idnits 2.17.1 draft-ietf-quic-http-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([2], [3], [1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 28, 2018) is 2126 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 1854 -- Looks like a reference, but probably isn't: '2' on line 1856 -- Looks like a reference, but probably isn't: '3' on line 1858 == Outdated reference: A later version (-21) exists of draft-ietf-quic-qpack-01 == Outdated reference: A later version (-34) exists of draft-ietf-quic-transport-12 ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 7540 (Obsoleted by RFC 9113) Summary: 5 errors (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 QUIC M. Bishop, Ed. 3 Internet-Draft Akamai 4 Intended status: Standards Track June 28, 2018 5 Expires: December 30, 2018 7 Hypertext Transfer Protocol (HTTP) over QUIC 8 draft-ietf-quic-http-13 10 Abstract 12 The QUIC transport protocol has several features that are desirable 13 in a transport for HTTP, such as stream multiplexing, per-stream flow 14 control, and low-latency connection establishment. This document 15 describes a mapping of HTTP semantics over QUIC. This document also 16 identifies HTTP/2 features that are subsumed by QUIC, and describes 17 how HTTP/2 extensions can be ported to QUIC. 19 Note to Readers 21 Discussion of this draft takes place on the QUIC working group 22 mailing list (quic@ietf.org), which is archived at 23 https://mailarchive.ietf.org/arch/search/?email_list=quic [1]. 25 Working Group information can be found at https://github.com/quicwg 26 [2]; source code and issues list for this draft can be found at 27 https://github.com/quicwg/base-drafts/labels/-http [3]. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on December 30, 2018. 46 Copyright Notice 48 Copyright (c) 2018 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4 65 2. Connection Setup and Management . . . . . . . . . . . . . . . 4 66 2.1. Draft Version Identification . . . . . . . . . . . . . . 4 67 2.2. Discovering an HTTP/QUIC Endpoint . . . . . . . . . . . . 5 68 2.2.1. QUIC Version Hints . . . . . . . . . . . . . . . . . 5 69 2.3. Connection Establishment . . . . . . . . . . . . . . . . 6 70 2.4. Connection Reuse . . . . . . . . . . . . . . . . . . . . 6 71 3. Stream Mapping and Usage . . . . . . . . . . . . . . . . . . 7 72 3.1. HTTP Message Exchanges . . . . . . . . . . . . . . . . . 7 73 3.1.1. Header Compression . . . . . . . . . . . . . . . . . 9 74 3.1.2. The CONNECT Method . . . . . . . . . . . . . . . . . 9 75 3.1.3. Request Cancellation . . . . . . . . . . . . . . . . 10 76 3.2. Request Prioritization . . . . . . . . . . . . . . . . . 10 77 3.2.1. Placeholders . . . . . . . . . . . . . . . . . . . . 11 78 3.2.2. Priority Tree Maintenance . . . . . . . . . . . . . . 11 79 3.3. Unidirectional Streams . . . . . . . . . . . . . . . . . 12 80 3.3.1. Control Streams . . . . . . . . . . . . . . . . . . . 13 81 3.3.2. Server Push . . . . . . . . . . . . . . . . . . . . . 13 82 4. HTTP Framing Layer . . . . . . . . . . . . . . . . . . . . . 14 83 4.1. Frame Layout . . . . . . . . . . . . . . . . . . . . . . 15 84 4.2. Frame Definitions . . . . . . . . . . . . . . . . . . . . 15 85 4.2.1. Reserved Frame Types . . . . . . . . . . . . . . . . 15 86 4.2.2. DATA . . . . . . . . . . . . . . . . . . . . . . . . 15 87 4.2.3. HEADERS . . . . . . . . . . . . . . . . . . . . . . . 16 88 4.2.4. PRIORITY . . . . . . . . . . . . . . . . . . . . . . 16 89 4.2.5. CANCEL_PUSH . . . . . . . . . . . . . . . . . . . . . 18 90 4.2.6. SETTINGS . . . . . . . . . . . . . . . . . . . . . . 19 91 4.2.7. PUSH_PROMISE . . . . . . . . . . . . . . . . . . . . 21 92 4.2.8. GOAWAY . . . . . . . . . . . . . . . . . . . . . . . 23 93 4.2.9. MAX_PUSH_ID . . . . . . . . . . . . . . . . . . . . . 25 95 5. Connection Management . . . . . . . . . . . . . . . . . . . . 26 96 6. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 26 97 6.1. HTTP/QUIC Error Codes . . . . . . . . . . . . . . . . . . 26 98 7. Considerations for Transitioning from HTTP/2 . . . . . . . . 28 99 7.1. Streams . . . . . . . . . . . . . . . . . . . . . . . . . 28 100 7.2. HTTP Frame Types . . . . . . . . . . . . . . . . . . . . 28 101 7.3. HTTP/2 SETTINGS Parameters . . . . . . . . . . . . . . . 30 102 7.4. HTTP/2 Error Codes . . . . . . . . . . . . . . . . . . . 31 103 8. Security Considerations . . . . . . . . . . . . . . . . . . . 32 104 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 105 9.1. Registration of HTTP/QUIC Identification String . . . . . 32 106 9.2. Registration of QUIC Version Hint Alt-Svc Parameter . . . 33 107 9.3. Frame Types . . . . . . . . . . . . . . . . . . . . . . . 33 108 9.4. Settings Parameters . . . . . . . . . . . . . . . . . . . 34 109 9.5. Error Codes . . . . . . . . . . . . . . . . . . . . . . . 35 110 9.6. Stream Types . . . . . . . . . . . . . . . . . . . . . . 38 111 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 38 112 10.1. Normative References . . . . . . . . . . . . . . . . . . 38 113 10.2. Informative References . . . . . . . . . . . . . . . . . 39 114 10.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 40 115 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 40 116 A.1. Since draft-ietf-quic-http-12 . . . . . . . . . . . . . . 40 117 A.2. Since draft-ietf-quic-http-11 . . . . . . . . . . . . . . 40 118 A.3. Since draft-ietf-quic-http-10 . . . . . . . . . . . . . . 40 119 A.4. Since draft-ietf-quic-http-09 . . . . . . . . . . . . . . 41 120 A.5. Since draft-ietf-quic-http-08 . . . . . . . . . . . . . . 41 121 A.6. Since draft-ietf-quic-http-07 . . . . . . . . . . . . . . 41 122 A.7. Since draft-ietf-quic-http-06 . . . . . . . . . . . . . . 41 123 A.8. Since draft-ietf-quic-http-05 . . . . . . . . . . . . . . 41 124 A.9. Since draft-ietf-quic-http-04 . . . . . . . . . . . . . . 41 125 A.10. Since draft-ietf-quic-http-03 . . . . . . . . . . . . . . 42 126 A.11. Since draft-ietf-quic-http-02 . . . . . . . . . . . . . . 42 127 A.12. Since draft-ietf-quic-http-01 . . . . . . . . . . . . . . 42 128 A.13. Since draft-ietf-quic-http-00 . . . . . . . . . . . . . . 42 129 A.14. Since draft-shade-quic-http2-mapping-00 . . . . . . . . . 43 130 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 43 131 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 43 133 1. Introduction 135 The QUIC transport protocol has several features that are desirable 136 in a transport for HTTP, such as stream multiplexing, per-stream flow 137 control, and low-latency connection establishment. This document 138 describes a mapping of HTTP semantics over QUIC, drawing heavily on 139 the existing TCP mapping, HTTP/2. Specifically, this document 140 identifies HTTP/2 features that are subsumed by QUIC, and describes 141 how the other features can be implemented atop QUIC. 143 QUIC is described in [QUIC-TRANSPORT]. For a full description of 144 HTTP/2, see [RFC7540]. 146 1.1. Notational Conventions 148 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 149 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 150 "OPTIONAL" in this document are to be interpreted as described in BCP 151 14 [RFC2119] [RFC8174] when, and only when, they appear in all 152 capitals, as shown here. 154 Field definitions are given in Augmented Backus-Naur Form (ABNF), as 155 defined in [RFC5234]. 157 This document uses the variable-length integer encoding from 158 [QUIC-TRANSPORT]. 160 Protocol elements called "frames" exist in both this document and 161 [QUIC-TRANSPORT]. Where frames from [QUIC-TRANSPORT] are referenced, 162 the frame name will be prefaced with "QUIC." For example, "QUIC 163 APPLICATION_CLOSE frames." References without this preface refer to 164 frames defined in Section 4.2. 166 2. Connection Setup and Management 168 2.1. Draft Version Identification 170 *RFC Editor's Note:* Please remove this section prior to 171 publication of a final version of this document. 173 HTTP/QUIC uses the token "hq" to identify itself in ALPN and Alt-Svc. 174 Only implementations of the final, published RFC can identify 175 themselves as "hq". Until such an RFC exists, implementations MUST 176 NOT identify themselves using this string. 178 Implementations of draft versions of the protocol MUST add the string 179 "-" and the corresponding draft number to the identifier. For 180 example, draft-ietf-quic-http-01 is identified using the string "hq- 181 01". 183 Non-compatible experiments that are based on these draft versions 184 MUST append the string "-" and an experiment name to the identifier. 185 For example, an experimental implementation based on draft-ietf-quic- 186 http-09 which reserves an extra stream for unsolicited transmission 187 of 1980s pop music might identify itself as "hq-09-rickroll". Note 188 that any label MUST conform to the "token" syntax defined in 189 Section 3.2.6 of [RFC7230]. Experimenters are encouraged to 190 coordinate their experiments on the quic@ietf.org mailing list. 192 2.2. Discovering an HTTP/QUIC Endpoint 194 An HTTP origin advertises the availability of an equivalent HTTP/QUIC 195 endpoint via the Alt-Svc HTTP response header or the HTTP/2 ALTSVC 196 frame ([RFC7838]), using the ALPN token defined in Section 2.3. 198 For example, an origin could indicate in an HTTP/1.1 or HTTP/2 199 response that HTTP/QUIC was available on UDP port 50781 at the same 200 hostname by including the following header in any response: 202 Alt-Svc: hq=":50781" 204 On receipt of an Alt-Svc record indicating HTTP/QUIC support, a 205 client MAY attempt to establish a QUIC connection to the indicated 206 host and port and, if successful, send HTTP requests using the 207 mapping described in this document. 209 Connectivity problems (e.g. firewall blocking UDP) can result in QUIC 210 connection establishment failure, in which case the client SHOULD 211 continue using the existing connection or try another alternative 212 endpoint offered by the origin. 214 Servers MAY serve HTTP/QUIC on any UDP port, since an alternative 215 always includes an explicit port. 217 2.2.1. QUIC Version Hints 219 This document defines the "quic" parameter for Alt-Svc, which MAY be 220 used to provide version-negotiation hints to HTTP/QUIC clients. QUIC 221 versions are four-octet sequences with no additional constraints on 222 format. Leading zeros SHOULD be omitted for brevity. 224 Syntax: 226 quic = DQUOTE version-number [ "," version-number ] * DQUOTE 227 version-number = 1*8HEXDIG; hex-encoded QUIC version 229 Where multiple versions are listed, the order of the values reflects 230 the server's preference (with the first value being the most 231 preferred version). Reserved versions MAY be listed, but unreserved 232 versions which are not supported by the alternative SHOULD NOT be 233 present in the list. Origins MAY omit supported versions for any 234 reason. 236 Clients MUST ignore any included versions which they do not support. 237 The "quic" parameter MUST NOT occur more than once; clients SHOULD 238 process only the first occurrence. 240 For example, suppose a server supported both version 0x00000001 and 241 the version rendered in ASCII as "Q034". If it opted to include the 242 reserved versions (from Section 4 of [QUIC-TRANSPORT]) 0x0 and 243 0x1abadaba, it could specify the following header: 245 Alt-Svc: hq=":49288";quic="1,1abadaba,51303334,0" 247 A client acting on this header would drop the reserved versions 248 (because it does not support them), then attempt to connect to the 249 alternative using the first version in the list which it does 250 support. 252 2.3. Connection Establishment 254 HTTP/QUIC relies on QUIC as the underlying transport. The QUIC 255 version being used MUST use TLS version 1.3 or greater as its 256 handshake protocol. HTTP/QUIC clients MUST indicate the target 257 domain name during the TLS handshake. This may be done using the 258 Server Name Indication (SNI) [RFC6066] extension to TLS or using some 259 other mechanism. 261 QUIC connections are established as described in [QUIC-TRANSPORT]. 262 During connection establishment, HTTP/QUIC support is indicated by 263 selecting the ALPN token "hq" in the TLS handshake. Support for 264 other application-layer protocols MAY be offered in the same 265 handshake. 267 While connection-level options pertaining to the core QUIC protocol 268 are set in the initial crypto handshake, HTTP/QUIC-specific settings 269 are conveyed in the SETTINGS frame. After the QUIC connection is 270 established, a SETTINGS frame (Section 4.2.6) MUST be sent by each 271 endpoint as the initial frame of their respective HTTP control stream 272 (see Section 3.3.1). The server MUST NOT send data on any other 273 stream until the client's SETTINGS frame has been received. 275 2.4. Connection Reuse 277 Once a connection exists to a server endpoint, this connection MAY be 278 reused for requests with multiple different URI authority components. 279 The client MAY send any requests for which the client considers the 280 server authoritative. 282 An authoritative HTTP/QUIC endpoint is typically discovered because 283 the client has received an Alt-Svc record from the request's origin 284 which nominates the endpoint as a valid HTTP Alternative Service for 285 that origin. As required by [RFC7838], clients MUST check that the 286 nominated server can present a valid certificate for the origin 287 before considering it authoritative. Clients MUST NOT assume that an 288 HTTP/QUIC endpoint is authoritative for other origins without an 289 explicit signal. 291 A server that does not wish clients to reuse connections for a 292 particular origin can indicate that it is not authoritative for a 293 request by sending a 421 (Misdirected Request) status code in 294 response to the request (see Section 9.1.2 of [RFC7540]). 296 3. Stream Mapping and Usage 298 A QUIC stream provides reliable in-order delivery of bytes, but makes 299 no guarantees about order of delivery with regard to bytes on other 300 streams. On the wire, data is framed into QUIC STREAM frames, but 301 this framing is invisible to the HTTP framing layer. A QUIC receiver 302 buffers and orders received STREAM frames, exposing the data 303 contained within as a reliable byte stream to the application. 305 When HTTP headers and data are sent over QUIC, the QUIC layer handles 306 most of the stream management. 308 All client-initiated bidirectional streams are used for HTTP requests 309 and responses. A bidirectional stream ensures that the response can 310 be readily correlated with the request. This means that the client's 311 first request occurs on QUIC stream 0, with subsequent requests on 312 stream 4, 8, and so on. HTTP/QUIC does not use server-initiated 313 bidirectional streams. The use of unidirectional streams is 314 discussed in Section 3.3. 316 These streams carry frames related to the request/response (see 317 Section 4.2). When a stream terminates cleanly, if the last frame on 318 the stream was truncated, this MUST be treated as a connection error 319 (see HTTP_MALFORMED_FRAME in Section 6.1). Streams which terminate 320 abruptly may be reset at any point in the frame. 322 HTTP does not need to do any separate multiplexing when using QUIC - 323 data sent over a QUIC stream always maps to a particular HTTP 324 transaction. Requests and responses are considered complete when the 325 corresponding QUIC stream is closed in the appropriate direction. 327 3.1. HTTP Message Exchanges 329 A client sends an HTTP request on a client-initiated bidirectional 330 QUIC stream. A server sends an HTTP response on the same stream as 331 the request. 333 An HTTP message (request or response) consists of: 335 1. one header block (see Section 4.2.3) containing the message 336 headers (see [RFC7230], Section 3.2), 338 2. the payload body (see [RFC7230], Section 3.3), sent as a series 339 of DATA frames (see Section 4.2.2), 341 3. optionally, one header block containing the trailer-part, if 342 present (see [RFC7230], Section 4.1.2). 344 In addition, prior to sending the message header block indicated 345 above, a response may contain zero or more header blocks containing 346 the message headers of informational (1xx) HTTP responses (see 347 [RFC7230], Section 3.2 and [RFC7231], Section 6.2). 349 PUSH_PROMISE frames (see Section 4.2.7) MAY be interleaved with the 350 frames of a response message indicating a pushed resource related to 351 the response. These PUSH_PROMISE frames are not part of the 352 response, but carry the headers of a separate HTTP request message. 353 See Section 3.3.2 for more details. 355 The "chunked" transfer encoding defined in Section 4.1 of [RFC7230] 356 MUST NOT be used. 358 Trailing header fields are carried in an additional header block 359 following the body. Senders MUST send only one header block in the 360 trailers section; receivers MUST discard any subsequent header 361 blocks. 363 An HTTP request/response exchange fully consumes a QUIC stream. 364 After sending a request, a client closes the stream for sending; 365 after sending a response, the server closes the stream for sending 366 and the QUIC stream is fully closed. 368 A server can send a complete response prior to the client sending an 369 entire request if the response does not depend on any portion of the 370 request that has not been sent and received. When this is true, a 371 server MAY request that the client abort transmission of a request 372 without error by triggering a QUIC STOP_SENDING with error code 373 HTTP_EARLY_RESPONSE, sending a complete response, and cleanly closing 374 its streams. Clients MUST NOT discard complete responses as a result 375 of having their request terminated abruptly, though clients can 376 always discard responses at their discretion for other reasons. 377 Servers MUST NOT abort a response in progress as a result of 378 receiving a solicited RST_STREAM. 380 3.1.1. Header Compression 382 HTTP/QUIC uses QPACK header compression as described in [QPACK], a 383 variation of HPACK which allows the flexibility to avoid header- 384 compression-induced head-of-line blocking. See that document for 385 additional details. 387 3.1.2. The CONNECT Method 389 The pseudo-method CONNECT ([RFC7231], Section 4.3.6) is primarily 390 used with HTTP proxies to establish a TLS session with an origin 391 server for the purposes of interacting with "https" resources. In 392 HTTP/1.x, CONNECT is used to convert an entire HTTP connection into a 393 tunnel to a remote host. In HTTP/2, the CONNECT method is used to 394 establish a tunnel over a single HTTP/2 stream to a remote host for 395 similar purposes. 397 A CONNECT request in HTTP/QUIC functions in the same manner as in 398 HTTP/2. The request MUST be formatted as described in [RFC7540], 399 Section 8.3. A CONNECT request that does not conform to these 400 restrictions is malformed. The request stream MUST NOT be half- 401 closed at the end of the request. 403 A proxy that supports CONNECT establishes a TCP connection 404 ([RFC0793]) to the server identified in the ":authority" pseudo- 405 header field. Once this connection is successfully established, the 406 proxy sends a HEADERS frame containing a 2xx series status code to 407 the client, as defined in [RFC7231], Section 4.3.6. 409 All DATA frames on the request stream correspond to data sent on the 410 TCP connection. Any DATA frame sent by the client is transmitted by 411 the proxy to the TCP server; data received from the TCP server is 412 packaged into DATA frames by the proxy. Note that the size and 413 number of TCP segments is not guaranteed to map predictably to the 414 size and number of HTTP DATA or QUIC STREAM frames. 416 The TCP connection can be closed by either peer. When the client 417 ends the request stream (that is, the receive stream at the proxy 418 enters the "Data Recvd" state), the proxy will set the FIN bit on its 419 connection to the TCP server. When the proxy receives a packet with 420 the FIN bit set, it will terminate the send stream that it sends to 421 client. TCP connections which remain half-closed in a single 422 direction are not invalid, but are often handled poorly by servers, 423 so clients SHOULD NOT cause send a STREAM frame with a FIN bit for 424 connections on which they are still expecting data. 426 A TCP connection error is signaled with RST_STREAM. A proxy treats 427 any error in the TCP connection, which includes receiving a TCP 428 segment with the RST bit set, as a stream error of type 429 HTTP_CONNECT_ERROR (Section 6.1). Correspondingly, a proxy MUST send 430 a TCP segment with the RST bit set if it detects an error with the 431 stream or the QUIC connection. 433 3.1.3. Request Cancellation 435 Either client or server can cancel requests by closing the stream 436 (QUIC RST_STREAM or STOP_SENDING frames, as appropriate) with an 437 error type of HTTP_REQUEST_CANCELLED (Section 6.1). When the client 438 cancels a request or response, it indicates that the response is no 439 longer of interest. 441 When the server cancels either direction of the request stream using 442 HTTP_REQUEST_CANCELLED, it indicates that no application processing 443 was performed. The client can treat requests cancelled by the server 444 as though they had never been sent at all, thereby allowing them to 445 be retried later on a new connection. Servers MUST NOT use the 446 HTTP_REQUEST_CANCELLED status for requests which were partially or 447 fully processed. 449 Note: In this context, "processed" means that some data from the 450 stream was passed to some higher layer of software that might have 451 taken some action as a result. 453 If a stream is cancelled after receiving a complete response, the 454 client MAY ignore the cancellation and use the response. However, if 455 a stream is cancelled after receiving a partial response, the 456 response SHOULD NOT be used. Automatically retrying such requests is 457 not possible, unless this is otherwise permitted (e.g., idempotent 458 actions like GET, PUT, or DELETE). 460 3.2. Request Prioritization 462 HTTP/QUIC uses a priority scheme similar to that described in 463 [RFC7540], Section 5.3. In this priority scheme, a given stream can 464 be designated as dependent upon another request, which expresses the 465 preference that the latter stream (the "parent" request) be allocated 466 resources before the former stream (the "dependent" request). Taken 467 together, the dependencies across all requests in a connection form a 468 dependency tree. The structure of the dependency tree changes as 469 PRIORITY frames add, remove, or change the dependency links between 470 requests. 472 The PRIORITY frame Section 4.2.4 identifies a prioritized element. 473 The elements which can be prioritized are: 475 o Requests, identified by the ID of the request stream 476 o Pushes, identified by the Push ID of the promised resource 477 (Section 4.2.7) 479 o Placeholders, identified by a Placeholder ID 481 An element can depend on another element or on the root of the tree. 482 A reference to an element which is no longer in the tree is treated 483 as a reference to the root of the tree. 485 Only a client can send PRIORITY frames. A server MUST NOT send a 486 PRIORITY frame. 488 3.2.1. Placeholders 490 In HTTP/2, certain implementations used closed or unused streams as 491 placeholders in describing the relative priority of requests. 492 However, this created confusion as servers could not reliably 493 identify which elements of the priority tree could safely be 494 discarded. Clients could potentially reference closed streams long 495 after the server had discarded state, leading to disparate views of 496 the prioritization the client had attempted to express. 498 In HTTP/QUIC, a number of placeholders are explicitly permitted by 499 the server using the "SETTINGS_NUM_PLACEHOLDERS" setting. Because 500 the server commits to maintain these IDs in the tree, clients can use 501 them with confidence that the server will not have discarded the 502 state. 504 Placeholders are identified by an ID between zero and one less than 505 the number of placeholders the server has permitted. 507 3.2.2. Priority Tree Maintenance 509 Servers can aggressively prune inactive regions from the priority 510 tree, because placeholders will be used to "root" any persistent 511 structure of the tree which the client cares about retaining. For 512 prioritization purposes, a node in the tree is considered "inactive" 513 when the corresponding stream has been closed for at least two round- 514 trip times (using any reasonable estimate available on the server). 515 This delay helps mitigate race conditions where the server has pruned 516 a node the client believed was still active and used as a Stream 517 Dependency. 519 Specifically, the server MAY at any time: 521 o Identify and discard branches of the tree containing only inactive 522 nodes (i.e. a node with only other inactive nodes as descendants, 523 along with those descendants) 525 o Identify and condense interior regions of the tree containing only 526 inactive nodes, allocating weight appropriately 528 x x x 529 | | | 530 P P P 531 / \ | | 532 I I ==> I ==> A 533 / \ | | 534 A I A A 535 | | 536 A A 538 Figure 1: Example of Priority Tree Pruning 540 In the example in Figure 1, "P" represents a Placeholder, "A" 541 represents an active node, and "I" represents an inactive node. In 542 the first step, the server discards two inactive branches (each a 543 single node). In the second step, the server condenses an interior 544 inactive node. Note that these transformations will result in no 545 change in the resources allocated to a particular active stream. 547 Clients SHOULD assume the server is actively performing such pruning 548 and SHOULD NOT declare a dependency on a stream it knows to have been 549 closed. 551 3.3. Unidirectional Streams 553 Unidirectional streams, in either direction, are used for a range of 554 purposes. The purpose is indicated by a stream type, which is sent 555 as a single octet header at the start of the stream. The format and 556 structure of data that follows this header is determined by the 557 stream type. 559 0 1 2 3 4 5 6 7 560 +-+-+-+-+-+-+-+-+ 561 |Stream Type (8)| 562 +-+-+-+-+-+-+-+-+ 564 Figure 2: Unidirectional Stream Header 566 Two stream types are defined in this document: control streams 567 (Section 3.3.1) and push streams (Section 3.3.2). Other stream types 568 can be defined by extensions to HTTP/QUIC. 570 If the stream header indicates a stream type which is not supported 571 by the recipient, this SHOULD be treated as a stream error of type 572 HTTP_UNKNOWN_STREAM_TYPE. The semantics of the remainder of the 573 stream are unknown. Implementations SHOULD NOT send stream types the 574 peer is not already known to support, since a stream error can be 575 promoted to a connection error at the peer's discretion (see 576 Section 6). 578 3.3.1. Control Streams 580 The control stream is indicated by a stream type of "0x43" (ASCII 581 'C'). Data on this stream consists of HTTP frames, as defined in 582 Section 4.2. 584 Each side MUST initiate a single control stream at the beginning of 585 the connection and send its SETTINGS frame as the first frame on this 586 stream. Only one control stream per peer is permitted; receipt of a 587 second stream which claims to be a control stream MUST be treated as 588 a connection error of type HTTP_WRONG_STREAM_COUNT. If the control 589 stream is closed at any point, this MUST be treated as a connection 590 error of type HTTP_CLOSED_CRITICAL_STREAM. 592 A pair of unidirectional streams is used rather than a single 593 bidirectional stream. This allows either peer to send data as soon 594 they are able. Depending on whether 0-RTT is enabled on the 595 connection, either client or server might be able to send stream data 596 first after the cryptographic handshake completes. 598 3.3.2. Server Push 600 HTTP/QUIC server push is similar to what is described in [RFC7540], 601 but uses different mechanisms. During connection establishment, the 602 client enables server push by sending a MAX_PUSH_ID frame (see 603 Section 4.2.9). A server cannot use server push until it receives a 604 MAX_PUSH_ID frame. Only servers can push; if a server receives a 605 client-initiated push stream, this MUST be treated as a stream error 606 of type HTTP_WRONG_STREAM_DIRECTION. 608 A push stream is indicated by a stream type of "0x50" (ASCII 'P'), 609 followed by the Push ID of the promise that it fulfills, encoded as a 610 variable-length integer. 612 0 1 2 3 613 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 614 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 615 |Stream Type (8)| Push ID (i) ... 616 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 618 Figure 3: Push Stream Header 620 Unlike HTTP/2, the PUSH_PROMISE does not reference a stream; it 621 contains a Push ID. The Push ID uniquely identifies a server push. 622 This allows a server to fulfill promises in the order that best suits 623 its needs. When a server later fulfills a promise, the server push 624 response is conveyed on a push stream. 626 A server SHOULD use Push IDs sequentially, starting at 0. A client 627 uses the MAX_PUSH_ID frame (Section 4.2.9) to limit the number of 628 pushes that a server can promise. A client MUST treat receipt of a 629 push stream with a Push ID that is greater than the maximum Push ID 630 as a connection error of type HTTP_PUSH_LIMIT_EXCEEDED. 632 The remaining data on this stream consists of HTTP frames, as defined 633 in Section 4.2, and carries the response side of an HTTP message 634 exchange as described in Section 3.1. The request headers of the 635 exchange are carried by a PUSH_PROMISE frame (see Section 4.2.7) on 636 the request stream which generated the push. Promised requests MUST 637 conform to the requirements in Section 8.2 of [RFC7540]. 639 The PUSH_PROMISE frame is sent on the client-initiated bidirectional 640 stream that carried the request that generated the push. This allows 641 the server push to be associated with a request. Ordering of a 642 PUSH_PROMISE in relation to certain parts of the response is 643 important (see Section 8.2.1 of [RFC7540]). 645 If a promised server push is not needed by the client, the client 646 SHOULD send a CANCEL_PUSH frame; if the push stream is already open, 647 a QUIC STOP_SENDING frame with an appropriate error code can be used 648 instead (e.g., HTTP_PUSH_REFUSED, HTTP_PUSH_ALREADY_IN_CACHE; see 649 Section 6). This asks the server not to transfer the data and 650 indicates that it will be discarded upon receipt. 652 Push streams always begin with a header containing the Push ID. Each 653 Push ID MUST only be used once in a push stream header. If a push 654 stream header includes a Push ID that was used in another push stream 655 header, the client MUST treat this as a connection error of type 656 HTTP_DUPLICATE_PUSH. The same Push ID can be used in multiple 657 PUSH_PROMISE frames (see Section 4.2.7). 659 After the header, a push stream contains a response (Section 3.1), 660 with response headers, a response body (if any) carried by DATA 661 frames, then trailers (if any) carried by HEADERS frames. 663 4. HTTP Framing Layer 665 Frames are used on the control stream, request streams, and push 666 streams. This section describes HTTP framing in QUIC and highlights 667 some differences from HTTP/2 framing. For more detail on differences 668 from HTTP/2, see Section 7.2. 670 4.1. Frame Layout 672 All frames have the following format: 674 0 1 2 3 675 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 676 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 677 | Length (i) ... 678 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 679 | Type (8) | Frame Payload (*) ... 680 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 682 Figure 4: HTTP/QUIC frame format 684 A frame includes the following fields: 686 Length: A variable-length integer that describes the length of the 687 Frame Payload. This length does not include the frame header. 689 Type: An 8-bit type for the frame. 691 Frame Payload: A payload, the semantics of which are determined by 692 the Type field. 694 4.2. Frame Definitions 696 4.2.1. Reserved Frame Types 698 Frame types of the format "0xb + (0x1f * N)" are reserved to exercise 699 the requirement that unknown types be ignored. These frames have no 700 semantic meaning, and can be sent when application-layer padding is 701 desired. They MAY also be sent on connections where no request data 702 is currently being transferred. Endpoints MUST NOT consider these 703 frames to have any meaning upon receipt. 705 The payload and length of the frames are selected in any manner the 706 implementation chooses. 708 4.2.2. DATA 710 DATA frames (type=0x0) convey arbitrary, variable-length sequences of 711 octets associated with an HTTP request or response payload. 713 DATA frames MUST be associated with an HTTP request or response. If 714 a DATA frame is received on either control stream, the recipient MUST 715 respond with a connection error (Section 6) of type 716 HTTP_WRONG_STREAM. 718 0 1 2 3 719 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 720 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 721 | Payload (*) ... 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 724 Figure 5: DATA frame payload 726 DATA frames MUST contain a non-zero-length payload. If a DATA frame 727 is received with a payload length of zero, the recipient MUST respond 728 with a stream error (Section 6) of type HTTP_MALFORMED_FRAME. 730 4.2.3. HEADERS 732 The HEADERS frame (type=0x1) is used to carry a header block, 733 compressed using QPACK. See [QPACK] for more details. 735 0 1 2 3 736 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 737 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 738 | Header Block (*) ... 739 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 741 Figure 6: HEADERS frame payload 743 HEADERS frames can only be sent on request / push streams. 745 4.2.4. PRIORITY 747 The PRIORITY (type=0x02) frame specifies the sender-advised priority 748 of a stream and is substantially different in format from [RFC7540]. 749 In order to ensure that prioritization is processed in a consistent 750 order, PRIORITY frames MUST be sent on the control stream. A 751 PRIORITY frame sent on any other stream MUST be treated as a 752 HTTP_WRONG_STREAM error. 754 The format has been modified to accommodate not being sent on a 755 request stream, to allow for identification of server pushes, and the 756 larger stream ID space of QUIC. The semantics of the Stream 757 Dependency, Weight, and E flag are otherwise the same as in HTTP/2. 759 0 1 2 3 760 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 761 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 762 |PT |DT |Empty|E| 763 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 764 | Prioritized Element ID (i) ... 765 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 766 | Element Dependency ID (i) ... 767 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 768 | Weight (8) | 769 +-+-+-+-+-+-+-+-+ 771 Figure 7: PRIORITY frame payload 773 The PRIORITY frame payload has the following fields: 775 Prioritized Type: A two-bit field indicating the type of element 776 being prioritized. 778 Dependency Type: A two-bit field indicating the type of element 779 being depended on. 781 Empty: A three-bit field which MUST be zero when sent and MUST be 782 ignored on receipt. 784 Exclusive: A flag which indicates that the stream dependency is 785 exclusive (see [RFC7540], Section 5.3). 787 Prioritized Element ID: A variable-length integer that identifies 788 the element being prioritized. Depending on the value of 789 Prioritized Type, this contains the Stream ID of a request stream, 790 the Push ID of a promised resource, or a Placeholder ID of a 791 placeholder. 793 Element Dependency ID: A variable-length integer that identifies the 794 element on which a dependency is being expressed. Depending on 795 the value of Dependency Type, this contains the Stream ID of a 796 request stream, the Push ID of a promised resource, or a 797 Placeholder ID of a placeholder. For details of dependencies, see 798 Section 3.2 and [RFC7540], Section 5.3. 800 Weight: An unsigned 8-bit integer representing a priority weight for 801 the stream (see [RFC7540], Section 5.3). Add one to the value to 802 obtain a weight between 1 and 256. 804 A PRIORITY frame identifies an element to prioritize, and an element 805 upon which it depends. A Prioritized ID or Dependency ID identifies 806 a client-initiated request using the corresponding stream ID, a 807 server push using a Push ID (see Section 4.2.7), or a placeholder 808 using a Placeholder ID (see Section 3.2.1). 810 The values for the Prioritized Element Type and Element Dependency 811 Type imply the interpretation of the associated Element ID fields. 813 +-----------+------------------+---------------------+ 814 | Type Bits | Type Description | Element ID Contents | 815 +-----------+------------------+---------------------+ 816 | 00 | Request stream | Stream ID | 817 | | | | 818 | 01 | Push stream | Push ID | 819 | | | | 820 | 10 | Placeholder | Placeholder ID | 821 | | | | 822 | 11 | Root of the tree | Ignored | 823 +-----------+------------------+---------------------+ 825 Note that the root of the tree cannot be referenced using a Stream ID 826 of 0, as in [RFC7540]; QUIC stream 0 carries a valid HTTP request. 827 The root of the tree cannot be reprioritized. A PRIORITY frame that 828 prioritizes the root of the tree MUST be treated as a connection 829 error of type HTTP_MALFORMED_FRAME. 831 When a PRIORITY frame claims to reference a request, the associated 832 ID MUST identify a client-initiated bidirectional stream. A server 833 MUST treat receipt of PRIORITY frame with a Stream ID of any other 834 type as a connection error of type HTTP_MALFORMED_FRAME. 836 A PRIORITY frame that references a non-existent Push ID or a 837 Placeholder ID greater than the server's limit MUST be treated as a 838 HTTP_MALFORMED_FRAME error. 840 A PRIORITY frame MUST contain only the identified fields. A PRIORITY 841 frame that contains more or fewer fields, or a PRIORITY frame that 842 includes a truncated integer encoding MUST be treated as a connection 843 error of type HTTP_MALFORMED_FRAME. 845 4.2.5. CANCEL_PUSH 847 The CANCEL_PUSH frame (type=0x3) is used to request cancellation of 848 server push prior to the push stream being created. The CANCEL_PUSH 849 frame identifies a server push request by Push ID (see Section 4.2.7) 850 using a variable-length integer. 852 When a server receives this frame, it aborts sending the response for 853 the identified server push. If the server has not yet started to 854 send the server push, it can use the receipt of a CANCEL_PUSH frame 855 to avoid opening a stream. If the push stream has been opened by the 856 server, the server SHOULD sent a QUIC RST_STREAM frame on those 857 streams and cease transmission of the response. 859 A server can send this frame to indicate that it won't be sending a 860 response prior to creation of a push stream. Once the push stream 861 has been created, sending CANCEL_PUSH has no effect on the state of 862 the push stream. A QUIC RST_STREAM frame SHOULD be used instead to 863 cancel transmission of the server push response. 865 A CANCEL_PUSH frame is sent on the control stream. Sending a 866 CANCEL_PUSH frame on a stream other than the control stream MUST be 867 treated as a stream error of type HTTP_WRONG_STREAM. 869 0 1 2 3 870 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 871 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 872 | Push ID (i) ... 873 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 875 Figure 8: CANCEL_PUSH frame payload 877 The CANCEL_PUSH frame carries a Push ID encoded as a variable-length 878 integer. The Push ID identifies the server push that is being 879 cancelled (see Section 4.2.7). 881 If the client receives a CANCEL_PUSH frame, that frame might identify 882 a Push ID that has not yet been mentioned by a PUSH_PROMISE frame. 884 An endpoint MUST treat a CANCEL_PUSH frame which does not contain 885 exactly one properly-formatted variable-length integer as a 886 connection error of type HTTP_MALFORMED_FRAME. 888 4.2.6. SETTINGS 890 The SETTINGS frame (type=0x4) conveys configuration parameters that 891 affect how endpoints communicate, such as preferences and constraints 892 on peer behavior, and is different from [RFC7540]. Individually, a 893 SETTINGS parameter can also be referred to as a "setting". 895 SETTINGS parameters are not negotiated; they describe characteristics 896 of the sending peer, which can be used by the receiving peer. 897 However, a negotiation can be implied by the use of SETTINGS - a peer 898 uses SETTINGS to advertise a set of supported values. The recipient 899 can then choose which entries from this list are also acceptable and 900 proceed with the value it has chosen. (This choice could be 901 announced in a field of an extension frame, or in its own value in 902 SETTINGS.) 903 Different values for the same parameter can be advertised by each 904 peer. For example, a client might be willing to consume very large 905 response headers, while servers are more cautious about request size. 907 Parameters MUST NOT occur more than once. A receiver MAY treat the 908 presence of the same parameter more than once as a connection error 909 of type HTTP_MALFORMED_FRAME. 911 The payload of a SETTINGS frame consists of zero or more parameters, 912 each consisting of an unsigned 16-bit setting identifier and a 913 length-prefixed binary value. 915 0 1 2 3 916 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 917 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 918 | Identifier (16) | Length (i) ... 919 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 920 | Contents (?) ... 921 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 923 Figure 9: SETTINGS value format 925 A zero-length content indicates that the setting value is a Boolean 926 and true. False is indicated by the absence of the setting. 928 Non-zero-length values MUST be compared against the remaining length 929 of the SETTINGS frame. Any value which purports to cross the end of 930 the frame MUST cause the SETTINGS frame to be considered malformed 931 and trigger a connection error of type HTTP_MALFORMED_FRAME. 933 An implementation MUST ignore the contents for any SETTINGS 934 identifier it does not understand. 936 SETTINGS frames always apply to a connection, never a single stream. 937 A SETTINGS frame MUST be sent as the first frame of either control 938 stream (see Section 3) by each peer, and MUST NOT be sent 939 subsequently or on any other stream. If an endpoint receives an 940 SETTINGS frame on a different stream, the endpoint MUST respond with 941 a connection error of type HTTP_WRONG_STREAM. If an endpoint 942 receives a second SETTINGS frame, the endpoint MUST respond with a 943 connection error of type HTTP_MALFORMED_FRAME. 945 The SETTINGS frame affects connection state. A badly formed or 946 incomplete SETTINGS frame MUST be treated as a connection error 947 (Section 6) of type HTTP_MALFORMED_FRAME. 949 4.2.6.1. Integer encoding 951 Settings which are integers use the QUIC variable-length integer 952 encoding. 954 4.2.6.2. Defined SETTINGS Parameters 956 The following settings are defined in HTTP/QUIC: 958 SETTINGS_NUM_PLACEHOLDERS (0x3): An integer with a maximum value of 959 2^16 - 1. The value SHOULD be non-zero. The default value is 16. 961 SETTINGS_MAX_HEADER_LIST_SIZE (0x6): An integer with a maximum value 962 of 2^30 - 1. The default value is unlimited. 964 Settings values of the format "0x?a?a" are reserved to exercise the 965 requirement that unknown parameters be ignored. Such settings have 966 no defined meaning. Endpoints SHOULD include at least one such 967 setting in their SETTINGS frame. Endpoints MUST NOT consider such 968 settings to have any meaning upon receipt. 970 Because the setting has no defined meaning, the value of the setting 971 can be any value the implementation selects. 973 Additional settings MAY be defined by extensions to HTTP/QUIC. 975 4.2.6.3. Initial SETTINGS Values 977 When a 0-RTT QUIC connection is being used, the client's initial 978 requests will be sent before the arrival of the server's SETTINGS 979 frame. Clients MUST store the settings the server provided in the 980 session being resumed and MUST comply with stored settings until the 981 server's current settings are received. 983 Servers MAY continue processing data from clients which exceed its 984 current configuration during the initial flight. In this case, the 985 client MUST apply the new settings immediately upon receipt. 987 When a 1-RTT QUIC connection is being used, the client MUST NOT send 988 requests prior to receiving and processing the server's SETTINGS 989 frame. 991 4.2.7. PUSH_PROMISE 993 The PUSH_PROMISE frame (type=0x05) is used to carry a request header 994 set from server to client, as in HTTP/2. 996 0 1 2 3 997 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 998 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 999 | Push ID (i) ... 1000 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1001 | Header Block (*) ... 1002 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1004 Figure 10: PUSH_PROMISE frame payload 1006 The payload consists of: 1008 Push ID: A variable-length integer that identifies the server push 1009 request. A push ID is used in push stream header (Section 3.3.2), 1010 CANCEL_PUSH frames (Section 4.2.5), and PRIORITY frames 1011 (Section 4.2.4). 1013 Header Block: QPACK-compressed request headers for the promised 1014 response. See [QPACK] for more details. 1016 A server MUST NOT use a Push ID that is larger than the client has 1017 provided in a MAX_PUSH_ID frame (Section 4.2.9). A client MUST treat 1018 receipt of a PUSH_PROMISE that contains a larger Push ID than the 1019 client has advertised as a connection error of type 1020 HTTP_MALFORMED_FRAME. 1022 A server MAY use the same Push ID in multiple PUSH_PROMISE frames. 1023 This allows the server to use the same server push in response to 1024 multiple concurrent requests. Referencing the same server push 1025 ensures that a PUSH_PROMISE can be made in relation to every response 1026 in which server push might be needed without duplicating pushes. 1028 A server that uses the same Push ID in multiple PUSH_PROMISE frames 1029 MUST include the same header fields each time. The octets of the 1030 header block MAY be different due to differing encoding, but the 1031 header fields and their values MUST be identical. Note that ordering 1032 of header fields is significant. A client MUST treat receipt of a 1033 PUSH_PROMISE with conflicting header field values for the same Push 1034 ID as a connection error of type HTTP_MALFORMED_FRAME. 1036 Allowing duplicate references to the same Push ID is primarily to 1037 reduce duplication caused by concurrent requests. A server SHOULD 1038 avoid reusing a Push ID over a long period. Clients are likely to 1039 consume server push responses and not retain them for reuse over 1040 time. Clients that see a PUSH_PROMISE that uses a Push ID that they 1041 have since consumed and discarded are forced to ignore the 1042 PUSH_PROMISE. 1044 4.2.8. GOAWAY 1046 The GOAWAY frame (type=0x7) is used to initiate graceful shutdown of 1047 a connection by a server. GOAWAY allows a server to stop accepting 1048 new requests while still finishing processing of previously received 1049 requests. This enables administrative actions, like server 1050 maintenance. GOAWAY by itself does not close a connection. 1052 0 1 2 3 1053 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1054 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1055 | Stream ID (i) ... 1056 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1058 Figure 11: GOAWAY frame payload 1060 The GOAWAY frame carries a QUIC Stream ID for a client-initiated 1061 bidirectional stream encoded as a variable-length integer. A client 1062 MUST treat receipt of a GOAWAY frame containing a Stream ID of any 1063 other type as a connection error of type HTTP_MALFORMED_FRAME. 1065 Clients do not need to send GOAWAY to initiate a graceful shutdown; 1066 they simply stop making new requests. A server MUST treat receipt of 1067 a GOAWAY frame as a connection error (Section 6) of type 1068 HTTP_UNEXPECTED_GOAWAY. 1070 The GOAWAY frame applies to the connection, not a specific stream. 1071 An endpoint MUST treat a GOAWAY frame on a stream other than the 1072 control stream as a connection error (Section 6) of type 1073 HTTP_WRONG_STREAM. 1075 New client requests might already have been sent before the client 1076 receives the server's GOAWAY frame. The GOAWAY frame contains the 1077 Stream ID of the last client-initiated request that was or might be 1078 processed in this connection, which enables client and server to 1079 agree on which requests were accepted prior to the connection 1080 shutdown. This identifier MAY be lower than the stream limit 1081 identified by a QUIC MAX_STREAM_ID frame, and MAY be zero if no 1082 requests were processed. Servers SHOULD NOT increase the 1083 MAX_STREAM_ID limit after sending a GOAWAY frame. 1085 Once sent, the server MUST cancel requests sent on streams with an 1086 identifier higher than the included last Stream ID. Clients MUST NOT 1087 send new requests on the connection after receiving GOAWAY, although 1088 requests might already be in transit. A new connection can be 1089 established for new requests. 1091 If the client has sent requests on streams with a higher Stream ID 1092 than indicated in the GOAWAY frame, those requests are considered 1093 cancelled (Section 3.1.3). Clients SHOULD reset any streams above 1094 this ID with the error code HTTP_REQUEST_CANCELLED. Servers MAY also 1095 cancel requests on streams below the indicated ID if these requests 1096 were not processed. 1098 Requests on Stream IDs less than or equal to the Stream ID in the 1099 GOAWAY frame might have been processed; their status cannot be known 1100 until they are completed successfully, reset individually, or the 1101 connection terminates. 1103 Servers SHOULD send a GOAWAY frame when the closing of a connection 1104 is known in advance, even if the advance notice is small, so that the 1105 remote peer can know whether a stream has been partially processed or 1106 not. For example, if an HTTP client sends a POST at the same time 1107 that a server closes a QUIC connection, the client cannot know if the 1108 server started to process that POST request if the server does not 1109 send a GOAWAY frame to indicate what streams it might have acted on. 1111 For unexpected closures caused by error conditions, a QUIC 1112 CONNECTION_CLOSE or APPLICATION_CLOSE frame MUST be used. However, a 1113 GOAWAY MAY be sent first to provide additional detail to clients and 1114 to allow the client to retry requests. Including the GOAWAY frame in 1115 the same packet as the QUIC CONNECTION_CLOSE or APPLICATION_CLOSE 1116 frame improves the chances of the frame being received by clients. 1118 If a connection terminates without a GOAWAY frame, the last Stream ID 1119 is effectively the highest possible Stream ID (as determined by 1120 QUIC's MAX_STREAM_ID). 1122 An endpoint MAY send multiple GOAWAY frames if circumstances change. 1123 For instance, an endpoint that sends GOAWAY without an error code 1124 during graceful shutdown could subsequently encounter an error 1125 condition. The last stream identifier from the last GOAWAY frame 1126 received indicates which streams could have been acted upon. A 1127 server MUST NOT increase the value they send in the last Stream ID, 1128 since clients might already have retried unprocessed requests on 1129 another connection. 1131 A client that is unable to retry requests loses all requests that are 1132 in flight when the server closes the connection. A server that is 1133 attempting to gracefully shut down a connection SHOULD send an 1134 initial GOAWAY frame with the last Stream ID set to the current value 1135 of QUIC's MAX_STREAM_ID and SHOULD NOT increase the MAX_STREAM_ID 1136 thereafter. This signals to the client that a shutdown is imminent 1137 and that initiating further requests is prohibited. After allowing 1138 time for any in-flight requests (at least one round-trip time), the 1139 server MAY send another GOAWAY frame with an updated last Stream ID. 1140 This ensures that a connection can be cleanly shut down without 1141 losing requests. 1143 Once all requests on streams at or below the identified stream number 1144 have been completed or cancelled, and all promised server push 1145 responses associated with those requests have been completed or 1146 cancelled, the connection can be closed using an Immediate Close (see 1147 [QUIC-TRANSPORT]). An endpoint that completes a graceful shutdown 1148 SHOULD use the QUIC APPLICATION_CLOSE frame with the HTTP_NO_ERROR 1149 code. 1151 4.2.9. MAX_PUSH_ID 1153 The MAX_PUSH_ID frame (type=0xD) is used by clients to control the 1154 number of server pushes that the server can initiate. This sets the 1155 maximum value for a Push ID that the server can use in a PUSH_PROMISE 1156 frame. Consequently, this also limits the number of push streams 1157 that the server can initiate in addition to the limit set by the QUIC 1158 MAX_STREAM_ID frame. 1160 The MAX_PUSH_ID frame is always sent on a control stream. Receipt of 1161 a MAX_PUSH_ID frame on any other stream MUST be treated as a 1162 connection error of type HTTP_WRONG_STREAM. 1164 A server MUST NOT send a MAX_PUSH_ID frame. A client MUST treat the 1165 receipt of a MAX_PUSH_ID frame as a connection error of type 1166 HTTP_MALFORMED_FRAME. 1168 The maximum Push ID is unset when a connection is created, meaning 1169 that a server cannot push until it receives a MAX_PUSH_ID frame. A 1170 client that wishes to manage the number of promised server pushes can 1171 increase the maximum Push ID by sending a MAX_PUSH_ID frame as the 1172 server fulfills or cancels server pushes. 1174 0 1 2 3 1175 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1176 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1177 | Push ID (i) ... 1178 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1180 Figure 12: MAX_PUSH_ID frame payload 1182 The MAX_PUSH_ID frame carries a single variable-length integer that 1183 identifies the maximum value for a Push ID that the server can use 1184 (see Section 4.2.7). A MAX_PUSH_ID frame cannot reduce the maximum 1185 Push ID; receipt of a MAX_PUSH_ID that contains a smaller value than 1186 previously received MUST be treated as a connection error of type 1187 HTTP_MALFORMED_FRAME. 1189 A server MUST treat a MAX_PUSH_ID frame payload that does not contain 1190 a single variable-length integer as a connection error of type 1191 HTTP_MALFORMED_FRAME. 1193 5. Connection Management 1195 QUIC connections are persistent. All of the considerations in 1196 Section 9.1 of [RFC7540] apply to the management of QUIC connections. 1198 HTTP clients are expected to use QUIC PING frames to keep connections 1199 open. Servers SHOULD NOT use PING frames to keep a connection open. 1200 A client SHOULD NOT use PING frames for this purpose unless there are 1201 responses outstanding for requests or server pushes. If the client 1202 is not expecting a response from the server, allowing an idle 1203 connection to time out (based on the idle_timeout transport 1204 parameter) is preferred over expending effort maintaining a 1205 connection that might not be needed. A gateway MAY use PING to 1206 maintain connections in anticipation of need rather than incur the 1207 latency cost of connection establishment to servers. 1209 6. Error Handling 1211 QUIC allows the application to abruptly terminate (reset) individual 1212 streams or the entire connection when an error is encountered. These 1213 are referred to as "stream errors" or "connection errors" and are 1214 described in more detail in [QUIC-TRANSPORT]. 1216 This section describes HTTP/QUIC-specific error codes which can be 1217 used to express the cause of a connection or stream error. 1219 6.1. HTTP/QUIC Error Codes 1221 The following error codes are defined for use in QUIC RST_STREAM, 1222 STOP_SENDING, and CONNECTION_CLOSE frames when using HTTP/QUIC. 1224 STOPPING (0x00): This value is reserved by the transport to be used 1225 in response to QUIC STOP_SENDING frames. 1227 HTTP_NO_ERROR (0x01): No error. This is used when the connection or 1228 stream needs to be closed, but there is no error to signal. 1230 HTTP_PUSH_REFUSED (0x02): The server has attempted to push content 1231 which the client will not accept on this connection. 1233 HTTP_INTERNAL_ERROR (0x03): An internal error has occurred in the 1234 HTTP stack. 1236 HTTP_PUSH_ALREADY_IN_CACHE (0x04): The server has attempted to push 1237 content which the client has cached. 1239 HTTP_REQUEST_CANCELLED (0x05): The client no longer needs the 1240 requested data. 1242 HTTP_QPACK_DECOMPRESSION_FAILED (0x06): QPACK failed to decompress a 1243 frame and cannot continue. 1245 HTTP_CONNECT_ERROR (0x07): The connection established in response to 1246 a CONNECT request was reset or abnormally closed. 1248 HTTP_EXCESSIVE_LOAD (0x08): The endpoint detected that its peer is 1249 exhibiting a behavior that might be generating excessive load. 1251 HTTP_VERSION_FALLBACK (0x09): The requested operation cannot be 1252 served over HTTP/QUIC. The peer should retry over HTTP/2. 1254 HTTP_WRONG_STREAM (0x0A): A frame was received on a stream where it 1255 is not permitted. 1257 HTTP_PUSH_LIMIT_EXCEEDED (0x0B): A Push ID greater than the current 1258 maximum Push ID was referenced. 1260 HTTP_DUPLICATE_PUSH (0x0C): A Push ID was referenced in two 1261 different stream headers. 1263 HTTP_UNKNOWN_STREAM_TYPE (0x0D): A unidirectional stream header 1264 contained an unknown stream type. 1266 HTTP_WRONG_STREAM_COUNT (0x0E): A unidirectional stream type was 1267 used more times than is permitted by that type. 1269 HTTP_CLOSED_CRITICAL_STREAM (0x0F): A stream required by the 1270 connection was closed or reset. 1272 HTTP_WRONG_STREAM_DIRECTION (0x0010): A unidirectional stream type 1273 was used by a peer which is not permitted to do so. 1275 HTTP_GENERAL_PROTOCOL_ERROR (0x00FF): Peer violated protocol 1276 requirements in a way which doesn't match a more specific error 1277 code, or endpoint declines to use the more specific error code. 1279 HTTP_MALFORMED_FRAME (0x01XX): An error in a specific frame type. 1280 The frame type is included as the last octet of the error code. 1282 For example, an error in a MAX_PUSH_ID frame would be indicated 1283 with the code (0x10D). 1285 7. Considerations for Transitioning from HTTP/2 1287 HTTP/QUIC is strongly informed by HTTP/2, and bears many 1288 similarities. This section describes the approach taken to design 1289 HTTP/QUIC, points out important differences from HTTP/2, and 1290 describes how to map HTTP/2 extensions into HTTP/QUIC. 1292 HTTP/QUIC begins from the premise that HTTP/2 code reuse is a useful 1293 feature, but not a hard requirement. HTTP/QUIC departs from HTTP/2 1294 primarily where necessary to accommodate the differences in behavior 1295 between QUIC and TCP (lack of ordering, support for streams). We 1296 intend to avoid gratuitous changes which make it difficult or 1297 impossible to build extensions with the same semantics applicable to 1298 both protocols at once. 1300 These departures are noted in this section. 1302 7.1. Streams 1304 HTTP/QUIC permits use of a larger number of streams (2^62-1) than 1305 HTTP/2. The considerations about exhaustion of stream identifier 1306 space apply, though the space is significantly larger such that it is 1307 likely that other limits in QUIC are reached first, such as the limit 1308 on the connection flow control window. 1310 7.2. HTTP Frame Types 1312 Many framing concepts from HTTP/2 can be elided away on QUIC, because 1313 the transport deals with them. Because frames are already on a 1314 stream, they can omit the stream number. Because frames do not block 1315 multiplexing (QUIC's multiplexing occurs below this layer), the 1316 support for variable-maximum-length packets can be removed. Because 1317 stream termination is handled by QUIC, an END_STREAM flag is not 1318 required. This permits the removal of the Flags field from the 1319 generic frame layout. 1321 Frame payloads are largely drawn from [RFC7540]. However, QUIC 1322 includes many features (e.g. flow control) which are also present in 1323 HTTP/2. In these cases, the HTTP mapping does not re-implement them. 1324 As a result, several HTTP/2 frame types are not required in HTTP/ 1325 QUIC. Where an HTTP/2-defined frame is no longer used, the frame ID 1326 has been reserved in order to maximize portability between HTTP/2 and 1327 HTTP/QUIC implementations. However, even equivalent frames between 1328 the two mappings are not identical. 1330 Many of the differences arise from the fact that HTTP/2 provides an 1331 absolute ordering between frames across all streams, while QUIC 1332 provides this guarantee on each stream only. As a result, if a frame 1333 type makes assumptions that frames from different streams will still 1334 be received in the order sent, HTTP/QUIC will break them. 1336 For example, implicit in the HTTP/2 prioritization scheme is the 1337 notion of in-order delivery of priority changes (i.e., dependency 1338 tree mutations): since operations on the dependency tree such as 1339 reparenting a subtree are not commutative, both sender and receiver 1340 must apply them in the same order to ensure that both sides have a 1341 consistent view of the stream dependency tree. HTTP/2 specifies 1342 priority assignments in PRIORITY frames and (optionally) in HEADERS 1343 frames. To achieve in-order delivery of priority changes in HTTP/ 1344 QUIC, PRIORITY frames are sent on the control stream and the PRIORITY 1345 section is removed from the HEADERS frame. 1347 Likewise, HPACK was designed with the assumption of in-order 1348 delivery. A sequence of encoded header blocks must arrive (and be 1349 decoded) at an endpoint in the same order in which they were encoded. 1350 This ensures that the dynamic state at the two endpoints remains in 1351 sync. As a result, HTTP/QUIC uses a modified version of HPACK, 1352 described in [QPACK]. 1354 Frame type definitions in HTTP/QUIC often use the QUIC variable- 1355 length integer encoding. In particular, Stream IDs use this 1356 encoding, which allow for a larger range of possible values than the 1357 encoding used in HTTP/2. Some frames in HTTP/QUIC use an identifier 1358 rather than a Stream ID (e.g. Push IDs in PRIORITY frames). 1359 Redefinition of the encoding of extension frame types might be 1360 necessary if the encoding includes a Stream ID. 1362 Because the Flags field is not present in generic HTTP/QUIC frames, 1363 those frames which depend on the presence of flags need to allocate 1364 space for flags as part of their frame payload. 1366 Other than this issue, frame type HTTP/2 extensions are typically 1367 portable to QUIC simply by replacing Stream 0 in HTTP/2 with a 1368 control stream in HTTP/QUIC. HTTP/QUIC extensions will not assume 1369 ordering, but would not be harmed by ordering, and would be portable 1370 to HTTP/2 in the same manner. 1372 Below is a listing of how each HTTP/2 frame type is mapped: 1374 DATA (0x0): Padding is not defined in HTTP/QUIC frames. See 1375 Section 4.2.2. 1377 HEADERS (0x1): As described above, the PRIORITY region of HEADERS is 1378 not supported. A separate PRIORITY frame MUST be used. Padding 1379 is not defined in HTTP/QUIC frames. See Section 4.2.3. 1381 PRIORITY (0x2): As described above, the PRIORITY frame is sent on 1382 the control stream and can reference either a Stream ID or a Push 1383 ID. See Section 4.2.4. 1385 RST_STREAM (0x3): RST_STREAM frames do not exist, since QUIC 1386 provides stream lifecycle management. The same code point is used 1387 for the CANCEL_PUSH frame (Section 4.2.5). 1389 SETTINGS (0x4): SETTINGS frames are sent only at the beginning of 1390 the connection. See Section 4.2.6 and Section 7.3. 1392 PUSH_PROMISE (0x5): The PUSH_PROMISE does not reference a stream; 1393 instead the push stream references the PUSH_PROMISE frame using a 1394 Push ID. See Section 4.2.7. 1396 PING (0x6): PING frames do not exist, since QUIC provides equivalent 1397 functionality. 1399 GOAWAY (0x7): GOAWAY is sent only from server to client and does not 1400 contain an error code. See Section 4.2.8. 1402 WINDOW_UPDATE (0x8): WINDOW_UPDATE frames do not exist, since QUIC 1403 provides flow control. 1405 CONTINUATION (0x9): CONTINUATION frames do not exist; instead, 1406 larger HEADERS/PUSH_PROMISE frames than HTTP/2 are permitted, and 1407 HEADERS frames can be used in series. 1409 Frame types defined by extensions to HTTP/2 need to be separately 1410 registered for HTTP/QUIC if still applicable. The IDs of frames 1411 defined in [RFC7540] have been reserved for simplicity. See 1412 Section 9.3. 1414 7.3. HTTP/2 SETTINGS Parameters 1416 An important difference from HTTP/2 is that settings are sent once, 1417 at the beginning of the connection, and thereafter cannot change. 1418 This eliminates many corner cases around synchronization of changes. 1420 Some transport-level options that HTTP/2 specifies via the SETTINGS 1421 frame are superseded by QUIC transport parameters in HTTP/QUIC. The 1422 HTTP-level options that are retained in HTTP/QUIC have the same value 1423 as in HTTP/2. 1425 Below is a listing of how each HTTP/2 SETTINGS parameter is mapped: 1427 SETTINGS_HEADER_TABLE_SIZE: See Section 4.2.6.2. 1429 SETTINGS_ENABLE_PUSH: This is removed in favor of the MAX_PUSH_ID 1430 which provides a more granular control over server push. 1432 SETTINGS_MAX_CONCURRENT_STREAMS: QUIC controls the largest open 1433 Stream ID as part of its flow control logic. Specifying 1434 SETTINGS_MAX_CONCURRENT_STREAMS in the SETTINGS frame is an error. 1436 SETTINGS_INITIAL_WINDOW_SIZE: QUIC requires both stream and 1437 connection flow control window sizes to be specified in the 1438 initial transport handshake. Specifying 1439 SETTINGS_INITIAL_WINDOW_SIZE in the SETTINGS frame is an error. 1441 SETTINGS_MAX_FRAME_SIZE: This setting has no equivalent in HTTP/ 1442 QUIC. Specifying it in the SETTINGS frame is an error. 1444 SETTINGS_MAX_HEADER_LIST_SIZE: See Section 4.2.6.2. 1446 Settings need to be defined separately for HTTP/2 and HTTP/QUIC. The 1447 IDs of settings defined in [RFC7540] have been reserved for 1448 simplicity. See Section 9.4. 1450 7.4. HTTP/2 Error Codes 1452 QUIC has the same concepts of "stream" and "connection" errors that 1453 HTTP/2 provides. However, because the error code space is shared 1454 between multiple components, there is no direct portability of HTTP/2 1455 error codes. 1457 The HTTP/2 error codes defined in Section 7 of [RFC7540] map to the 1458 HTTP over QUIC error codes as follows: 1460 NO_ERROR (0x0): HTTP_NO_ERROR in Section 6.1. 1462 PROTOCOL_ERROR (0x1): No single mapping. See new 1463 HTTP_MALFORMED_FRAME error codes defined in Section 6.1. 1465 INTERNAL_ERROR (0x2): HTTP_INTERNAL_ERROR in Section 6.1. 1467 FLOW_CONTROL_ERROR (0x3): Not applicable, since QUIC handles flow 1468 control. Would provoke a QUIC_FLOW_CONTROL_RECEIVED_TOO_MUCH_DATA 1469 from the QUIC layer. 1471 SETTINGS_TIMEOUT (0x4): Not applicable, since no acknowledgement of 1472 SETTINGS is defined. 1474 STREAM_CLOSED (0x5): Not applicable, since QUIC handles stream 1475 management. Would provoke a QUIC_STREAM_DATA_AFTER_TERMINATION 1476 from the QUIC layer. 1478 FRAME_SIZE_ERROR (0x6): No single mapping. See new error codes 1479 defined in Section 6.1. 1481 REFUSED_STREAM (0x7): Not applicable, since QUIC handles stream 1482 management. Would provoke a QUIC_TOO_MANY_OPEN_STREAMS from the 1483 QUIC layer. 1485 CANCEL (0x8): HTTP_REQUEST_CANCELLED in Section 6.1. 1487 COMPRESSION_ERROR (0x9): HTTP_HPACK_DECOMPRESSION_FAILED in 1488 Section 6.1. 1490 CONNECT_ERROR (0xa): HTTP_CONNECT_ERROR in Section 6.1. 1492 ENHANCE_YOUR_CALM (0xb): HTTP_EXCESSIVE_LOAD in Section 6.1. 1494 INADEQUATE_SECURITY (0xc): Not applicable, since QUIC is assumed to 1495 provide sufficient security on all connections. 1497 HTTP_1_1_REQUIRED (0xd): HTTP_VERSION_FALLBACK in Section 6.1. 1499 Error codes need to be defined for HTTP/2 and HTTP/QUIC separately. 1500 See Section 9.5. 1502 8. Security Considerations 1504 The security considerations of HTTP over QUIC should be comparable to 1505 those of HTTP/2 with TLS. 1507 The modified SETTINGS format contains nested length elements, which 1508 could pose a security risk to an uncautious implementer. A SETTINGS 1509 frame parser MUST ensure that the length of the frame exactly matches 1510 the length of the settings it contains. 1512 9. IANA Considerations 1514 9.1. Registration of HTTP/QUIC Identification String 1516 This document creates a new registration for the identification of 1517 HTTP/QUIC in the "Application Layer Protocol Negotiation (ALPN) 1518 Protocol IDs" registry established in [RFC7301]. 1520 The "hq" string identifies HTTP/QUIC: 1522 Protocol: HTTP over QUIC 1524 Identification Sequence: 0x68 0x71 ("hq") 1526 Specification: This document 1528 9.2. Registration of QUIC Version Hint Alt-Svc Parameter 1530 This document creates a new registration for version-negotiation 1531 hints in the "Hypertext Transfer Protocol (HTTP) Alt-Svc Parameter" 1532 registry established in [RFC7838]. 1534 Parameter: "quic" 1536 Specification: This document, Section 2.2.1 1538 9.3. Frame Types 1540 This document establishes a registry for HTTP/QUIC frame type codes. 1541 The "HTTP/QUIC Frame Type" registry manages an 8-bit space. The 1542 "HTTP/QUIC Frame Type" registry operates under either of the "IETF 1543 Review" or "IESG Approval" policies [RFC8126] for values from 0x00 up 1544 to and including 0xef, with values from 0xf0 up to and including 0xff 1545 being reserved for Experimental Use. 1547 While this registry is separate from the "HTTP/2 Frame Type" registry 1548 defined in [RFC7540], it is preferable that the assignments parallel 1549 each other. If an entry is present in only one registry, every 1550 effort SHOULD be made to avoid assigning the corresponding value to 1551 an unrelated operation. 1553 New entries in this registry require the following information: 1555 Frame Type: A name or label for the frame type. 1557 Code: The 8-bit code assigned to the frame type. 1559 Specification: A reference to a specification that includes a 1560 description of the frame layout and its semantics, including any 1561 parts of the frame that are conditionally present. 1563 The entries in the following table are registered by this document. 1565 +--------------+------+---------------+ 1566 | Frame Type | Code | Specification | 1567 +--------------+------+---------------+ 1568 | DATA | 0x0 | Section 4.2.2 | 1569 | | | | 1570 | HEADERS | 0x1 | Section 4.2.3 | 1571 | | | | 1572 | PRIORITY | 0x2 | Section 4.2.4 | 1573 | | | | 1574 | CANCEL_PUSH | 0x3 | Section 4.2.5 | 1575 | | | | 1576 | SETTINGS | 0x4 | Section 4.2.6 | 1577 | | | | 1578 | PUSH_PROMISE | 0x5 | Section 4.2.7 | 1579 | | | | 1580 | Reserved | 0x6 | N/A | 1581 | | | | 1582 | GOAWAY | 0x7 | Section 4.2.8 | 1583 | | | | 1584 | Reserved | 0x8 | N/A | 1585 | | | | 1586 | Reserved | 0x9 | N/A | 1587 | | | | 1588 | MAX_PUSH_ID | 0xD | Section 4.2.9 | 1589 +--------------+------+---------------+ 1591 Additionally, each code of the format "0xb + (0x1f * N)" for values 1592 of N in the range (0..7) (that is, "0xb", "0x2a", etc., through 1593 "0xe4"), the following values should be registered: 1595 Frame Type: Reserved - GREASE 1597 Specification: Section 4.2.1 1599 9.4. Settings Parameters 1601 This document establishes a registry for HTTP/QUIC settings. The 1602 "HTTP/QUIC Settings" registry manages a 16-bit space. The "HTTP/QUIC 1603 Settings" registry operates under the "Expert Review" policy 1604 [RFC8126] for values in the range from 0x0000 to 0xefff, with values 1605 between and 0xf000 and 0xffff being reserved for Experimental Use. 1606 The designated experts are the same as those for the "HTTP/2 1607 Settings" registry defined in [RFC7540]. 1609 While this registry is separate from the "HTTP/2 Settings" registry 1610 defined in [RFC7540], it is preferable that the assignments parallel 1611 each other. If an entry is present in only one registry, every 1612 effort SHOULD be made to avoid assigning the corresponding value to 1613 an unrelated operation. 1615 New registrations are advised to provide the following information: 1617 Name: A symbolic name for the setting. Specifying a setting name is 1618 optional. 1620 Code: The 16-bit code assigned to the setting. 1622 Specification: An optional reference to a specification that 1623 describes the use of the setting. 1625 The entries in the following table are registered by this document. 1627 +----------------------+------+-----------------+ 1628 | Setting Name | Code | Specification | 1629 +----------------------+------+-----------------+ 1630 | Reserved | 0x2 | N/A | 1631 | | | | 1632 | NUM_PLACEHOLDERS | 0x3 | Section 4.2.6.2 | 1633 | | | | 1634 | Reserved | 0x4 | N/A | 1635 | | | | 1636 | Reserved | 0x5 | N/A | 1637 | | | | 1638 | MAX_HEADER_LIST_SIZE | 0x6 | Section 4.2.6.2 | 1639 +----------------------+------+-----------------+ 1641 Additionally, each code of the format "0x?a?a" where each "?" is any 1642 four bits (that is, "0x0a0a", "0x0a1a", etc. through "0xfafa"), the 1643 following values should be registered: 1645 Name: Reserved - GREASE 1647 Specification: Section 4.2.6.2 1649 9.5. Error Codes 1651 This document establishes a registry for HTTP/QUIC error codes. The 1652 "HTTP/QUIC Error Code" registry manages a 16-bit space. The "HTTP/ 1653 QUIC Error Code" registry operates under the "Expert Review" policy 1654 [RFC8126]. 1656 Registrations for error codes are required to include a description 1657 of the error code. An expert reviewer is advised to examine new 1658 registrations for possible duplication with existing error codes. 1659 Use of existing registrations is to be encouraged, but not mandated. 1661 New registrations are advised to provide the following information: 1663 Name: A name for the error code. Specifying an error code name is 1664 optional. 1666 Code: The 16-bit error code value. 1668 Description: A brief description of the error code semantics, longer 1669 if no detailed specification is provided. 1671 Specification: An optional reference for a specification that 1672 defines the error code. 1674 The entries in the following table are registered by this document. 1676 +---------------------------+-------+--------------+----------------+ 1677 | Name | Code | Description | Specification | 1678 +---------------------------+-------+--------------+----------------+ 1679 | STOPPING | 0x000 | Reserved by | [QUIC-TRANSPOR | 1680 | | 0 | QUIC | T] | 1681 | | | | | 1682 | HTTP_NO_ERROR | 0x000 | No error | Section 6.1 | 1683 | | 1 | | | 1684 | | | | | 1685 | HTTP_PUSH_REFUSED | 0x000 | Client | Section 6.1 | 1686 | | 2 | refused | | 1687 | | | pushed | | 1688 | | | content | | 1689 | | | | | 1690 | HTTP_INTERNAL_ERROR | 0x000 | Internal | Section 6.1 | 1691 | | 3 | error | | 1692 | | | | | 1693 | HTTP_PUSH_ALREADY_IN_CACH | 0x000 | Pushed | Section 6.1 | 1694 | E | 4 | content | | 1695 | | | already | | 1696 | | | cached | | 1697 | | | | | 1698 | HTTP_REQUEST_CANCELLED | 0x000 | Data no | Section 6.1 | 1699 | | 5 | longer | | 1700 | | | needed | | 1701 | | | | | 1702 | HTTP_HPACK_DECOMPRESSION_ | 0x000 | HPACK cannot | Section 6.1 | 1703 | FAILED | 6 | continue | | 1704 | | | | | 1705 | HTTP_CONNECT_ERROR | 0x000 | TCP reset or | Section 6.1 | 1706 | | 7 | error on | | 1707 | | | CONNECT | | 1708 | | | request | | 1709 | | | | | 1710 | HTTP_EXCESSIVE_LOAD | 0x000 | Peer | Section 6.1 | 1711 | | 8 | generating | | 1712 | | | excessive | | 1713 | | | load | | 1714 | | | | | 1715 | HTTP_VERSION_FALLBACK | 0x000 | Retry over | Section 6.1 | 1716 | | 9 | HTTP/2 | | 1717 | | | | | 1718 | HTTP_WRONG_STREAM | 0x000 | A frame was | Section 6.1 | 1719 | | A | sent on the | | 1720 | | | wrong stream | | 1721 | | | | | 1722 | HTTP_PUSH_LIMIT_EXCEEDED | 0x000 | Maximum Push | Section 6.1 | 1723 | | B | ID exceeded | | 1724 | | | | | 1725 | HTTP_DUPLICATE_PUSH | 0x000 | Push ID was | Section 6.1 | 1726 | | C | fulfilled | | 1727 | | | multiple | | 1728 | | | times | | 1729 | | | | | 1730 | HTTP_UNKNOWN_STREAM_TYPE | 0x000 | Unknown unid | Section 6.1 | 1731 | | D | irectional | | 1732 | | | stream type | | 1733 | | | | | 1734 | HTTP_WRONG_STREAM_COUNT | 0x000 | Too many uni | Section 6.1 | 1735 | | E | directional | | 1736 | | | streams | | 1737 | | | | | 1738 | HTTP_CLOSED_CRITICAL_STRE | 0x000 | Critical | Section 6.1 | 1739 | AM | F | stream was | | 1740 | | | closed | | 1741 | | | | | 1742 | HTTP_WRONG_STREAM_DIRECTI | 0x001 | Unidirection | Section 6.1 | 1743 | ON | 0 | al stream in | | 1744 | | | wrong | | 1745 | | | direction | | 1746 | | | | | 1747 | HTTP_MALFORMED_FRAME | 0x01X | Error in | Section 6.1 | 1748 | | X | frame | | 1749 | | | formatting | | 1750 | | | or use | | 1751 +---------------------------+-------+--------------+----------------+ 1753 9.6. Stream Types 1755 This document establishes a registry for HTTP/QUIC unidirectional 1756 stream types. The "HTTP/QUIC Stream Type" registry manages an 8-bit 1757 space. The "HTTP/QUIC Stream Type" registry operates under either of 1758 the "IETF Review" or "IESG Approval" policies [RFC8126] for values 1759 from 0x00 up to and including 0xef, with values from 0xf0 up to and 1760 including 0xff being reserved for Experimental Use. 1762 New entries in this registry require the following information: 1764 Stream Type: A name or label for the stream type. 1766 Code: The 8-bit code assigned to the stream type. 1768 Specification: A reference to a specification that includes a 1769 description of the stream type, including the layout semantics of 1770 its payload. 1772 Sender: Which endpoint on a connection may initiate a stream of this 1773 type. Values are "Client", "Server", or "Both". 1775 The entries in the following table are registered by this document. 1777 +----------------+------+---------------+--------+ 1778 | Stream Type | Code | Specification | Sender | 1779 +----------------+------+---------------+--------+ 1780 | Control Stream | 0x43 | Section 3.3.1 | Both | 1781 | | | | | 1782 | Push Stream | 0x50 | Section 3.3.2 | Server | 1783 +----------------+------+---------------+--------+ 1785 10. References 1787 10.1. Normative References 1789 [QPACK] Krasic, C., Bishop, M., and A. Frindell, Ed., "QPACK: 1790 Header Compression for HTTP over QUIC", draft-ietf-quic- 1791 qpack-01 (work in progress), June 2018. 1793 [QUIC-TRANSPORT] 1794 Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based 1795 Multiplexed and Secure Transport", draft-ietf-quic- 1796 transport-12 (work in progress), June 2018. 1798 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 1799 RFC 793, DOI 10.17487/RFC0793, September 1981, 1800 . 1802 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1803 Requirement Levels", BCP 14, RFC 2119, 1804 DOI 10.17487/RFC2119, March 1997, 1805 . 1807 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 1808 Specifications: ABNF", STD 68, RFC 5234, 1809 DOI 10.17487/RFC5234, January 2008, 1810 . 1812 [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) 1813 Extensions: Extension Definitions", RFC 6066, 1814 DOI 10.17487/RFC6066, January 2011, 1815 . 1817 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 1818 Protocol (HTTP/1.1): Message Syntax and Routing", 1819 RFC 7230, DOI 10.17487/RFC7230, June 2014, 1820 . 1822 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 1823 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, 1824 DOI 10.17487/RFC7231, June 2014, 1825 . 1827 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 1828 Transfer Protocol Version 2 (HTTP/2)", RFC 7540, 1829 DOI 10.17487/RFC7540, May 2015, 1830 . 1832 [RFC7838] Nottingham, M., McManus, P., and J. Reschke, "HTTP 1833 Alternative Services", RFC 7838, DOI 10.17487/RFC7838, 1834 April 2016, . 1836 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1837 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1838 May 2017, . 1840 10.2. Informative References 1842 [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, 1843 "Transport Layer Security (TLS) Application-Layer Protocol 1844 Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, 1845 July 2014, . 1847 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1848 Writing an IANA Considerations Section in RFCs", BCP 26, 1849 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1850 . 1852 10.3. URIs 1854 [1] https://mailarchive.ietf.org/arch/search/?email_list=quic 1856 [2] https://github.com/quicwg 1858 [3] https://github.com/quicwg/base-drafts/labels/-http 1860 Appendix A. Change Log 1862 *RFC Editor's Note:* Please remove this section prior to 1863 publication of a final version of this document. 1865 A.1. Since draft-ietf-quic-http-12 1867 o TLS SNI extension isn't mandatory if an alternative method is used 1868 (#1459, #1462, #1466) 1870 o Removed flags from HTTP/QUIC frames (#1388, #1398) 1872 o Reserved frame types and settings for use in preserving 1873 extensibility (#1333, #1446) 1875 o Added general error code (#1391, #1397) 1877 o Unidirectional streams carry a type byte and are extensible 1878 (#910,#1359) 1880 o Priority mechanism now uses explicit placeholders to enable 1881 persistent structure in the tree (#441,#1421,#1422) 1883 A.2. Since draft-ietf-quic-http-11 1885 o Moved QPACK table updates and acknowledgments to dedicated streams 1886 (#1121, #1122, #1238) 1888 A.3. Since draft-ietf-quic-http-10 1890 o Settings need to be remembered when attempting and accepting 0-RTT 1891 (#1157, #1207) 1893 A.4. Since draft-ietf-quic-http-09 1895 o Selected QCRAM for header compression (#228, #1117) 1897 o The server_name TLS extension is now mandatory (#296, #495) 1899 o Specified handling of unsupported versions in Alt-Svc (#1093, 1900 #1097) 1902 A.5. Since draft-ietf-quic-http-08 1904 o Clarified connection coalescing rules (#940, #1024) 1906 A.6. Since draft-ietf-quic-http-07 1908 o Changes for integer encodings in QUIC (#595,#905) 1910 o Use unidirectional streams as appropriate (#515, #240, #281, #886) 1912 o Improvement to the description of GOAWAY (#604, #898) 1914 o Improve description of server push usage (#947, #950, #957) 1916 A.7. Since draft-ietf-quic-http-06 1918 o Track changes in QUIC error code usage (#485) 1920 A.8. Since draft-ietf-quic-http-05 1922 o Made push ID sequential, add MAX_PUSH_ID, remove 1923 SETTINGS_ENABLE_PUSH (#709) 1925 o Guidance about keep-alive and QUIC PINGs (#729) 1927 o Expanded text on GOAWAY and cancellation (#757) 1929 A.9. Since draft-ietf-quic-http-04 1931 o Cite RFC 5234 (#404) 1933 o Return to a single stream per request (#245,#557) 1935 o Use separate frame type and settings registries from HTTP/2 (#81) 1937 o SETTINGS_ENABLE_PUSH instead of SETTINGS_DISABLE_PUSH (#477) 1939 o Restored GOAWAY (#696) 1940 o Identify server push using Push ID rather than a stream ID 1941 (#702,#281) 1943 o DATA frames cannot be empty (#700) 1945 A.10. Since draft-ietf-quic-http-03 1947 None. 1949 A.11. Since draft-ietf-quic-http-02 1951 o Track changes in transport draft 1953 A.12. Since draft-ietf-quic-http-01 1955 o SETTINGS changes (#181): 1957 * SETTINGS can be sent only once at the start of a connection; no 1958 changes thereafter 1960 * SETTINGS_ACK removed 1962 * Settings can only occur in the SETTINGS frame a single time 1964 * Boolean format updated 1966 o Alt-Svc parameter changed from "v" to "quic"; format updated 1967 (#229) 1969 o Closing the connection control stream or any message control 1970 stream is a fatal error (#176) 1972 o HPACK Sequence counter can wrap (#173) 1974 o 0-RTT guidance added 1976 o Guide to differences from HTTP/2 and porting HTTP/2 extensions 1977 added (#127,#242) 1979 A.13. Since draft-ietf-quic-http-00 1981 o Changed "HTTP/2-over-QUIC" to "HTTP/QUIC" throughout (#11,#29) 1983 o Changed from using HTTP/2 framing within Stream 3 to new framing 1984 format and two-stream-per-request model (#71,#72,#73) 1986 o Adopted SETTINGS format from draft-bishop-httpbis-extended- 1987 settings-01 1989 o Reworked SETTINGS_ACK to account for indeterminate inter-stream 1990 order (#75) 1992 o Described CONNECT pseudo-method (#95) 1994 o Updated ALPN token and Alt-Svc guidance (#13,#87) 1996 o Application-layer-defined error codes (#19,#74) 1998 A.14. Since draft-shade-quic-http2-mapping-00 2000 o Adopted as base for draft-ietf-quic-http 2002 o Updated authors/editors list 2004 Acknowledgements 2006 The original authors of this specification were Robbie Shade and Mike 2007 Warres. 2009 A substantial portion of Mike's contribution was supported by 2010 Microsoft during his employment there. 2012 Author's Address 2014 Mike Bishop (editor) 2015 Akamai 2017 Email: mbishop@evequefou.be