111|11111111|11111110|1100 fffffec [28] 1184 ( 16) |11111111|11111111|11111110|1101 fffffed [28] 1185 ( 17) |11111111|11111111|11111110|1110 fffffee [28] 1186 ( 18) |11111111|11111111|11111110|1111 fffffef [28] 1187 ( 19) |11111111|11111111|11111111|0000 ffffff0 [28] 1188 ( 20) |11111111|11111111|11111111|0001 ffffff1 [28] 1189 ( 21) |11111111|11111111|11111111|0010 ffffff2 [28] 1190 ( 22) |11111111|11111111|11111111|111110 3ffffffe [30] 1191 ( 23) |11111111|11111111|11111111|0011 ffffff3 [28] 1192 ( 24) |11111111|11111111|11111111|0100 ffffff4 [28] 1193 ( 25) |11111111|11111111|11111111|0101 ffffff5 [28] 1194 ( 26) |11111111|11111111|11111111|0110 ffffff6 [28] 1195 ( 27) |11111111|11111111|11111111|0111 ffffff7 [28] 1196 ( 28) |11111111|11111111|11111111|1000 ffffff8 [28] 1197 ( 29) |11111111|11111111|11111111|1001 ffffff9 [28] 1198 ( 30) |11111111|11111111|11111111|1010 ffffffa [28] 1199 ( 31) |11111111|11111111|11111111|1011 ffffffb [28] 1200 ' ' ( 32) |010100 14 [ 6] 1201 '!' ( 33) |11111110|00 3f8 [10] 1202 '"' ( 34) |11111110|01 3f9 [10] 1203 '#' ( 35) |11111111|1010 ffa [12] 1204 '$' ( 36) |11111111|11001 1ff9 [13] 1205 '%' ( 37) |010101 15 [ 6] 1206 '&' ( 38) |11111000 f8 [ 8] 1207 ''' ( 39) |11111111|010 7fa [11] 1208 '(' ( 40) |11111110|10 3fa [10] 1209 ')' ( 41) |11111110|11 3fb [10] 1210 '*' ( 42) |11111001 f9 [ 8] 1211 '+' ( 43) |11111111|011 7fb [11] 1212 ',' ( 44) |11111010 fa [ 8] 1213 '-' ( 45) |010110 16 [ 6] 1214 '.' ( 46) |010111 17 [ 6] 1215 '/' ( 47) |011000 18 [ 6] 1216 '0' ( 48) |00000 0 [ 5] 1217 '1' ( 49) |00001 1 [ 5] 1218 '2' ( 50) |00010 2 [ 5] 1219 '3' ( 51) |011001 19 [ 6] 1220 '4' ( 52) |011010 1a [ 6] 1221 '5' ( 53) |011011 1b [ 6] 1222 '6' ( 54) |011100 1c [ 6] 1223 '7' ( 55) |011101 1d [ 6] 1224 '8' ( 56) |011110 1e [ 6] 1225 '9' ( 57) |011111 1f [ 6] 1226 ':' ( 58) |1011100 5c [ 7] 1227 ';' ( 59) |11111011 fb [ 8] 1228 '<' ( 60) |11111111|1111100 7ffc [15] 1229 '=' ( 61) |100000 20 [ 6] 1230 '>' ( 62) |11111111|1011 ffb [12] 1231 '?' ( 63) |11111111|00 3fc [10] 1232 '@' ( 64) |11111111|11010 1ffa [13] 1233 'A' ( 65) |100001 21 [ 6] 1234 'B' ( 66) |1011101 5d [ 7] 1235 'C' ( 67) |1011110 5e [ 7] 1236 'D' ( 68) |1011111 5f [ 7] 1237 'E' ( 69) |1100000 60 [ 7] 1238 'F' ( 70) |1100001 61 [ 7] 1239 'G' ( 71) |1100010 62 [ 7] 1240 'H' ( 72) |1100011 63 [ 7] 1241 'I' ( 73) |1100100 64 [ 7] 1242 'J' ( 74) |1100101 65 [ 7] 1243 'K' ( 75) |1100110 66 [ 7] 1244 'L' ( 76) |1100111 67 [ 7] 1245 'M' ( 77) |1101000 68 [ 7] 1246 'N' ( 78) |1101001 69 [ 7] 1247 'O' ( 79) |1101010 6a [ 7] 1248 'P' ( 80) |1101011 6b [ 7] 1249 'Q' ( 81) |1101100 6c [ 7] 1250 'R' ( 82) |1101101 6d [ 7] 1251 'S' ( 83) |1101110 6e [ 7] 1252 'T' ( 84) |1101111 6f [ 7] 1253 'U' ( 85) |1110000 70 [ 7] 1254 'V' ( 86) |1110001 71 [ 7] 1255 'W' ( 87) |1110010 72 [ 7] 1256 'X' ( 88) |11111100 fc [ 8] 1257 'Y' ( 89) |1110011 73 [ 7] 1258 'Z' ( 90) |11111101 fd [ 8] 1259 '[' ( 91) |11111111|11011 1ffb [13] 1260 '\' ( 92) |11111111|11111110|000 7fff0 [19] 1261 ']' ( 93) |11111111|11100 1ffc [13] 1262 '^' ( 94) |11111111|111100 3ffc [14] 1263 '_' ( 95) |100010 22 [ 6] 1264 '`' ( 96) |11111111|1111101 7ffd [15] 1265 'a' ( 97) |00011 3 [ 5] 1266 'b' ( 98) |100011 23 [ 6] 1267 'c' ( 99) |00100 4 [ 5] 1268 'd' (100) |100100 24 [ 6] 1269 'e' (101) |00101 5 [ 5] 1270 'f' (102) |100101 25 [ 6] 1271 'g' (103) |100110 26 [ 6] 1272 'h' (104) |100111 27 [ 6] 1273 'i' (105) |00110 6 [ 5] 1274 'j' (106) |1110100 74 [ 7] 1275 'k' (107) |1110101 75 [ 7] 1276 'l' (108) |101000 28 [ 6] 1277 'm' (109) |101001 29 [ 6] 1278 'n' (110) |101010 2a [ 6] 1279 'o' (111) |00111 7 [ 5] 1280 'p' (112) |101011 2b [ 6] 1281 'q' (113) |1110110 76 [ 7] 1282 'r' (114) |101100 2c [ 6] 1283 's' (115) |01000 8 [ 5] 1284 't' (116) |01001 9 [ 5] 1285 'u' (117) |101101 2d [ 6] 1286 'v' (118) |1110111 77 [ 7] 1287 'w' (119) |1111000 78 [ 7] 1288 'x' (120) |1111001 79 [ 7] 1289 'y' (121) |1111010 7a [ 7] 1290 'z' (122) |1111011 7b [ 7] 1291 '{' (123) |11111111|1111110 7ffe [15] 1292 '|' (124) |11111111|100 7fc [11] 1293 '}' (125) |11111111|111101 3ffd [14] 1294 '~' (126) |11111111|11101 1ffd [13] 1295 (127) |11111111|11111111|11111111|1100 ffffffc [28] 1296 (128) |11111111|11111110|0110 fffe6 [20] 1297 (129) |11111111|11111111|010010 3fffd2 [22] 1298 (130) |11111111|11111110|0111 fffe7 [20] 1299 (131) |11111111|11111110|1000 fffe8 [20] 1300 (132) |11111111|11111111|010011 3fffd3 [22] 1301 (133) |11111111|11111111|010100 3fffd4 [22] 1302 (134) |11111111|11111111|010101 3fffd5 [22] 1303 (135) |11111111|11111111|1011001 7fffd9 [23] 1304 (136) |11111111|11111111|010110 3fffd6 [22] 1305 (137) |11111111|11111111|1011010 7fffda [23] 1306 (138) |11111111|11111111|1011011 7fffdb [23] 1307 (139) |11111111|11111111|1011100 7fffdc [23] 1308 (140) |11111111|11111111|1011101 7fffdd [23] 1309 (141) |11111111|11111111|1011110 7fffde [23] 1310 (142) |11111111|11111111|11101011 ffffeb [24] 1311 (143) |11111111|11111111|1011111 7fffdf [23] 1312 (144) |11111111|11111111|11101100 ffffec [24] 1313 (145) |11111111|11111111|11101101 ffffed [24] 1314 (146) |11111111|11111111|010111 3fffd7 [22] 1315 (147) |11111111|11111111|1100000 7fffe0 [23] 1316 (148) |11111111|11111111|11101110 ffffee [24] 1317 (149) |11111111|11111111|1100001 7fffe1 [23] 1318 (150) |11111111|11111111|1100010 7fffe2 [23] 1319 (151) |11111111|11111111|1100011 7fffe3 [23] 1320 (152) |11111111|11111111|1100100 7fffe4 [23] 1321 (153) |11111111|11111110|11100 1fffdc [21] 1322 (154) |11111111|11111111|011000 3fffd8 [22] 1323 (155) |11111111|11111111|1100101 7fffe5 [23] 1324 (156) |11111111|11111111|011001 3fffd9 [22] 1325 (157) |11111111|11111111|1100110 7fffe6 [23] 1326 (158) |11111111|11111111|1100111 7fffe7 [23] 1327 (159) |11111111|11111111|11101111 ffffef [24] 1328 (160) |11111111|11111111|011010 3fffda [22] 1329 (161) |11111111|11111110|11101 1fffdd [21] 1330 (162) |11111111|11111110|1001 fffe9 [20] 1331 (163) |11111111|11111111|011011 3fffdb [22] 1332 (164) |11111111|11111111|011100 3fffdc [22] 1333 (165) |11111111|11111111|1101000 7fffe8 [23] 1334 (166) |11111111|11111111|1101001 7fffe9 [23] 1335 (167) |11111111|11111110|11110 1fffde [21] 1336 (168) |11111111|11111111|1101010 7fffea [23] 1337 (169) |11111111|11111111|011101 3fffdd [22] 1338 (170) |11111111|11111111|011110 3fffde [22] 1339 (171) |11111111|11111111|11110000 fffff0 [24] 1340 (172) |11111111|11111110|11111 1fffdf [21] 1341 (173) |11111111|11111111|011111 3fffdf [22] 1342 (174) |11111111|11111111|1101011 7fffeb [23] 1343 (175) |11111111|11111111|1101100 7fffec [23] 1344 (176) |11111111|11111111|00000 1fffe0 [21] 1345 (177) |11111111|11111111|00001 1fffe1 [21] 1346 (178) |11111111|11111111|100000 3fffe0 [22] 1347 (179) |11111111|11111111|00010 1fffe2 [21] 1348 (180) |11111111|11111111|1101101 7fffed [23] 1349 (181) |11111111|11111111|100001 3fffe1 [22] 1350 (182) |11111111|11111111|1101110 7fffee [23] 1351 (183) |11111111|11111111|1101111 7fffef [23] 1352 (184) |11111111|11111110|1010 fffea [20] 1353 (185) |11111111|11111111|100010 3fffe2 [22] 1354 (186) |11111111|11111111|100011 3fffe3 [22] 1355 (187) |11111111|11111111|100100 3fffe4 [22] 1356 (188) |11111111|11111111|1110000 7ffff0 [23] 1357 (189) |11111111|11111111|100101 3fffe5 [22] 1358 (190) |11111111|11111111|100110 3fffe6 [22] 1359 (191) |11111111|11111111|1110001 7ffff1 [23] 1360 (192) |11111111|11111111|11111000|00 3ffffe0 [26] 1361 (193) |11111111|11111111|11111000|01 3ffffe1 [26] 1362 (194) |11111111|11111110|1011 fffeb [20] 1363 (195) |11111111|11111110|001 7fff1 [19] 1364 (196) |11111111|11111111|100111 3fffe7 [22] 1365 (197) |11111111|11111111|1110010 7ffff2 [23] 1366 (198) |11111111|11111111|101000 3fffe8 [22] 1367 (199) |11111111|11111111|11110110|0 1ffffec [25] 1368 (200) |11111111|11111111|11111000|10 3ffffe2 [26] 1369 (201) |11111111|11111111|11111000|11 3ffffe3 [26] 1370 (202) |11111111|11111111|11111001|00 3ffffe4 [26] 1371 (203) |11111111|11111111|11111011|110 7ffffde [27] 1372 (204) |11111111|11111111|11111011|111 7ffffdf [27] 1373 (205) |11111111|11111111|11111001|01 3ffffe5 [26] 1374 (206) |11111111|11111111|11110001 fffff1 [24] 1375 (207) |11111111|11111111|11110110|1 1ffffed [25] 1376 (208) |11111111|11111110|010 7fff2 [19] 1377 (209) |11111111|11111111|00011 1fffe3 [21] 1378 (210) |11111111|11111111|11111001|10 3ffffe6 [26] 1379 (211) |11111111|11111111|11111100|000 7ffffe0 [27] 1380 (212) |11111111|11111111|11111100|001 7ffffe1 [27] 1381 (213) |11111111|11111111|11111001|11 3ffffe7 [26] 1382 (214) |11111111|11111111|11111100|010 7ffffe2 [27] 1383 (215) |11111111|11111111|11110010 fffff2 [24] 1384 (216) |11111111|11111111|00100 1fffe4 [21] 1385 (217) |11111111|11111111|00101 1fffe5 [21] 1386 (218) |11111111|11111111|11111010|00 3ffffe8 [26] 1387 (219) |11111111|11111111|11111010|01 3ffffe9 [26] 1388 (220) |11111111|11111111|11111111|1101 ffffffd [28] 1389 (221) |11111111|11111111|11111100|011 7ffffe3 [27] 1390 (222) |11111111|11111111|11111100|100 7ffffe4 [27] 1391 (223) |11111111|11111111|11111100|101 7ffffe5 [27] 1392 (224) |11111111|11111110|1100 fffec [20] 1393 (225) |11111111|11111111|11110011 fffff3 [24] 1394 (226) |11111111|11111110|1101 fffed [20] 1395 (227) |11111111|11111111|00110 1fffe6 [21] 1396 (228) |11111111|11111111|101001 3fffe9 [22] 1397 (229) |11111111|11111111|00111 1fffe7 [21] 1398 (230) |11111111|11111111|01000 1fffe8 [21] 1399 (231) |11111111|11111111|1110011 7ffff3 [23] 1400 (232) |11111111|11111111|101010 3fffea [22] 1401 (233) |11111111|11111111|101011 3fffeb [22] 1402 (234) |11111111|11111111|11110111|0 1ffffee [25] 1403 (235) |11111111|11111111|11110111|1 1ffffef [25] 1404 (236) |11111111|11111111|11110100 fffff4 [24] 1405 (237) |11111111|11111111|11110101 fffff5 [24] 1406 (238) |11111111|11111111|11111010|10 3ffffea [26] 1407 (239) |11111111|11111111|1110100 7ffff4 [23] 1408 (240) |11111111|11111111|11111010|11 3ffffeb [26] 1409 (241) |11111111|11111111|11111100|110 7ffffe6 [27] 1410 (242) |11111111|11111111|11111011|00 3ffffec [26] 1411 (243) |11111111|11111111|11111011|01 3ffffed [26] 1412 (244) |11111111|11111111|11111100|111 7ffffe7 [27] 1413 (245) |11111111|11111111|11111101|000 7ffffe8 [27] 1414 (246) |11111111|11111111|11111101|001 7ffffe9 [27] 1415 (247) |11111111|11111111|11111101|010 7ffffea [27] 1416 (248) |11111111|11111111|11111101|011 7ffffeb [27] 1417 (249) |11111111|11111111|11111111|1110 ffffffe [28] 1418 (250) |11111111|11111111|11111101|100 7ffffec [27] 1419 (251) |11111111|11111111|11111101|101 7ffffed [27] 1420 (252) |11111111|11111111|11111101|110 7ffffee [27] 1421 (253) |11111111|11111111|11111101|111 7ffffef [27] 1422 (254) |11111111|11111111|11111110|000 7fffff0 [27] 1423 (255) |11111111|11111111|11111011|10 3ffffee [26] 1424 EOS (256) |11111111|11111111|11111111|111111 3fffffff [30] 1426 Appendix C. Examples 1428 A number of examples are worked through here, covering integer 1429 encoding, header field representation, and the encoding of whole 1430 lists of header fields, for both requests and responses, and with and 1431 without Huffman coding. 1433 C.1. Integer Representation Examples 1435 This section shows the representation of integer values in details 1436 (see Section 5.1). 1438 C.1.1. Example 1: Encoding 10 Using a 5-bit Prefix 1440 The value 10 is to be encoded with a 5-bit prefix. 1442 o 10 is less than 31 (2^5 - 1) and is represented using the 5-bit 1443 prefix. 1445 0 1 2 3 4 5 6 7 1446 +---+---+---+---+---+---+---+---+ 1447 | X | X | X | 0 | 1 | 0 | 1 | 0 | 10 stored on 5 bits 1448 +---+---+---+---+---+---+---+---+ 1450 C.1.2. Example 2: Encoding 1337 Using a 5-bit Prefix 1452 The value I=1337 is to be encoded with a 5-bit prefix. 1454 1337 is greater than 31 (2^5 - 1). 1456 The 5-bit prefix is filled with its max value (31). 1458 I = 1337 - (2^5 - 1) = 1306. 1460 I (1306) is greater than or equal to 128, the while loop body 1461 executes: 1463 I % 128 == 26 1465 26 + 128 == 154 1467 154 is encoded in 8 bits as: 10011010 1469 I is set to 10 (1306 / 128 == 10) 1471 I is no longer greater than or equal to 128, the while loop 1472 terminates. 1474 I, now 10, is encoded on 8 bits as: 00001010. 1476 The process ends. 1478 0 1 2 3 4 5 6 7 1479 +---+---+---+---+---+---+---+---+ 1480 | X | X | X | 1 | 1 | 1 | 1 | 1 | Prefix = 31, I = 1306 1481 | 1 | 0 | 0 | 1 | 1 | 0 | 1 | 0 | 1306>=128, encode(154), I=1306/128 1482 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 10<128, encode(10), done 1483 +---+---+---+---+---+---+---+---+ 1485 C.1.3. Example 3: Encoding 42 Starting at an Octet Boundary 1487 The value 42 is to be encoded starting at an octet-boundary. This 1488 implies that a 8-bit prefix is used. 1490 o 42 is less than 255 (2^8 - 1) and is represented using the 8-bit 1491 prefix. 1493 0 1 2 3 4 5 6 7 1494 +---+---+---+---+---+---+---+---+ 1495 | 0 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 42 stored on 8 bits 1496 +---+---+---+---+---+---+---+---+ 1498 C.2. Header Field Representation Examples 1500 This section shows several independent representation examples. 1502 C.2.1. Literal Header Field with Indexing 1504 The header field representation uses a literal name and a literal 1505 value. The header field is added to the dynamic table. 1507 Header list to encode: 1509 custom-key: custom-header 1511 Hex dump of encoded data: 1513 400a 6375 7374 6f6d 2d6b 6579 0d63 7573 | @.custom-key.cus 1514 746f 6d2d 6865 6164 6572 | tom-header 1515 Decoding process: 1517 40 | == Literal indexed == 1518 0a | Literal name (len = 10) 1519 6375 7374 6f6d 2d6b 6579 | custom-key 1520 0d | Literal value (len = 13) 1521 6375 7374 6f6d 2d68 6561 6465 72 | custom-header 1522 | -> custom-key: custom-head\ 1523 | er 1525 Dynamic Table (after decoding): 1527 [ 1] (s = 55) custom-key: custom-header 1528 Table size: 55 1530 Decoded header list: 1532 custom-key: custom-header 1534 C.2.2. Literal Header Field without Indexing 1536 The header field representation uses an indexed name and a literal 1537 value. The header field is not added to the dynamic table. 1539 Header list to encode: 1541 :path: /sample/path 1543 Hex dump of encoded data: 1545 040c 2f73 616d 706c 652f 7061 7468 | ../sample/path 1547 Decoding process: 1549 04 | == Literal not indexed == 1550 | Indexed name (idx = 4) 1551 | :path 1552 0c | Literal value (len = 12) 1553 2f73 616d 706c 652f 7061 7468 | /sample/path 1554 | -> :path: /sample/path 1556 Dynamic table (after decoding): empty. 1558 Decoded header list: 1560 :path: /sample/path 1562 C.2.3. Literal Header Field never Indexed 1564 The header field representation uses a literal name and a literal 1565 value. The header field is not added to the dynamic table, and must 1566 use the same representation if re-encoded by an intermediary. 1568 Header list to encode: 1570 password: secret 1572 Hex dump of encoded data: 1574 1008 7061 7373 776f 7264 0673 6563 7265 | ..password.secre 1575 74 | t 1577 Decoding process: 1579 10 | == Literal never indexed == 1580 08 | Literal name (len = 8) 1581 7061 7373 776f 7264 | password 1582 06 | Literal value (len = 6) 1583 7365 6372 6574 | secret 1584 | -> password: secret 1586 Dynamic table (after decoding): empty. 1588 Decoded header list: 1590 password: secret 1592 C.2.4. Indexed Header Field 1594 The header field representation uses an indexed header field, from 1595 the static table. 1597 Header list to encode: 1599 :method: GET 1601 Hex dump of encoded data: 1603 82 | . 1605 Decoding process: 1607 82 | == Indexed - Add == 1608 | idx = 2 1609 | -> :method: GET 1611 Dynamic table (after decoding): empty. 1613 Decoded header list: 1615 :method: GET 1617 C.3. Request Examples without Huffman Coding 1619 This section shows several consecutive header lists, corresponding to 1620 HTTP requests, on the same connection. 1622 C.3.1. First Request 1624 Header list to encode: 1626 :method: GET 1627 :scheme: http 1628 :path: / 1629 :authority: www.example.com 1631 Hex dump of encoded data: 1633 8286 8441 0f77 7777 2e65 7861 6d70 6c65 | ...A.www.example 1634 2e63 6f6d | .com 1636 Decoding process: 1638 82 | == Indexed - Add == 1639 | idx = 2 1640 | -> :method: GET 1641 86 | == Indexed - Add == 1642 | idx = 6 1643 | -> :scheme: http 1644 84 | == Indexed - Add == 1645 | idx = 4 1646 | -> :path: / 1647 41 | == Literal indexed == 1648 | Indexed name (idx = 1) 1649 | :authority 1650 0f | Literal value (len = 15) 1651 7777 772e 6578 616d 706c 652e 636f 6d | www.example.com 1652 | -> :authority: www.example\ 1653 | .com 1655 Dynamic Table (after decoding): 1657 [ 1] (s = 57) :authority: www.example.com 1658 Table size: 57 1660 Decoded header list: 1662 :method: GET 1663 :scheme: http 1664 :path: / 1665 :authority: www.example.com 1667 C.3.2. Second Request 1669 Header list to encode: 1671 :method: GET 1672 :scheme: http 1673 :path: / 1674 :authority: www.example.com 1675 cache-control: no-cache 1677 Hex dump of encoded data: 1679 8286 84be 5808 6e6f 2d63 6163 6865 | ....X.no-cache 1681 Decoding process: 1683 82 | == Indexed - Add == 1684 | idx = 2 1685 | -> :method: GET 1686 86 | == Indexed - Add == 1687 | idx = 6 1688 | -> :scheme: http 1689 84 | == Indexed - Add == 1690 | idx = 4 1691 | -> :path: / 1692 be | == Indexed - Add == 1693 | idx = 62 1694 | -> :authority: www.example\ 1695 | .com 1696 58 | == Literal indexed == 1697 | Indexed name (idx = 24) 1698 | cache-control 1699 08 | Literal value (len = 8) 1700 6e6f 2d63 6163 6865 | no-cache 1701 | -> cache-control: no-cache 1703 Dynamic Table (after decoding): 1705 [ 1] (s = 53) cache-control: no-cache 1706 [ 2] (s = 57) :authority: www.example.com 1707 Table size: 110 1709 Decoded header list: 1711 :method: GET 1712 :scheme: http 1713 :path: / 1714 :authority: www.example.com 1715 cache-control: no-cache 1717 C.3.3. Third Request 1719 Header list to encode: 1721 :method: GET 1722 :scheme: https 1723 :path: /index.html 1724 :authority: www.example.com 1725 custom-key: custom-value 1727 Hex dump of encoded data: 1729 8287 85bf 400a 6375 7374 6f6d 2d6b 6579 | ....@.custom-key 1730 0c63 7573 746f 6d2d 7661 6c75 65 | .custom-value 1732 Decoding process: 1734 82 | == Indexed - Add == 1735 | idx = 2 1736 | -> :method: GET 1737 87 | == Indexed - Add == 1738 | idx = 7 1739 | -> :scheme: https 1740 85 | == Indexed - Add == 1741 | idx = 5 1742 | -> :path: /index.html 1743 bf | == Indexed - Add == 1744 | idx = 63 1745 | -> :authority: www.example\ 1746 | .com 1747 40 | == Literal indexed == 1748 0a | Literal name (len = 10) 1749 6375 7374 6f6d 2d6b 6579 | custom-key 1750 0c | Literal value (len = 12) 1751 6375 7374 6f6d 2d76 616c 7565 | custom-value 1752 | -> custom-key: custom-valu\ 1753 | e 1755 Dynamic Table (after decoding): 1757 [ 1] (s = 54) custom-key: custom-value 1758 [ 2] (s = 53) cache-control: no-cache 1759 [ 3] (s = 57) :authority: www.example.com 1760 Table size: 164 1762 Decoded header list: 1764 :method: GET 1765 :scheme: https 1766 :path: /index.html 1767 :authority: www.example.com 1768 custom-key: custom-value 1770 C.4. Request Examples with Huffman Coding 1772 This section shows the same examples as the previous section, but 1773 using Huffman encoding for the literal values. 1775 C.4.1. First Request 1777 Header list to encode: 1779 :method: GET 1780 :scheme: http 1781 :path: / 1782 :authority: www.example.com 1784 Hex dump of encoded data: 1786 8286 8441 8cf1 e3c2 e5f2 3a6b a0ab 90f4 | ...A......:k.... 1787 ff | . 1789 Decoding process: 1791 82 | == Indexed - Add == 1792 | idx = 2 1793 | -> :method: GET 1794 86 | == Indexed - Add == 1795 | idx = 6 1796 | -> :scheme: http 1797 84 | == Indexed - Add == 1798 | idx = 4 1799 | -> :path: / 1800 41 | == Literal indexed == 1801 | Indexed name (idx = 1) 1802 | :authority 1803 8c | Literal value (len = 12) 1804 | Huffman encoded: 1805 f1e3 c2e5 f23a 6ba0 ab90 f4ff | .....:k..... 1806 | Decoded: 1807 | www.example.com 1808 | -> :authority: www.example\ 1809 | .com 1811 Dynamic Table (after decoding): 1813 [ 1] (s = 57) :authority: www.example.com 1814 Table size: 57 1816 Decoded header list: 1818 :method: GET 1819 :scheme: http 1820 :path: / 1821 :authority: www.example.com 1823 C.4.2. Second Request 1825 Header list to encode: 1827 :method: GET 1828 :scheme: http 1829 :path: / 1830 :authority: www.example.com 1831 cache-control: no-cache 1833 Hex dump of encoded data: 1835 8286 84be 5886 a8eb 1064 9cbf | ....X....d.. 1837 Decoding process: 1839 82 | == Indexed - Add == 1840 | idx = 2 1841 | -> :method: GET 1842 86 | == Indexed - Add == 1843 | idx = 6 1844 | -> :scheme: http 1845 84 | == Indexed - Add == 1846 | idx = 4 1847 | -> :path: / 1848 be | == Indexed - Add == 1849 | idx = 62 1850 | -> :authority: www.example\ 1851 | .com 1852 58 | == Literal indexed == 1853 | Indexed name (idx = 24) 1854 | cache-control 1855 86 | Literal value (len = 6) 1856 | Huffman encoded: 1857 a8eb 1064 9cbf | ...d.. 1858 | Decoded: 1859 | no-cache 1860 | -> cache-control: no-cache 1862 Dynamic Table (after decoding): 1864 [ 1] (s = 53) cache-control: no-cache 1865 [ 2] (s = 57) :authority: www.example.com 1866 Table size: 110 1868 Decoded header list: 1870 :method: GET 1871 :scheme: http 1872 :path: / 1873 :authority: www.example.com 1874 cache-control: no-cache 1876 C.4.3. Third Request 1878 Header list to encode: 1880 :method: GET 1881 :scheme: https 1882 :path: /index.html 1883 :authority: www.example.com 1884 custom-key: custom-value 1885 Hex dump of encoded data: 1887 8287 85bf 4088 25a8 49e9 5ba9 7d7f 8925 | ....@.%.I.[.}..% 1888 a849 e95b b8e8 b4bf | .I.[.... 1890 Decoding process: 1892 82 | == Indexed - Add == 1893 | idx = 2 1894 | -> :method: GET 1895 87 | == Indexed - Add == 1896 | idx = 7 1897 | -> :scheme: https 1898 85 | == Indexed - Add == 1899 | idx = 5 1900 | -> :path: /index.html 1901 bf | == Indexed - Add == 1902 | idx = 63 1903 | -> :authority: www.example\ 1904 | .com 1905 40 | == Literal indexed == 1906 88 | Literal name (len = 8) 1907 | Huffman encoded: 1908 25a8 49e9 5ba9 7d7f | %.I.[.}. 1909 | Decoded: 1910 | custom-key 1911 89 | Literal value (len = 9) 1912 | Huffman encoded: 1913 25a8 49e9 5bb8 e8b4 bf | %.I.[.... 1914 | Decoded: 1915 | custom-value 1916 | -> custom-key: custom-valu\ 1917 | e 1919 Dynamic Table (after decoding): 1921 [ 1] (s = 54) custom-key: custom-value 1922 [ 2] (s = 53) cache-control: no-cache 1923 [ 3] (s = 57) :authority: www.example.com 1924 Table size: 164 1926 Decoded header list: 1928 :method: GET 1929 :scheme: https 1930 :path: /index.html 1931 :authority: www.example.com 1932 custom-key: custom-value 1934 C.5. Response Examples without Huffman Coding 1936 This section shows several consecutive header lists, corresponding to 1937 HTTP responses, on the same connection. The HTTP/2 setting parameter 1938 SETTINGS_HEADER_TABLE_SIZE is set to the value of 256 octets, causing 1939 some evictions to occur. 1941 C.5.1. First Response 1943 Header list to encode: 1945 :status: 302 1946 cache-control: private 1947 date: Mon, 21 Oct 2013 20:13:21 GMT 1948 location: https://www.example.com 1950 Hex dump of encoded data: 1952 4803 3330 3258 0770 7269 7661 7465 611d | H.302X.privatea. 1953 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013 1954 2032 303a 3133 3a32 3120 474d 546e 1768 | 20:13:21 GMTn.h 1955 7474 7073 3a2f 2f77 7777 2e65 7861 6d70 | ttps://www.examp 1956 6c65 2e63 6f6d | le.com 1957 Decoding process: 1959 48 | == Literal indexed == 1960 | Indexed name (idx = 8) 1961 | :status 1962 03 | Literal value (len = 3) 1963 3330 32 | 302 1964 | -> :status: 302 1965 58 | == Literal indexed == 1966 | Indexed name (idx = 24) 1967 | cache-control 1968 07 | Literal value (len = 7) 1969 7072 6976 6174 65 | private 1970 | -> cache-control: private 1971 61 | == Literal indexed == 1972 | Indexed name (idx = 33) 1973 | date 1974 1d | Literal value (len = 29) 1975 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013 1976 2032 303a 3133 3a32 3120 474d 54 | 20:13:21 GMT 1977 | -> date: Mon, 21 Oct 2013 \ 1978 | 20:13:21 GMT 1979 6e | == Literal indexed == 1980 | Indexed name (idx = 46) 1981 | location 1982 17 | Literal value (len = 23) 1983 6874 7470 733a 2f2f 7777 772e 6578 616d | https://www.exam 1984 706c 652e 636f 6d | ple.com 1985 | -> location: https://www.e\ 1986 | xample.com 1988 Dynamic Table (after decoding): 1990 [ 1] (s = 63) location: https://www.example.com 1991 [ 2] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT 1992 [ 3] (s = 52) cache-control: private 1993 [ 4] (s = 42) :status: 302 1994 Table size: 222 1996 Decoded header list: 1998 :status: 302 1999 cache-control: private 2000 date: Mon, 21 Oct 2013 20:13:21 GMT 2001 location: https://www.example.com 2003 C.5.2. Second Response 2005 The (":status", "302") header field is evicted from the dynamic table 2006 to free space to allow adding the (":status", "307") header field. 2008 Header list to encode: 2010 :status: 307 2011 cache-control: private 2012 date: Mon, 21 Oct 2013 20:13:21 GMT 2013 location: https://www.example.com 2015 Hex dump of encoded data: 2017 4803 3330 37c1 c0bf | H.307... 2019 Decoding process: 2021 48 | == Literal indexed == 2022 | Indexed name (idx = 8) 2023 | :status 2024 03 | Literal value (len = 3) 2025 3330 37 | 307 2026 | - evict: :status: 302 2027 | -> :status: 307 2028 c1 | == Indexed - Add == 2029 | idx = 65 2030 | -> cache-control: private 2031 c0 | == Indexed - Add == 2032 | idx = 64 2033 | -> date: Mon, 21 Oct 2013 \ 2034 | 20:13:21 GMT 2035 bf | == Indexed - Add == 2036 | idx = 63 2037 | -> location: https://www.e\ 2038 | xample.com 2040 Dynamic Table (after decoding): 2042 [ 1] (s = 42) :status: 307 2043 [ 2] (s = 63) location: https://www.example.com 2044 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT 2045 [ 4] (s = 52) cache-control: private 2046 Table size: 222 2048 Decoded header list: 2050 :status: 307 2051 cache-control: private 2052 date: Mon, 21 Oct 2013 20:13:21 GMT 2053 location: https://www.example.com 2055 C.5.3. Third Response 2057 Several header fields are evicted from the dynamic table during the 2058 processing of this header list. 2060 Header list to encode: 2062 :status: 200 2063 cache-control: private 2064 date: Mon, 21 Oct 2013 20:13:22 GMT 2065 location: https://www.example.com 2066 content-encoding: gzip 2067 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1 2069 Hex dump of encoded data: 2071 88c1 611d 4d6f 6e2c 2032 3120 4f63 7420 | ..a.Mon, 21 Oct 2072 3230 3133 2032 303a 3133 3a32 3220 474d | 2013 20:13:22 GM 2073 54c0 5a04 677a 6970 7738 666f 6f3d 4153 | T.Z.gzipw8foo=AS 2074 444a 4b48 514b 425a 584f 5157 454f 5049 | DJKHQKBZXOQWEOPI 2075 5541 5851 5745 4f49 553b 206d 6178 2d61 | UAXQWEOIU; max-a 2076 6765 3d33 3630 303b 2076 6572 7369 6f6e | ge=3600; version 2077 3d31 | =1 2078 Decoding process: 2080 88 | == Indexed - Add == 2081 | idx = 8 2082 | -> :status: 200 2083 c1 | == Indexed - Add == 2084 | idx = 65 2085 | -> cache-control: private 2086 61 | == Literal indexed == 2087 | Indexed name (idx = 33) 2088 | date 2089 1d | Literal value (len = 29) 2090 4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013 2091 2032 303a 3133 3a32 3220 474d 54 | 20:13:22 GMT 2092 | - evict: cache-control: pr\ 2093 | ivate 2094 | -> date: Mon, 21 Oct 2013 \ 2095 | 20:13:22 GMT 2096 c0 | == Indexed - Add == 2097 | idx = 64 2098 | -> location: https://www.e\ 2099 | xample.com 2100 5a | == Literal indexed == 2101 | Indexed name (idx = 26) 2102 | content-encoding 2103 04 | Literal value (len = 4) 2104 677a 6970 | gzip 2105 | - evict: date: Mon, 21 Oct\ 2106 | 2013 20:13:21 GMT 2107 | -> content-encoding: gzip 2108 77 | == Literal indexed == 2109 | Indexed name (idx = 55) 2110 | set-cookie 2111 38 | Literal value (len = 56) 2112 666f 6f3d 4153 444a 4b48 514b 425a 584f | foo=ASDJKHQKBZXO 2113 5157 454f 5049 5541 5851 5745 4f49 553b | QWEOPIUAXQWEOIU; 2114 206d 6178 2d61 6765 3d33 3630 303b 2076 | max-age=3600; v 2115 6572 7369 6f6e 3d31 | ersion=1 2116 | - evict: location: https:/\ 2117 | /www.example.com 2118 | - evict: :status: 307 2119 | -> set-cookie: foo=ASDJKHQ\ 2120 | KBZXOQWEOPIUAXQWEOIU; ma\ 2121 | x-age=3600; version=1 2123 Dynamic Table (after decoding): 2125 [ 1] (s = 98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\ 2126 =3600; version=1 2127 [ 2] (s = 52) content-encoding: gzip 2128 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:22 GMT 2129 Table size: 215 2131 Decoded header list: 2133 :status: 200 2134 cache-control: private 2135 date: Mon, 21 Oct 2013 20:13:22 GMT 2136 location: https://www.example.com 2137 content-encoding: gzip 2138 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1 2140 C.6. Response Examples with Huffman Coding 2142 This section shows the same examples as the previous section, but 2143 using Huffman encoding for the literal values. The HTTP/2 setting 2144 parameter SETTINGS_HEADER_TABLE_SIZE is set to the value of 256 2145 octets, causing some evictions to occur. The eviction mechanism uses 2146 the length of the decoded literal values, so the same evictions 2147 occurs as in the previous section. 2149 C.6.1. First Response 2151 Header list to encode: 2153 :status: 302 2154 cache-control: private 2155 date: Mon, 21 Oct 2013 20:13:21 GMT 2156 location: https://www.example.com 2158 Hex dump of encoded data: 2160 4882 6402 5885 aec3 771a 4b61 96d0 7abe | H.d.X...w.Ka..z. 2161 9410 54d4 44a8 2005 9504 0b81 66e0 82a6 | ..T.D. .....f... 2162 2d1b ff6e 919d 29ad 1718 63c7 8f0b 97c8 | -..n..)...c..... 2163 e9ae 82ae 43d3 | ....C. 2165 Decoding process: 2167 48 | == Literal indexed == 2168 | Indexed name (idx = 8) 2169 | :status 2170 82 | Literal value (len = 2) 2171 | Huffman encoded: 2172 6402 | d. 2173 | Decoded: 2174 | 302 2175 | -> :status: 302 2176 58 | == Literal indexed == 2177 | Indexed name (idx = 24) 2178 | cache-control 2179 85 | Literal value (len = 5) 2180 | Huffman encoded: 2181 aec3 771a 4b | ..w.K 2182 | Decoded: 2183 | private 2184 | -> cache-control: private 2185 61 | == Literal indexed == 2186 | Indexed name (idx = 33) 2187 | date 2188 96 | Literal value (len = 22) 2189 | Huffman encoded: 2190 d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f 2191 e082 a62d 1bff | ...-.. 2192 | Decoded: 2193 | Mon, 21 Oct 2013 20:13:21 \ 2194 | GMT 2195 | -> date: Mon, 21 Oct 2013 \ 2196 | 20:13:21 GMT 2197 6e | == Literal indexed == 2198 | Indexed name (idx = 46) 2199 | location 2200 91 | Literal value (len = 17) 2201 | Huffman encoded: 2202 9d29 ad17 1863 c78f 0b97 c8e9 ae82 ae43 | .)...c.........C 2203 d3 | . 2204 | Decoded: 2205 | https://www.example.com 2206 | -> location: https://www.e\ 2207 | xample.com 2209 Dynamic Table (after decoding): 2211 [ 1] (s = 63) location: https://www.example.com 2212 [ 2] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT 2213 [ 3] (s = 52) cache-control: private 2214 [ 4] (s = 42) :status: 302 2215 Table size: 222 2217 Decoded header list: 2219 :status: 302 2220 cache-control: private 2221 date: Mon, 21 Oct 2013 20:13:21 GMT 2222 location: https://www.example.com 2224 C.6.2. Second Response 2226 The (":status", "302") header field is evicted from the dynamic table 2227 to free space to allow adding the (":status", "307") header field. 2229 Header list to encode: 2231 :status: 307 2232 cache-control: private 2233 date: Mon, 21 Oct 2013 20:13:21 GMT 2234 location: https://www.example.com 2236 Hex dump of encoded data: 2238 4883 640e ffc1 c0bf | H.d..... 2240 Decoding process: 2242 48 | == Literal indexed == 2243 | Indexed name (idx = 8) 2244 | :status 2245 83 | Literal value (len = 3) 2246 | Huffman encoded: 2247 640e ff | d.. 2248 | Decoded: 2249 | 307 2250 | - evict: :status: 302 2251 | -> :status: 307 2252 c1 | == Indexed - Add == 2253 | idx = 65 2254 | -> cache-control: private 2255 c0 | == Indexed - Add == 2256 | idx = 64 2257 | -> date: Mon, 21 Oct 2013 \ 2258 | 20:13:21 GMT 2259 bf | == Indexed - Add == 2260 | idx = 63 2261 | -> location: https://www.e\ 2262 | xample.com 2264 Dynamic Table (after decoding): 2266 [ 1] (s = 42) :status: 307 2267 [ 2] (s = 63) location: https://www.example.com 2268 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:21 GMT 2269 [ 4] (s = 52) cache-control: private 2270 Table size: 222 2272 Decoded header list: 2274 :status: 307 2275 cache-control: private 2276 date: Mon, 21 Oct 2013 20:13:21 GMT 2277 location: https://www.example.com 2279 C.6.3. Third Response 2281 Several header fields are evicted from the dynamic table during the 2282 processing of this header list. 2284 Header list to encode: 2286 :status: 200 2287 cache-control: private 2288 date: Mon, 21 Oct 2013 20:13:22 GMT 2289 location: https://www.example.com 2290 content-encoding: gzip 2291 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1 2293 Hex dump of encoded data: 2295 88c1 6196 d07a be94 1054 d444 a820 0595 | ..a..z...T.D. .. 2296 040b 8166 e084 a62d 1bff c05a 839b d9ab | ...f...-...Z.... 2297 77ad 94e7 821d d7f2 e6c7 b335 dfdf cd5b | w..........5...[ 2298 3960 d5af 2708 7f36 72c1 ab27 0fb5 291f | 9`..'..6r..'..). 2299 9587 3160 65c0 03ed 4ee5 b106 3d50 07 | ..1`e...N...=P. 2301 Decoding process: 2303 88 | == Indexed - Add == 2304 | idx = 8 2305 | -> :status: 200 2306 c1 | == Indexed - Add == 2307 | idx = 65 2308 | -> cache-control: private 2309 61 | == Literal indexed == 2310 | Indexed name (idx = 33) 2311 | date 2312 96 | Literal value (len = 22) 2313 | Huffman encoded: 2314 d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f 2315 e084 a62d 1bff | ...-.. 2316 | Decoded: 2317 | Mon, 21 Oct 2013 20:13:22 \ 2318 | GMT 2319 | - evict: cache-control: pr\ 2320 | ivate 2321 | -> date: Mon, 21 Oct 2013 \ 2322 | 20:13:22 GMT 2323 c0 | == Indexed - Add == 2324 | idx = 64 2325 | -> location: https://www.e\ 2326 | xample.com 2327 5a | == Literal indexed == 2328 | Indexed name (idx = 26) 2329 | content-encoding 2330 83 | Literal value (len = 3) 2331 | Huffman encoded: 2333 9bd9 ab | ... 2334 | Decoded: 2335 | gzip 2336 | - evict: date: Mon, 21 Oct\ 2337 | 2013 20:13:21 GMT 2338 | -> content-encoding: gzip 2339 77 | == Literal indexed == 2340 | Indexed name (idx = 55) 2341 | set-cookie 2342 ad | Literal value (len = 45) 2343 | Huffman encoded: 2344 94e7 821d d7f2 e6c7 b335 dfdf cd5b 3960 | .........5...[9` 2345 d5af 2708 7f36 72c1 ab27 0fb5 291f 9587 | ..'..6r..'..)... 2346 3160 65c0 03ed 4ee5 b106 3d50 07 | 1`e...N...=P. 2347 | Decoded: 2348 | foo=ASDJKHQKBZXOQWEOPIUAXQ\ 2349 | WEOIU; max-age=3600; versi\ 2350 | on=1 2351 | - evict: location: https:/\ 2352 | /www.example.com 2353 | - evict: :status: 307 2354 | -> set-cookie: foo=ASDJKHQ\ 2355 | KBZXOQWEOPIUAXQWEOIU; ma\ 2356 | x-age=3600; version=1 2358 Dynamic Table (after decoding): 2360 [ 1] (s = 98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\ 2361 =3600; version=1 2362 [ 2] (s = 52) content-encoding: gzip 2363 [ 3] (s = 65) date: Mon, 21 Oct 2013 20:13:22 GMT 2364 Table size: 215 2366 Decoded header list: 2368 :status: 200 2369 cache-control: private 2370 date: Mon, 21 Oct 2013 20:13:22 GMT 2371 location: https://www.example.com 2372 content-encoding: gzip 2373 set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1 2375 Appendix D. Change Log (to be removed by RFC Editor before publication) 2376 D.1. Since draft-ietf-httpbis-header-compression-09 2378 o Renamed header table to dynamic table. 2380 o Updated integer representation. 2382 o Editorial corrections. 2384 D.2. Since draft-ietf-httpbis-header-compression-08 2386 o Removed the reference set. 2388 o Removed header emission. 2390 o Explicit handling of several SETTINGS_HEADER_TABLE_SIZE parameter 2391 changes. 2393 o Changed header set to header list, and forced ordering. 2395 o Updated examples. 2397 o Exchanged header and static table positions. 2399 D.3. Since draft-ietf-httpbis-header-compression-07 2401 o Removed old text on index value of 0. 2403 o Added clarification for signalling of maximum table size after a 2404 SETTINGS_HEADER_TABLE_SIZE update. 2406 o Rewrote security considerations. 2408 o Many editorial clarifications or improvements. 2410 o Added convention section. 2412 o Reworked document's outline. 2414 o Updated static table. Entry 16 has now "gzip, deflate" for value. 2416 o Updated Huffman table, using data set provided by Google. 2418 D.4. Since draft-ietf-httpbis-header-compression-06 2420 o Updated format to include literal headers that must never be 2421 compressed. 2423 o Updated security considerations. 2425 o Moved integer encoding examples to the appendix. 2427 o Updated Huffman table. 2429 o Updated static header table (adding and removing status values). 2431 o Updated examples. 2433 D.5. Since draft-ietf-httpbis-header-compression-05 2435 o Regenerated examples. 2437 o Only one Huffman table for requests and responses. 2439 o Added maximum size for dynamic table, independent of 2440 SETTINGS_HEADER_TABLE_SIZE. 2442 o Added pseudo-code for integer decoding. 2444 o Improved examples (removing unnecessary removals). 2446 D.6. Since draft-ietf-httpbis-header-compression-04 2448 o Updated examples: take into account changes in the spec, and show 2449 more features. 2451 o Use 'octet' everywhere instead of having both 'byte' and 'octet'. 2453 o Added reference set emptying. 2455 o Editorial changes and clarifications. 2457 o Added "host" header to the static table. 2459 o Ordering for list of values (either NULL- or comma-separated). 2461 D.7. Since draft-ietf-httpbis-header-compression-03 2463 o A large number of editorial changes; changed the description of 2464 evicting/adding new entries. 2466 o Removed substitution indexing 2468 o Changed 'initial headers' to 'static headers', as per issue #258 2470 o Merged 'request' and 'response' static headers, as per issue #259 2471 o Changed text to indicate that new headers are added at index 0 and 2472 expire from the largest index, as per issue #233 2474 D.8. Since draft-ietf-httpbis-header-compression-02 2476 o Corrected error in integer encoding pseudocode. 2478 D.9. Since draft-ietf-httpbis-header-compression-01 2480 o Refactored of Header Encoding Section: split definitions and 2481 processing rule. 2483 o Backward incompatible change: Updated reference set management as 2484 per issue #214. This changes how the interaction between the 2485 reference set and eviction works. This also changes the working 2486 of the reference set in some specific cases. 2488 o Backward incompatible change: modified initial header list, as per 2489 issue #188. 2491 o Added example of 32 octets entry structure (issue #191). 2493 o Added Header Set Completion section. Reflowed some text. 2494 Clarified some writing which was akward. Added text about 2495 duplicate header entry encoding. Clarified some language w.r.t 2496 Header Set. Changed x-my-header to mynewheader. Added text in 2497 the HeaderEmission section indicating that the application may 2498 also be able to free up memory more quickly. Added information in 2499 Security Considerations section. 2501 D.10. Since draft-ietf-httpbis-header-compression-00 2503 Fixed bug/omission in integer representation algorithm. 2505 Changed the document title. 2507 Header matching text rewritten. 2509 Changed the definition of header emission. 2511 Changed the name of the setting which dictates how much memory the 2512 compression context should use. 2514 Removed "specific use cases" section 2516 Corrected erroneous statement about what index can be contained in 2517 one octet 2518 Added descriptions of opcodes 2520 Removed security claims from introduction. 2522 Authors' Addresses 2524 Roberto Peon 2525 Google, Inc 2527 EMail: fenix@google.com 2529 Herve Ruellan 2530 Canon CRF 2532 EMail: herve.ruellan@crf.canon.fr