idnits 2.17.1 draft-ietf-hybi-permessage-compression-21.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: A server declining all offered PMCEs MUST not include any element with PMCE names. If a server responds with no PMCE element in the "Sec-WebSocket-Extensions" header, both endpoints proceed without Per-message Compression once _the WebSocket Connection is established_. -- The document date (April 15, 2015) is 3261 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 1951 -- Possible downref: Non-RFC (?) normative reference: ref. 'LZ77' Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 HyBi Working Group T. Yoshino 3 Internet-Draft Google, Inc. 4 Intended status: Standards Track April 15, 2015 5 Expires: October 17, 2015 7 Compression Extensions for WebSocket 8 draft-ietf-hybi-permessage-compression-21 10 Abstract 12 This document defines a framework for creating WebSocket extensions 13 that add compression functionality to the WebSocket Protocol. An 14 extension based on this framework compresses the payload data portion 15 of WebSocket data messages on a per-message basis using parameters 16 negotiated during the opening handshake. This framework provides a 17 general method for applying a compression algorithm to the contents 18 of WebSocket messages. Each compression algorithm has to be defined 19 in a document defining the extension by specifying parameter 20 negotiation and payload transformation algorithm in detail. This 21 document also specifies one specific compression extension using the 22 DEFLATE algorithm. 24 Please send feedback to the hybi@ietf.org mailing list. 26 Status of this Memo 28 This Internet-Draft is submitted to IETF in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on October 17, 2015. 43 Copyright Notice 45 Copyright (c) 2015 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2. Conformance Requirements and Terminology . . . . . . . . . . . 4 62 3. Complementary Terminology . . . . . . . . . . . . . . . . . . 5 63 4. WebSocket Per-message Compression Extension . . . . . . . . . 6 64 5. Extension Negotiation . . . . . . . . . . . . . . . . . . . . 7 65 5.1. General Negotiation Flow . . . . . . . . . . . . . . . . . 9 66 5.2. Negotiation Examples . . . . . . . . . . . . . . . . . . . 10 67 6. Framing . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 68 6.1. Compression . . . . . . . . . . . . . . . . . . . . . . . 12 69 6.2. Decompression . . . . . . . . . . . . . . . . . . . . . . 13 70 7. Intermediaries . . . . . . . . . . . . . . . . . . . . . . . . 15 71 8. permessage-deflate extension . . . . . . . . . . . . . . . . . 16 72 8.1. Method Parameters . . . . . . . . . . . . . . . . . . . . 17 73 8.1.1. Context Takeover Control . . . . . . . . . . . . . . . 17 74 8.1.2. Limiting the LZ77 sliding window size . . . . . . . . 19 75 8.1.3. Examples . . . . . . . . . . . . . . . . . . . . . . . 21 76 8.2. Message Payload Transformation . . . . . . . . . . . . . . 22 77 8.2.1. Compression . . . . . . . . . . . . . . . . . . . . . 22 78 8.2.2. Decompression . . . . . . . . . . . . . . . . . . . . 23 79 8.2.3. Examples . . . . . . . . . . . . . . . . . . . . . . . 24 80 8.3. Implementation Notes . . . . . . . . . . . . . . . . . . . 28 81 8.4. Intermediaries . . . . . . . . . . . . . . . . . . . . . . 28 82 9. Security Considerations . . . . . . . . . . . . . . . . . . . 29 83 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 84 10.1. Registration of the "permessage-deflate" WebSocket 85 Extension Name . . . . . . . . . . . . . . . . . . . . . . 30 86 10.2. Registration of the "Per-message Compressed" WebSocket 87 Framing Header Bit . . . . . . . . . . . . . . . . . . . . 30 88 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 31 89 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32 90 12.1. Normative References . . . . . . . . . . . . . . . . . . . 32 91 12.2. Informative References . . . . . . . . . . . . . . . . . . 32 92 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 33 94 1. Introduction 96 This document specifies a framework for adding compression 97 functionality to the WebSocket Protocol [RFC6455]. The framework 98 specifies how to define WebSocket Per-message Compression Extensions 99 (PMCEs) for a compression algorithm based on the extension concept of 100 the WebSocket Protocol specified in Section 9 of [RFC6455]. A 101 WebSocket client and a peer WebSocket server negotiate the use of a 102 PMCE and determine the parameters required to configure the 103 compression algorithm during the WebSocket opening handshake. The 104 client and server can then exchange data messages whose frames 105 contain compressed data in the payload data portion. 107 This framework only specifies a general method for applying a 108 compression algorithm to the contents of WebSocket messages. Each 109 individual PMCE has to be specified in a document describing in 110 detail how to negotiate the configuration parameters for the specific 111 compression algorithm used by that PMCE and how to transform 112 (compress and decompress) data in the payload data portion. 114 A WebSocket client may offer multiple PMCEs during the WebSocket 115 opening handshake. A peer WebSocket server receiving the offer may 116 choose to accept the preferred PMCE or decline all of them. PMCEs 117 use the RSV1 bit of the WebSocket frame header to indicate whether a 118 message is compressed or not, so that an endpoint can choose not to 119 compress messages with incompressible contents. 121 This document also specifies one specific PMCE based on the DEFLATE 122 [RFC1951] algorithm. The DEFLATE algorithm is widely available on 123 various platforms and its overhead is small. The extension name of 124 this PMCE is "permessage-deflate". To align the end of compressed 125 data to an octet boundary, this extension uses the algorithm 126 described in Section 2.1 of [RFC1979]. Endpoints can take over the 127 LZ77 sliding window [LZ77] used to build frames for previous messages 128 to achieve a better compression ratio. For resource-limited devices, 129 this extension provides parameters to limit memory usage for 130 compression context. 132 2. Conformance Requirements and Terminology 134 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 135 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 136 document are to be interpreted as described in [RFC2119]. 138 Requirements phrased in the imperative as part of algorithms (such as 139 "strip any leading space characters" or "return false and abort these 140 steps") are to be interpreted with the meaning of the key word 141 ("MUST", "SHOULD", "MAY", etc.) used in introducing the algorithm. 143 Conformance requirements phrased as algorithms or specific steps can 144 be implemented in any manner, so long as the end result is 145 equivalent. In particular, the algorithms defined in this 146 specification are intended to be easy to understand and are not 147 intended to be performant. 149 This document references the procedure to _Fail the WebSocket 150 Connection_. This procedure is defined in Section 7.1.7 of 151 [RFC6455]. 153 This document references the event that _The WebSocket Connection is 154 Established_ and the event that _A WebSocket Message Has Been 155 Received_. These events are defined in Section 4.1 and Section 6.2, 156 respectively, of [RFC6455]. 158 This document uses the Augmented Backus-Naur Form (ABNF) notation of 159 [RFC5234]. The DIGIT (decimal 0-9) rule is included by reference, as 160 defined in the Appendix B.1 of [RFC5234]. 162 3. Complementary Terminology 164 This document defines some terms about WebSocket and WebSocket 165 Extension mechanisms that are underspecified or not defined at all in 166 [RFC6455]. This terminology is effective only in this document and 167 any other documents explicitly referring to this section. 169 "A data message" means a message consisting of Data Frames as defined 170 in Section 5.6 of [RFC6455]. 172 "A message payload (or payload of a message)" means the concatenation 173 of the payload data portion of all Data Frames (see Section 6.2 of 174 [RFC6455]) representing a single message. 176 "An extension in use next to extension X" means the extension listed 177 next to X in the "Sec-WebSocket-Extensions" header in the server's 178 opening handshake as defined in Section 9.1 of [RFC6455]. Such an 179 extension is applied to outgoing data from the application right 180 after X on the sender side, but applied right before X to incoming 181 data from the underlying transport. 183 "An extension in use preceding extension X" means the extension 184 listed right before X in the "Sec-WebSocket-Extensions" header in the 185 server's opening handshake. Such an extension is applied to outgoing 186 data from the application right before X on the sender side, but 187 applied right after X to incoming data from the underlying transport. 189 "An extension negotiation offer" means each element in the 190 "Sec-WebSocket-Extensions" header in the client's opening handshake. 192 "An extension negotiation response" means each element in the 193 "Sec-WebSocket-Extensions" header in the server's opening handshake. 195 "A corresponding extension negotiation response for an extension 196 negotiation offer" means an extension negotiation response that a 197 server sends back to the peer client containing the same extension 198 name as the offer and meeting the requirements represented by the 199 offer. 201 "Accepting an extension negotiation offer" means including a 202 corresponding extension negotiation response for the offer in the 203 "Sec-WebSocket-Extensions" header in the server's opening handshake. 205 "Declining an extension negotiation offer" means not including a 206 corresponding extension negotiation response for the offer in the 207 "Sec-WebSocket-Extensions" header in the server's opening handshake. 209 4. WebSocket Per-message Compression Extension 211 WebSocket Per-message Compression Extensions (PMCEs) are extensions 212 to the WebSocket Protocol enabling compression functionality. PMCEs 213 are built based on the extension concept of the WebSocket Protocol 214 specified in Section 9 of [RFC6455]. PMCEs are individually defined 215 for each compression algorithm to be implemented, and are registered 216 in the WebSocket Extension Name Registry created in Section 11.4 of 217 [RFC6455]. Each PMCE referring to this framework MUST define the 218 following: 220 o The extension name of the PMCE and any applicable extension 221 parameters that MUST be included in the "Sec-WebSocket-Extensions" 222 header during the extension negotiation offer/response. 224 o How to interpret the extension parameters exchanged during the 225 opening handshake. 227 o How to transform the payload of a message. 229 One PMCE extension is defined in Section 8 of this document and is 230 registered in Section 10. Other PMCEs may be defined in the future 231 in other documents. 233 Section 5 describes the basic extension negotiation process. 234 Section 6 describes how to apply the compression algorithm with 235 negotiated parameters to the contents of WebSocket messages. 237 5. Extension Negotiation 239 To offer use of a PMCE, a client MUST include the extension name of 240 the PMCE in the "Sec-WebSocket-Extensions" header field of its 241 opening handshake of the WebSocket connection. Extension parameters 242 are used to specify the PMCE offer in detail. For example, a client 243 lists its preferred configuration parameter values for the 244 compression algorithm of the PMCE. A client may also offer multiple 245 PMCE choices to the server by including multiple elements in the 246 "Sec-WebSocket-Extensions" header, one for each PMCE offered. This 247 set of elements MAY include multiple PMCEs with the same extension 248 name to offer the possibility to use the same algorithm with 249 different configuration parameters. The order of elements is 250 important as it specifies the client's preference. An element 251 preceding another element has higher preference. It is recommended 252 that a server accepts PMCEs with higher preference if the server 253 supports them. 255 A PMCE negotiation offer provides requests and/or hints to the 256 server. 258 A request in a PMCE negotiation offer indicates constraints on the 259 server's behavior that must be satisfied if the server accepts the 260 offer. For example, suppose that a server sends data compressed with 261 the DEFLATE algorithm to a client. The server must keep the original 262 bytes of data that it recently compressed and sent to the client. 263 The client must keep the result of decompressing the bytes of data 264 that it recently received from the server. The amount of bytes of 265 data kept is called the LZ77 window size. The LZ77 window size of 266 the client must not be less than the LZ77 window size of the server. 267 In a PMCE negotiation offer, the client MUST inform the server of its 268 LZ77 window size so that the server uses an LZ77 window size that is 269 not greater than the LZ77 window size of the client. This 270 restriction on the LZ77 window size is an example of a request in a 271 PMCE negotiation offer. 273 A hint in a PMCE negotiation offer provides information about the 274 client's behavior that the server may either safely ignore or refer 275 to when the server decides its behavior. For example, suppose that a 276 client sends data compressed with the DEFLATE algorithm to a server. 277 The client must keep the original bytes of data that it recently 278 compressed and sent to the server. The server must keep the result 279 of decompressing the bytes of data that it recently received from the 280 client. The LZ77 window size of the server must not be less than the 281 LZ77 window size of the client. In a PMCE negotiation offer, the 282 client may inform the maximum LZ77 window size the client can afford 283 so that the server can choose to use an LZ77 window size that is not 284 greater than the maximum size of the client. This information is an 285 example of a hint in a PMCE negotiation offer. It's waste of memory 286 to use an LZ77 window size greater than the LZ77 window size the 287 client actually uses. Using the hint, the server can avoid the waste 288 of memory. Since the hint itself doesn't specify the constraints on 289 the endpoints, the server must use the "agreed parameters" (defined 290 below) to explicitly ask the client not to use an LZ77 window size 291 greater than the LZ77 window size of the server. 293 To accept the use of an offered PMCE, a server MUST include the 294 extension name of the PMCE in the "Sec-WebSocket-Extensions" header 295 field of its opening handshake of the WebSocket connection. 296 Extension parameters represent the detailed configuration parameters 297 of the PMCE to use. These extension parameters and their values are 298 called "agreed parameters". The element MUST represent a PMCE that 299 is fully supported by the server. The contents of the element don't 300 need to be exactly the same as those of the received extension 301 negotiation offers. For example, suppose that a server received a 302 PMCE extension negotiation offer with an extension parameter "X" 303 indicating that the client can enable an optional feature named X. 304 The server may accept the PMCE offer with an element without the 305 extension parameter "X" meaning that the server chose not to enable 306 the feature X. In this case, the offer contains the extension 307 parameter "X" but the "agreed parameters" don't contain the extension 308 parameter "X". 310 "Agreed parameters" MUST represent how the requests and hints in the 311 client's extension negotiation offer have been handled in addition to 312 the server's requests and hints on the client's behavior, so that the 313 client can configure its behavior without identifying exactly which 314 PMCE extension negotiation offer has been accepted. 316 For example, if a client sends an extension negotiation offer that 317 includes a parameter "enable_compression" and another without this 318 parameter, the server accepts the former and informs the client by 319 sending back an element that includes parameter(s) acknowledging 320 "enable_compression". The name of the acknowledging parameter 321 doesn't need to be exactly the same as the offer. For example, two 322 parameters "enable_strong_compression" and "enable_weak_compression" 323 may be defined as acknowledging parameters for "enable_compression". 325 Compression features can be applied differently for each direction. 326 For such features, the acknowledging parameter and the parameter in 327 the reverse direction must be chosen to distinguish them. For 328 example, in order to make parameters distinguishable, a "server_" 329 prefix can be added to parameters affecting data sent from a server 330 and a "client_" prefix can be added to parameters affecting data sent 331 from a client. 333 A server MUST NOT accept a PMCE extension negotiation offer together 334 with another extension if the PMCE will conflict with the extension 335 on their use of the RSV1 bit. A client that received a response 336 accepting a PMCE extension negotiation offer together with such an 337 extension MUST _Fail the WebSocket Connection_. 339 A server MUST NOT accept a PMCE extension negotiation offer together 340 with another extension if the PMCE will be applied to the output of 341 the extension and any of the following conditions applies to the 342 extension: 344 o The extension requires the boundary of frames to be preserved 345 between the output from the extension at the sender and the input 346 to the extension at the receiver. 348 o The extension uses the "Extension data" field or any of the 349 reserved bits on the WebSocket header as a per-frame attribute. 351 A client that receives a response accepting a PMCE extension 352 negotiation offer together with such an extension MUST _Fail the 353 WebSocket Connection_. 355 A server declining all offered PMCEs MUST not include any element 356 with PMCE names. If a server responds with no PMCE element in the 357 "Sec-WebSocket-Extensions" header, both endpoints proceed without 358 Per-message Compression once _the WebSocket Connection is 359 established_. 361 If a server gives an invalid response, such as accepting a PMCE that 362 the client did not offer, the client MUST _Fail the WebSocket 363 Connection_. 365 If a server responds with a valid PMCE element in the 366 "Sec-WebSocket-Extensions" header and _the WebSocket Connection is 367 established_, both endpoints MUST use the algorithm described in 368 Section 6 and the message payload transformation (compressing and 369 decompressing) procedure of the PMCE configured with the "agreed 370 parameters" returned by the server to exchange messages. 372 5.1. General Negotiation Flow 374 This section describes a general negotiation flow. How to handle 375 parameters in detail must be specified in the document specifying the 376 PMCE. 378 A client makes an offer including parameters identifying the 379 following: 381 o Hints about how the client is planning to compress data 383 o Requests about how the server compresses data 385 o Limitations concerning the client's compression functionality 387 The peer server makes a determination of its behavior based on these 388 parameters. If the server can and wants to proceed with this PMCE 389 enabled, the server responds to the client with parameters 390 identifying the following: 392 o Requests about how the client compresses data 394 o How the server will compress data 396 Based on these parameters received from the server, the client 397 determines its behavior and if it can and wants to proceed with this 398 PMCE enabled. Otherwise, the client starts closing handshake with 399 close code 1010. 401 5.2. Negotiation Examples 403 The following are example values for the "Sec-WebSocket-Extensions" 404 header offering PMCEs. permessage-foo and permessage-bar in the 405 examples are hypothetical extension names of PMCEs for compression 406 algorithm foo and bar. 408 o Offer the permessage-foo. 410 permessage-foo 412 o Offer the permessage-foo with a parameter x with a value of 10. 414 permessage-foo; x=10 416 The value MAY be quoted. 418 permessage-foo; x="10" 420 o Offer the permessage-foo as first choice and the permessage-bar as 421 a fallback plan. 423 permessage-foo, permessage-bar 425 o Offer the permessage-foo with a parameter use_y which enables a 426 feature y as first choice, and the permessage-foo without the 427 use_y parameter as a fallback plan. 429 permessage-foo; use_y, permessage-foo 431 6. Framing 433 PMCEs operate only on data messages. 435 This document allocates the RSV1 bit of the WebSocket header for 436 PMCEs, and calls the bit the "Per-message Compressed" bit. On a 437 WebSocket connection where a PMCE is in use, this bit indicates 438 whether a message is compressed or not. 440 A message with the "Per-message Compressed" bit set on the first 441 fragment of the message is called a "compressed message". Frames of 442 a compressed message have compressed data in the payload data 443 portion. An endpoint receiving a compressed message decompresses the 444 concatenation of the compressed data of the frames of the message by 445 following the decompression procedure specified by the PMCE in use. 446 The endpoint uses the bytes corresponding to the application data 447 portion in this decompressed data for the _A WebSocket Message Has 448 Been Received_ event instead of the received data as-is. 450 A message with the "Per-message Compressed" bit unset on the first 451 fragment of the message is called an "uncompressed message". Frames 452 of an uncompressed message have uncompressed original data as-is in 453 the payload data portion. An endpoint receiving an uncompressed 454 message uses the concatenation of the application data portion of the 455 frames of the message as-is for the _A WebSocket Message Has Been 456 Received_ event. 458 6.1. Compression 460 An endpoint MUST use the following algorithm to send a message in the 461 form of a compressed message. 463 1. Compress the message payload of the original message by following 464 the compression procedure of the PMCE. The original message may 465 be input from the application layer or output of another 466 WebSocket extension depending on which extensions were 467 negotiated. 469 2. If this PMCE is the last extension to process of outgoing 470 messages, build frame(s) by using the compressed data instead of 471 the original data for the message payload, and set the 472 "Per-message Compressed" bit of the first frame, then send the 473 frame(s) as described in Section 6.1 of RFC6455. Otherwise, pass 474 the transformed message payload and modified header values 475 including the "Per-message Compressed" bit value set to 1 to the 476 extension next to the PMCE. If the extension expects frames for 477 input, build a frame for the message and pass it. 479 An endpoint MUST use the following algorithm to send a message in the 480 form of an uncompressed message. If this PMCE is the last extension 481 to process of outgoing messages, build frame(s) by using the original 482 data for the payload data portion as-is and unset the "Per-message 483 Compressed" bit of the first frame, then send the frame(s) as 484 described in Section 6.1 of RFC6455. Otherwise, pass the message 485 payload and header values to the extension next to the PMCE as-is. 486 If the extension expects frames for input, build a frame for the 487 message and pass it. 489 An endpoint MUST NOT set the "Per-message Compressed" bit of control 490 frames and non-first fragments of a data message. An endpoint 491 receiving such a frame MUST _Fail the WebSocket Connection_. 493 PMCEs do not change the opcode field. The opcode of the first frame 494 of a compressed message indicates the opcode of the original message. 496 The payload data portion in frames generated by a PMCE is not subject 497 to the constraints for the original data type. For example, the 498 concatenation of the output data corresponding to the application 499 data portion of frames of a compressed text message is not required 500 to be valid UTF-8. At the receiver, the payload data portion after 501 decompression is subject to the constraints for the original data 502 type again. 504 6.2. Decompression 506 An endpoint MUST use the following algorithm to receive a message in 507 the form of a compressed message. 509 1. Concatenate the payload data portion of the received frames of 510 the compressed message. The received frames may be direct input 511 from the underlying transport or output of another WebSocket 512 extension depending on which extensions were negotiated. 514 2. Decompress the concatenation by following the decompression 515 procedure of the PMCE. 517 3. If this is the last extension to process incoming messages, 518 deliver the _A WebSocket Message Has Been Received_ event to the 519 application layer with the decompressed message payload and 520 header values including the "Per-message Compressed" bit unset to 521 0. Otherwise, pass the decompressed message payload and header 522 values including the "Per-message Compressed" bit unset to 0 to 523 the extension preceding the PMCE. If the extension expects 524 frames for input, build a frame for the message and pass it. 526 An endpoint MUST use the following algorithm to receive a message in 527 the form of an uncompressed message. If this PMCE is the last 528 extension to process incoming messages, deliver the _A WebSocket 529 Message Has Been Received_ event to the application layer with the 530 received message payload and header values as-is. Otherwise, pass 531 the message payload and header values to the extension preceding the 532 PMCE as-is. If the extension expects frames for input, build a frame 533 for the message and pass it. 535 7. Intermediaries 537 When an intermediary proxies a WebSocket connection, the intermediary 538 MAY add, change or remove Per-message Compression of proxied messages 539 if the intermediary meets all of the following requirements: 541 o The intermediary understands the PMCE. 543 o The intermediary can read all data of the proxied WebSocket 544 connection including the opening handshake request, opening 545 handshake response, and messages. 547 o The intermediary can alter the proxied data before forwarding them 548 in accordance with to the constraints of the new combination of 549 extensions. For example, if Per-message Compression is removed 550 from messages, the corresponding element in the 551 "Sec-WebSocket-Extensions" header in the opening handshake 552 response which enabled the Per-message Compression must also be 553 removed. 555 Otherwise, the intermediary MUST NOT add, change or remove Per- 556 message Compression of proxied messages. 558 8. permessage-deflate extension 560 This section defines a specific PMCE called "permessage-deflate". It 561 compresses the payload of a message using the DEFLATE algorithm 562 [RFC1951] and uses the byte boundary alignment method introduced in 563 [RFC1979]. 565 This section uses the term "byte" with the same meaning as RFC1951, 566 i.e. 8 bits stored or transmitted as a unit (same as an octet). 568 The registered extension name for this extension is 569 "permessage-deflate". 571 Four extension parameters are defined for "permessage-deflate" to 572 help endpoints manage per-connection resource usage. 574 o "server_no_context_takeover" 576 o "client_no_context_takeover" 578 o "server_max_window_bits" 580 o "client_max_window_bits" 582 These parameters enable two methods (no_context_takeover and 583 max_window_bits) of constraining memory usage that may be applied 584 independently to either direction of WebSocket traffic. The 585 extension parameters with the "client_" prefix are used by the client 586 to configure its compressor and by the server to configure its 587 decompressor. The extension parameters with the "server_" prefix are 588 used by the server to configure its compressor and by the client to 589 configure its decompressor. All four parameters are defined for both 590 a client's extension negotiation offer and a server's extension 591 negotiation response. 593 A server MUST decline an extension negotiation offer for this 594 extension if any of the following conditions are met: 596 o The negotiation offer contains an extension parameter not defined 597 for use in an offer. 599 o The negotiation offer contains an extension parameter with an 600 invalid value. 602 o The negotiation offer contains multiple extension parameters with 603 the same name. 605 o The server doesn't support the offered configuration. 607 A client MUST _Fail the WebSocket Connection_ if the peer server 608 accepted an extension negotiation offer for this extension with an 609 extension negotiation response meeting any of the following 610 conditions: 612 o The negotiation response contains an extension parameter not 613 defined for use in a response. 615 o The negotiation response contains an extension parameter with an 616 invalid value. 618 o The negotiation response contains multiple extension parameters 619 with the same name. 621 o The client does not support the configuration that the response 622 represents. 624 The term "LZ77 sliding window" used in this section means the buffer 625 used by the DEFLATE algorithm to store recently processed input. The 626 DEFLATE compression algorithm searches the buffer for a match with 627 the following input. 629 The term "use context take over" used in this section means that the 630 same LZ77 sliding window used by the endpoint to build frames of the 631 previous sent message is reused to build frames of the next message 632 to be sent. 634 8.1. Method Parameters 636 8.1.1. Context Takeover Control 638 8.1.1.1. server_no_context_takeover 640 A client MAY include the "server_no_context_takeover" extension 641 parameter in an extension negotiation offer. This extension 642 parameter has no value. By including this extension parameter in an 643 extension negotiation offer, a client prevents the peer server from 644 using context take over. If the peer server doesn't use context take 645 over, the client doesn't need to reserve memory to retain the LZ77 646 sliding window between messages. 648 Absence of this extension parameter in an extension negotiation offer 649 indicates that the client can decompress a message which the server 650 built using context take over. 652 A server accepts an extension negotiation offer that includes the 653 "server_no_context_takeover" extension parameter by including the 654 "server_no_context_takeover" extension parameter in the corresponding 655 extension negotiation response to send back to the client. The 656 "server_no_context_takeover" extension parameter in an extension 657 negotiation response has no value. 659 It is RECOMMENDED that a server supports the 660 "server_no_context_takeover" extension parameter in an extension 661 negotiation offer. 663 A server MAY include the "server_no_context_takeover" extension 664 parameter in an extension negotiation response even if the extension 665 negotiation offer being accepted by the extension negotiation 666 response didn't include the "server_no_context_takeover" extension 667 parameter. 669 8.1.1.2. client_no_context_takeover 671 A client MAY include the "client_no_context_takeover" extension 672 parameter in an extension negotiation offer. This extension 673 parameter has no value. By including this extension parameter in an 674 extension negotiation offer, a client informs the peer server of a 675 hint that even if the server doesn't include the 676 "client_no_context_takeover" extension parameter in the corresponding 677 extension negotiation response to the offer, the client is not going 678 to use context take over. 680 A server MAY include the "client_no_context_takeover" extension 681 parameter in an extension negotiation response. If the received 682 extension negotiation offer includes the "client_no_context_takeover" 683 extension parameter, the server may either ignore the parameter or 684 use the parameter to avoid taking over the LZ77 sliding window 685 unnecessarily by including the "client_no_context_takeover" extension 686 parameter in the corresponding extension negotiation response to the 687 offer. The "client_no_context_takeover" extension parameter in an 688 extension negotiation response has no value. By including the 689 "client_no_context_takeover" extension parameter in an extension 690 negotiation response, a server prevents the peer client from using 691 context take over. This reduces the amount of memory that the server 692 has to reserve for the connection. 694 Absence of this extension parameter in an extension negotiation 695 response indicates that the server can decompress messages built by 696 the client using context take over. 698 A client MUST support the "client_no_context_takeover" extension 699 parameter in an extension negotiation response. 701 8.1.2. Limiting the LZ77 sliding window size 703 8.1.2.1. server_max_window_bits 705 A client MAY include the "server_max_window_bits" extension parameter 706 in an extension negotiation offer. This parameter has a decimal 707 integer value without leading zeroes between 8 to 15 inclusive 708 indicating the base-2 logarithm of the LZ77 sliding window size and 709 MUST conform to the ABNF below. 711 server_max_window_bits = 1*DIGIT 713 By including this parameter in an extension negotiation offer, a 714 client limits the LZ77 sliding window size that the server will use 715 to compress messages. If the peer server uses a small LZ77 sliding 716 window to compress messages, the client can reduce the memory needed 717 for the LZ77 sliding window. 719 A server declines an extension negotiation offer with this parameter 720 if the server doesn't support it. 722 Absence of this parameter in an extension negotiation offer indicates 723 that the client can receive messages compressed using an LZ77 sliding 724 window of up to 32,768 bytes. 726 A server accepts an extension negotiation offer with this parameter 727 by including the "server_max_window_bits" extension parameter in the 728 extension negotiation response to send back to the client with the 729 same or smaller value as the offer. The "server_max_window_bits" 730 extension parameter in an extension negotiation response has a 731 decimal integer value without leading zeroes between 8 to 15 732 inclusive indicating the base-2 logarithm of the LZ77 sliding window 733 size and MUST conform to the ABNF below. 735 server_max_window_bits = 1*DIGIT 737 A server MAY include the "server_max_window_bits" extension parameter 738 in an extension negotiation response even if the extension 739 negotiation offer being accepted by the response didn't include the 740 "server_max_window_bits" extension parameter. 742 8.1.2.2. client_max_window_bits 744 A client MAY include the "client_max_window_bits" extension parameter 745 in an extension negotiation offer. This parameter has no value or a 746 decimal integer value without leading zeroes between 8 to 15 747 inclusive indicating the base-2 logarithm of the LZ77 sliding window 748 size. If a value is specified for this parameter, the value MUST 749 conform to the ABNF below. 751 client_max_window_bits = 1*DIGIT 753 By including this parameter in an offer, a client informs the peer 754 server that the client supports the "client_max_window_bits" 755 extension parameter in an extension negotiation response, and 756 optionally a hint by attaching a value to the parameter. If the 757 "client_max_window_bits" extension parameter in an extension 758 negotiation offer has a value, the parameter also informs the peer 759 server of a hint that even if the server doesn't include the 760 "client_max_window_bits" extension parameter in the corresponding 761 extension negotiation response with a value greater than the one in 762 the extension negotiation offer or the server doesn't include the 763 extension parameter at all, the client is not going to use an LZ77 764 sliding window size greater than the size specified by the value in 765 the extension negotiation offer to compress messages. 767 If a received extension negotiation offer has the 768 "client_max_window_bits" extension parameter, the server MAY include 769 the "client_max_window_bits" extension parameter in the corresponding 770 extension negotiation response to the offer. If the 771 "client_max_window_bits" extension parameter in a received extension 772 negotiation offer has a value, the server may either ignore this 773 value or use this value to avoid allocating an unnecessarily big LZ77 774 sliding window by including the "client_max_window_bits" extension 775 parameter in the corresponding extension negotiation response to the 776 offer with a value equal to or smaller than the received value. The 777 "client_max_window_bits" extension parameter in an extension 778 negotiation response has a decimal integer value without leading 779 zeroes between 8 to 15 inclusive indicating the base-2 logarithm of 780 the LZ77 sliding window size and MUST conform to the ABNF below. 782 client_max_window_bits = 1*DIGIT 784 By including this extension parameter in an extension negotiation 785 response, a server limits the LZ77 sliding window size that the 786 client uses to compress messages. This reduces the amount of memory 787 for the decompression context that the server has to reserve for the 788 connection. 790 If a received extension negotiation offer doesn't have the 791 "client_max_window_bits" extension parameter, the corresponding 792 extension negotiation response to the offer MUST NOT include the 793 "client_max_window_bits" extension parameter. 795 Absence of this extension parameter in an extension negotiation 796 response indicates that the server can receive messages compressed 797 using an LZ77 sliding window of up to 32,768 bytes. 799 8.1.3. Examples 801 The simplest "Sec-WebSocket-Extensions" header in a client's opening 802 handshake to offer use of the permessage-deflate extension looks like 803 this: 805 Sec-WebSocket-Extensions: permessage-deflate 807 Since the "client_max_window_bits" extension parameter is not 808 included in this extension negotiation offer, the server must not 809 accept the offer with an extension negotiation response that includes 810 the "client_max_window_bits" extension parameter. The simplest 811 "Sec-WebSocket-Extensions" header in a server's opening handshake to 812 accept use of the permessage-deflate extension is the same: 814 Sec-WebSocket-Extensions: permessage-deflate 816 The following extension negotiation offer sent by a client is asking 817 the server to use an LZ77 sliding window with a size of 1,024 bytes 818 or less and declaring that the client supports the 819 "client_max_window_bits" extension parameter in an extension 820 negotiation response. 822 Sec-WebSocket-Extensions: 823 permessage-deflate; 824 client_max_window_bits; server_max_window_bits=10 826 This extension negotiation offer might be rejected by the server 827 because the server doesn't support the "server_max_window_bits" 828 extension parameter in an extension negotiation offer. This is fine 829 if the client cannot receive messages compressed using a larger 830 sliding window size, but if the client just prefers using a small 831 window but wants to fall back to the "permessage-deflate" without the 832 "server_max_window_bits" extension parameter, the client can make an 833 offer with the fallback option like this: 835 Sec-WebSocket-Extensions: 836 permessage-deflate; 837 client_max_window_bits; server_max_window_bits=10, 838 permessage-deflate; 839 client_max_window_bits 841 The server can accept permessage-deflate by picking any supported one 842 from the listed offers. To accept the first option, for example, the 843 server may send back a response as follows: 845 Sec-WebSocket-Extensions: 846 permessage-deflate; server_max_window_bits=10 848 To accept the second option, for example, the server may send back a 849 response as follows: 851 Sec-WebSocket-Extensions: permessage-deflate 853 8.2. Message Payload Transformation 855 8.2.1. Compression 857 An endpoint uses the following algorithm to compress a message. 859 1. Compress all the octets of the payload of the message using 860 DEFLATE. 862 2. If the resulting data does not end with an empty DEFLATE block 863 with no compression (the "BTYPE" bits are set to 00), append an 864 empty DEFLATE block with no compression to the tail end. 866 3. Remove 4 octets (that are 0x00 0x00 0xff 0xff) from the tail end. 867 After this step, the last octet of the compressed data contains 868 (possibly part of) the DEFLATE header bits with the "BTYPE" bits 869 set to 00. 871 When using DEFLATE in the first step above: 873 o An endpoint MAY use multiple DEFLATE blocks to compress one 874 message. 876 o An endpoint MAY use DEFLATE blocks of any type. 878 o An endpoint MAY use both DEFLATE blocks with the "BFINAL" bit set 879 to 0 and DEFLATE blocks with the "BFINAL" bit set to 1. 881 o When any DEFLATE block with the "BFINAL" bit set to 1 doesn't end 882 at a byte boundary, an endpoint MUST add minimal padding bits of 0 883 to make it end at a byte boundary. The next DEFLATE block follows 884 the padded data if any. 886 An endpoint fragments a compressed message by splitting the result of 887 running this algorithm. Even when only part of the payload is 888 available, a fragment can be built by compressing the available data 889 and choosing the block type appropriately so that the end of the 890 resulting compressed data is aligned at a byte boundary. Note that 891 for non-final fragments, the removal of 0x00 0x00 0xff 0xff must not 892 be done. 894 An endpoint MUST NOT use an LZ77 sliding window longer than 32,768 895 bytes to compress messages to send. 897 If the "agreed parameters" contain the "client_no_context_takeover" 898 extension parameter, the client MUST start compressing each new 899 message with an empty LZ77 sliding window. Otherwise, the client MAY 900 take over the LZ77 sliding window used to build the last compressed 901 message. Note that even if the client has included the 902 "client_no_context_takeover" extension parameter in its offer, the 903 client MAY take over the LZ77 sliding window used to build the last 904 compressed message if the "agreed parameters" don't contain the 905 "client_no_context_takeover" extension parameter. The client-to- 906 server "client_no_context_takeover" extension parameter is just a 907 hint for the server to build an extension negotiation response. 909 If the "agreed parameters" contain the "server_no_context_takeover" 910 extension parameter, the server MUST start compressing each new 911 message with an empty LZ77 sliding window. Otherwise, the server MAY 912 take over the LZ77 sliding window used to build the last compressed 913 message. 915 If the "agreed parameters" contain the "client_max_window_bits" 916 extension parameter with a value of w, the client MUST NOT use an 917 LZ77 sliding window longer than the w-th power of 2 bytes to compress 918 messages to send. Note that even if the client has included in its 919 offer the "client_max_window_bits" extension parameter with a value 920 smaller than one in the "agreed parameters", the client MAY use an 921 LZ77 sliding window with any size to compress messages to send as 922 long as the size conforms to the "agreed parameters". The client-to- 923 server "client_max_window_bits" extension parameter is just a hint 924 for the server to build an extension negotiation response. 926 If the "agreed parameters" contain the "server_max_window_bits" 927 extension parameter with a value of w, the server MUST NOT use an 928 LZ77 sliding window longer than the w-th power of 2 bytes to compress 929 messages to send. 931 8.2.2. Decompression 933 An endpoint uses the following algorithm to decompress a message. 935 1. Append 4 octets of 0x00 0x00 0xff 0xff to the tail end of the 936 payload of the message. 938 2. Decompress the resulting data using DEFLATE. 940 If the "agreed parameters" contain the "server_no_context_takeover" 941 extension parameter, the client MAY decompress each new message with 942 an empty LZ77 sliding window. Otherwise, the client MUST decompress 943 each new message using the LZ77 sliding window used to process the 944 last compressed message. 946 If the "agreed parameters" contain the "client_no_context_takeover" 947 extension parameter, the server MAY decompress each new message with 948 an empty LZ77 sliding window. Otherwise, the server MUST decompress 949 each new message using the LZ77 sliding window used to process the 950 last compressed message. Note that even if the client has included 951 the "client_no_context_takeover" extension parameter in its offer, 952 the server MUST decompress each new message using the LZ77 sliding 953 window used to process the last compressed message if the "agreed 954 parameters" don't contain the "client_no_context_takeover" extension 955 parameter. The client-to-server "client_no_context_takeover" 956 extension parameter is just a hint for the server to build an 957 extension negotiation response. 959 If the "agreed parameters" contain the "server_max_window_bits" 960 extension parameter with a value of w, the client MAY reduce the size 961 of its LZ77 sliding window to decompress received messages down to 962 the w-th power of 2 bytes. Otherwise, the client MUST use a 32,768 963 byte LZ77 sliding window to decompress received messages. 965 If the "agreed parameters" contain the "client_max_window_bits" 966 extension parameter with a value of w, the server MAY reduce the size 967 of its LZ77 sliding window to decompress received messages down to 968 the w-th power of 2 bytes. Otherwise, the server MUST use a 32,768 969 byte LZ77 sliding window to decompress received messages. Note that 970 even if the client has included in its offer the 971 "client_max_window_bits" extension parameter with a value smaller 972 than one in the "agreed parameters", the client MUST use an LZ77 973 sliding window of a size that conforms the "agreed parameters" to 974 compress messages to send. The client-to-server 975 "client_max_window_bits" extension parameter is just a hint for the 976 server to build an extension negotiation response. 978 8.2.3. Examples 980 This section introduces examples of how the permessage-deflate 981 extension transforms messages. 983 8.2.3.1. A message compressed using 1 compressed DEFLATE block 985 Suppose that an endpoint sends a text message "Hello". If the 986 endpoint uses 1 compressed DEFLATE block (compressed with fixed 987 Huffman code and the "BFINAL" bit not set) to compress the message, 988 the endpoint obtains the compressed data to use for the message 989 payload as follows. 991 The endpoint compresses "Hello" into 1 compressed DEFLATE block and 992 flushes the resulting data into a byte array using an empty DEFLATE 993 block with no compression: 995 0xf2 0x48 0xcd 0xc9 0xc9 0x07 0x00 0x00 0x00 0xff 0xff 997 By stripping 0x00 0x00 0xff 0xff from the tail end, the endpoint gets 998 the data to use for the message payload: 1000 0xf2 0x48 0xcd 0xc9 0xc9 0x07 0x00 1002 Suppose that the endpoint sends this compressed message without 1003 fragmentation. The endpoint builds one frame by putting the whole 1004 compressed data in the payload data portion of the frame: 1006 0xc1 0x07 0xf2 0x48 0xcd 0xc9 0xc9 0x07 0x00 1008 The first 2 octets (0xc1 0x07) are the WebSocket frame header (FIN=1, 1009 RSV1=1, RSV2=0, RSV3=0, opcode=text, MASK=0, Payload length=7). The 1010 following figure shows what value is set in each field of the 1011 WebSocket frame header. 1013 0 1 1014 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 1015 +-+-+-+-+-------+-+-------------+ 1016 |F|R|R|R| opcode|M| Payload len | 1017 |I|S|S|S| |A| | 1018 |N|V|V|V| |S| | 1019 | |1|2|3| |K| | 1020 +-+-+-+-+-------+-+-------------+ 1021 |1|1|0|0| 1 |0| 7 | 1022 +-+-+-+-+-------+-+-------------+ 1024 Suppose that the endpoint sends the compressed message with 1025 fragmentation. The endpoint splits the compressed data into 1026 fragments and builds frames for each fragment. For example, if the 1027 fragments are 3 and 4 octet, the first frame is: 1029 0x41 0x03 0xf2 0x48 0xcd 1031 and the second frame is: 1033 0x80 0x04 0xc9 0xc9 0x07 0x00 1035 Note that the RSV1 bit is set only on the first frame. 1037 8.2.3.2. Sharing LZ77 Sliding Window 1039 Suppose that a client has sent a message "Hello" as a compressed 1040 message and will send the same message "Hello" again as a compressed 1041 message. 1043 0xf2 0x48 0xcd 0xc9 0xc9 0x07 0x00 1045 The above is the payload of the first message that the client has 1046 sent. If the "agreed parameters" contain the 1047 "client_no_context_takeover" extension parameter, the client 1048 compresses the payload of the next message into the same bytes (if 1049 the client uses the same "BTYPE" value and "BFINAL" value). So, the 1050 payload of the second message will be: 1052 0xf2 0x48 0xcd 0xc9 0xc9 0x07 0x00 1054 If the "agreed parameters" did not contain the 1055 "client_no_context_takeover" extension parameter, the client can 1056 compress the payload of the next message into less bytes by 1057 referencing the history in the LZ77 sliding window. So, the payload 1058 of the second message will be: 1060 0xf2 0x00 0x11 0x00 0x00 1062 So, 2 bytes are saved in total. 1064 Note that even if some uncompressed messages (with the RSV1 bit 1065 unset) are inserted between the two "Hello" messages, they don't 1066 affect the LZ77 sliding window. 1068 8.2.3.3. Using a DEFLATE Block with No Compression 1070 0xc1 0x0b 0x00 0x05 0x00 0xfa 0xff 0x48 0x65 0x6c 0x6c 0x6f 0x00 1072 This is a frame constituting a text message "Hello" built using a 1073 DEFLATE block with no compression. The first 2 octets (0xc1 0x0b) 1074 are the WebSocket frame header (FIN=1, RSV1=1, RSV2=0, RSV3=0, 1075 opcode=text, MASK=0, Payload length=7). Note that the RSV1 bit is 1076 set for this message (only on the first fragment if the message is 1077 fragmented) because the RSV1 bit is set when DEFLATE is applied to 1078 the message, including the case when only DEFLATE blocks with no 1079 compression are used. The 3rd to 13th octets consist the payload 1080 data containing "Hello" compressed using a DEFLATE block with no 1081 compression. 1083 8.2.3.4. Using a DEFLATE Block with BFINAL Set to 1 1085 On platforms on which the flush method using an empty DEFLATE block 1086 with no compression is not available, implementors can choose to 1087 flush data using DEFLATE blocks with "BFINAL" set to 1. 1089 0xf3 0x48 0xcd 0xc9 0xc9 0x07 0x00 0x00 1091 This is the payload of a message containing "Hello" compressed using 1092 a DEFLATE block with "BFINAL" set to 1. The first 7 octets 1093 constitute a DEFLATE block with "BFINAL" set to 1 and "BTYPE" set to 1094 01 containing "Hello". The last 1 octet (0x00) contains the header 1095 bits with "BFINAL" set to 0 and "BTYPE" set to 00, and 5 padding bits 1096 of 0. This octet is necessary to allow the payload to be 1097 decompressed in the same manner as messages flushed using DEFLATE 1098 blocks with BFINAL unset. 1100 8.2.3.5. Two DEFLATE Blocks in 1 Message 1102 Two or more DEFLATE blocks may be used in 1 message. 1104 0xf2 0x48 0x05 0x00 0x00 0x00 0xff 0xff 0xca 0xc9 0xc9 0x07 0x00 1106 The first 3 octets (0xf2 0x48 0x05) and the least significant two 1107 bits of the 4th octet (0x00) constitute one DEFLATE block with 1108 "BFINAL" set to 0 and "BTYPE" set to 01 containing "He". The rest of 1109 the 4th octet contains the header bits with "BFINAL" set to 0 and 1110 "BTYPE" set to 00, and the 3 padding bits of 0. Together with the 1111 following 4 octets (0x00 0x00 0xff 0xff), the header bits constitute 1112 an empty DEFLATE block with no compression. A DEFLATE block 1113 containing "llo" follows the empty DEFLATE block. 1115 8.2.3.6. Generating an Empty Fragment Manually 1117 Suppose that an endpoint is sending data of unknown size. The 1118 endpoint may encounter the end of data signal from the data source 1119 when its buffer for uncompressed data is empty. In such a case, the 1120 endpoint just needs to send the last fragment with FIN bit set to 1 1121 and payload set to DEFLATE block(s) which contains 0 bytes of data. 1122 If the compression library being used doesn't generate any data when 1123 its buffer is empty, an empty uncompressed DEFLATE block can be built 1124 manually and used for this purpose as follows: 1126 0x00 1128 The only octet 0x00 contains the header bits with "BFINAL" set to 0 1129 and "BTYPE" set to 00, and 5 padding bits of 0. 1131 8.3. Implementation Notes 1133 On most common software development platforms, the DEFLATE 1134 compression library provides a method for aligning compressed data to 1135 byte boundaries using an empty DEFLATE block with no compression. 1136 For example, Zlib [Zlib] does this when "Z_SYNC_FLUSH" is passed to 1137 the deflate function. 1139 Some platforms may provide only methods to output and process 1140 compressed data with a ZLIB header and an Adler-32 checksum. On such 1141 platforms, developers need to write stub code to remove and 1142 complement them manually. 1144 To obtain a useful compression ratio, an LZ77 sliding window size of 1145 1,024 or more is RECOMMENDED. 1147 If a side disallows context takeover, its endpoint can easily figure 1148 out whether a certain message will be shorter if compressed or not. 1149 Otherwise, it's not easy to know whether future messages will benefit 1150 from having a certain message compressed. Implementors may employ 1151 some heuristics to determine this. 1153 8.4. Intermediaries 1155 When an intermediary forwards a message, the intermediary MAY change 1156 the compression of messages provided that the resulting sequence of 1157 messages conforms to the constraints based on the "agreed 1158 parameters". For example, an intermediary may decompress a received 1159 message, unset the "Per-message Compressed" bit and forward it to the 1160 other peer. Since such a compression change may affect the LZ77 1161 sliding window, the intermediary may need to parse and transform the 1162 following messages, too. 1164 9. Security Considerations 1166 There is a known exploit when history-based compression is combined 1167 with a secure transport [CRIME]. Implementors should pay attention 1168 to this point when integrating this extension with other extensions 1169 or protocols. 1171 10. IANA Considerations 1173 10.1. Registration of the "permessage-deflate" WebSocket Extension Name 1175 This section describes a WebSocket extension name registration in the 1176 WebSocket Extension Name Registry [RFC6455]. 1178 Extension Identifier 1179 permessage-deflate 1181 Extension Common Name 1182 WebSocket Per-message Deflate 1184 Extension Definition 1185 This document. 1187 Known Incompatible Extensions 1188 None 1190 The "permessage-deflate" extension name is used in the 1191 "Sec-WebSocket-Extensions" header in the WebSocket opening handshake 1192 to negotiate use of the permessage-deflate extension. 1194 10.2. Registration of the "Per-message Compressed" WebSocket Framing 1195 Header Bit 1197 This section describes a WebSocket framing header bit registration in 1198 the WebSocket Framing Header Bits Registry [RFC6455]. 1200 Header Bit 1201 RSV1 1203 Common Name 1204 Per-message Compressed 1206 Meaning 1207 The message is compressed or not. 1209 Reference 1210 Section 6 of this document. 1212 The "Per-message Compressed" framing header bit is used on the first 1213 fragment of data messages to indicate whether the payload of the 1214 message is compressed by the PMCE or not. 1216 11. Acknowledgements 1218 Special thanks to Patrick McManus who wrote up the initial 1219 specification of a DEFLATE-based compression extension for the 1220 WebSocket Protocol to which I referred to write this specification. 1222 Thank you to the following people who participated in discussions on 1223 the HyBi WG and contributed ideas and/or provided detailed reviews 1224 (the list is likely to be incomplete): Adam Rice, Alexander 1225 Philippou, Alexey Melnikov, Arman Djusupov, Bjoern Hoehrmann, Brian 1226 McKelvey, Dario Crivelli, Greg Wilkins, Inaki Baz Castillo, Jamie 1227 Lokier, Joakim Erdfelt, John A. Tamplin, Julian Reschke, Kenichi 1228 Ishibashi, Mark Nottingham, Peter Thorson, Roberto Peon, Salvatore 1229 Loreto, Simone Bordet, Tobias Oberstein and Yutaka Hirano. Note that 1230 people listed above didn't necessarily endorse the end result of this 1231 work. 1233 12. References 1235 12.1. Normative References 1237 [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification 1238 version 1.3", RFC 1951, May 1996. 1240 [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax 1241 Specifications: ABNF", STD 68, RFC 5234, January 2008. 1243 [RFC6455] Fette, I. and A. Melnikov, "The WebSocket Protocol", 1244 RFC 6455, December 2011. 1246 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1247 Requirement Levels", BCP 14, RFC 2119, March 1997. 1249 [LZ77] Ziv, J. and A. Lempel, "A Universal Algorithm for 1250 Sequential Data Compression", IEEE Transactions on 1251 Information Theory, Vol. 23, No. 3, pp. 337-343. 1253 12.2. Informative References 1255 [RFC1979] Woods, J., "PPP Deflate Protocol", RFC 1979, August 1996. 1257 [Zlib] Gailly, J. and M. Adler, "Zlib", . 1259 [CRIME] Rizzo, J. and T. Duong, "The CRIME attack", Ekoparty 2012, 1260 September 2012. 1262 Author's Address 1264 Takeshi Yoshino 1265 Google, Inc. 1267 Email: tyoshino@google.com