idnits 2.17.1 draft-ietf-taps-arch-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 3 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (9 March 2020) is 1502 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-26) exists of draft-ietf-taps-interface-05 == Outdated reference: A later version (-18) exists of draft-ietf-taps-impl-05 == Outdated reference: A later version (-12) exists of draft-ietf-taps-transport-security-11 -- Obsolete informational reference (is this intentional?): RFC 793 (Obsoleted by RFC 9293) -- Obsolete informational reference (is this intentional?): RFC 7230 (Obsoleted by RFC 9110, RFC 9112) -- Obsolete informational reference (is this intentional?): RFC 7540 (Obsoleted by RFC 9113) Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TAPS Working Group T. Pauly, Ed. 3 Internet-Draft Apple Inc. 4 Intended status: Standards Track B. Trammell, Ed. 5 Expires: 10 September 2020 Google 6 A. Brunstrom 7 Karlstad University 8 G. Fairhurst 9 University of Aberdeen 10 C. Perkins 11 University of Glasgow 12 P. Tiesel 13 TU Berlin 14 C. Wood 15 Apple Inc. 16 9 March 2020 18 An Architecture for Transport Services 19 draft-ietf-taps-arch-07 21 Abstract 23 This document describes an architecture for exposing transport 24 protocol features to applications for network communication, the 25 Transport Services architecture. The Transport Services Application 26 Programming Interface (API) is based on an asynchronous, event-driven 27 interaction pattern. It uses messages for representing data transfer 28 to applications, and it assumes an implementation that can use 29 multiple IP addresses, multiple protocols, and multiple paths, and 30 provide multiple application streams. This document further defines 31 common terminology and concepts to be used in definitions of 32 Transport Services APIs and implementations. 34 Status of This Memo 36 This Internet-Draft is submitted in full conformance with the 37 provisions of BCP 78 and BCP 79. 39 Internet-Drafts are working documents of the Internet Engineering 40 Task Force (IETF). Note that other groups may also distribute 41 working documents as Internet-Drafts. The list of current Internet- 42 Drafts is at https://datatracker.ietf.org/drafts/current/. 44 Internet-Drafts are draft documents valid for a maximum of six months 45 and may be updated, replaced, or obsoleted by other documents at any 46 time. It is inappropriate to use Internet-Drafts as reference 47 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on 10 September 2020. 50 Copyright Notice 52 Copyright (c) 2020 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 57 license-info) in effect on the date of publication of this document. 58 Please review these documents carefully, as they describe your rights 59 and restrictions with respect to this document. Code Components 60 extracted from this document must include Simplified BSD License text 61 as described in Section 4.e of the Trust Legal Provisions and are 62 provided without warranty as described in the Simplified BSD License. 64 Table of Contents 66 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 67 1.1. Background . . . . . . . . . . . . . . . . . . . . . . . 4 68 1.2. Overview . . . . . . . . . . . . . . . . . . . . . . . . 4 69 1.3. Specification of Requirements . . . . . . . . . . . . . . 5 70 2. API Model . . . . . . . . . . . . . . . . . . . . . . . . . . 5 71 2.1. Event-Driven API . . . . . . . . . . . . . . . . . . . . 7 72 2.2. Data Transfer Using Messages . . . . . . . . . . . . . . 7 73 2.3. Flexibile Implementation . . . . . . . . . . . . . . . . 8 74 3. Design Principles . . . . . . . . . . . . . . . . . . . . . . 9 75 3.1. Common APIs for Common Features . . . . . . . . . . . . . 9 76 3.2. Access to Specialized Features . . . . . . . . . . . . . 9 77 3.3. Scope for API and Implementation Definitions . . . . . . 10 78 4. Transport Services Architecture and Concepts . . . . . . . . 11 79 4.1. Transport Services API Concepts . . . . . . . . . . . . . 12 80 4.1.1. Connections and Related Objects . . . . . . . . . . . 14 81 4.1.2. Pre-Establishment . . . . . . . . . . . . . . . . . . 15 82 4.1.3. Establishment Actions . . . . . . . . . . . . . . . . 16 83 4.1.4. Data Transfer Objects and Actions . . . . . . . . . . 17 84 4.1.5. Event Handling . . . . . . . . . . . . . . . . . . . 18 85 4.1.6. Termination Actions . . . . . . . . . . . . . . . . . 19 86 4.1.7. Connection Groups . . . . . . . . . . . . . . . . . . 19 87 4.2. Transport Services Implementation Concepts . . . . . . . 19 88 4.2.1. Candidate Gathering . . . . . . . . . . . . . . . . . 20 89 4.2.2. Candidate Racing . . . . . . . . . . . . . . . . . . 21 90 4.2.3. Protocol Stack Equivalence . . . . . . . . . . . . . 21 91 4.2.4. Separating Connection Groups . . . . . . . . . . . . 23 92 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 93 6. Security Considerations . . . . . . . . . . . . . . . . . . . 24 94 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 24 95 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 96 8.1. Normative References . . . . . . . . . . . . . . . . . . 25 97 8.2. Informative References . . . . . . . . . . . . . . . . . 25 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 100 1. Introduction 102 Many application programming interfaces (APIs) to perform transport 103 networking have been deployed, perhaps the most widely known and 104 imitated being the BSD Socket [POSIX] interface (Socket API). The 105 naming of objects and functions across these APIs is not consistent, 106 and varies depending on the protocol being used. For example, 107 sending and receiving streams of data is conceptually the same for 108 both an unencrypted Transmission Control Protocol (TCP) stream and 109 operating on an encrypted Transport Layer Security (TLS) [RFC8446] 110 stream over TCP, but applications cannot use the same socket "send()" 111 and "recv()" calls on top of both kinds of connections. Similarly, 112 terminology for the implementation of transport protocols varies 113 based on the context of the protocols themselves: terms such as 114 "flow", "stream", "message", and "connection" can take on many 115 different meanings. This variety can lead to confusion when trying 116 to understand the similarities and differences between protocols, and 117 how applications can use them effectively. 119 The goal of the Transport Services architecture is to provide a 120 common, flexible, and reusable interface for transport protocols. As 121 applications adopt this interface, they will benefit from a wide set 122 of transport features that can evolve over time, and ensure that the 123 system providing the interface can optimize its behavior based on the 124 application requirements and network conditions, without requiring 125 changes to the applications. This flexibility enables faster 126 deployment of new features and protocols. It can also support 127 applications by offering racing and fallback mechanisms, which 128 otherwise need to be implemented in each application separately. 130 This document was developed in parallel with the specification of the 131 Transport Services API [I-D.ietf-taps-interface] and Implementation 132 Guidelines [I-D.ietf-taps-impl]. Although following the Transport 133 Services Architecture does not require that all APIs and 134 implementations are identical, a common minimal set of features 135 represented in a consistent fashion will enable applications to be 136 easily ported from one system to another. 138 1.1. Background 140 The Transport Services architecture is based on the survey of 141 services provided by IETF transport protocols and congestion control 142 mechanisms [RFC8095], and the distilled minimal set of the features 143 offered by transport protocols [I-D.ietf-taps-minset]. These 144 documents identified common features and patterns across all 145 transport protocols developed thus far in the IETF. 147 Since transport security is an increasingly relevant aspect of using 148 transport protocols on the Internet, this architecture also considers 149 the impact of transport security protocols on the feature-set exposed 150 by Transport Services [I-D.ietf-taps-transport-security]. 152 One of the key insights to come from identifying the minimal set of 153 features provided by transport protocols [I-D.ietf-taps-minset] was 154 that features either require application interaction and guidance 155 (referred to in that document as Functional or Optimizing Features), 156 or else can be handled automatically by a system implementing 157 Transport Services (referred to as Automatable Features). Among the 158 Functional and Optimizing Features, some were common across all or 159 nearly all transport protocols, while others could be seen as 160 features that, if specified, would only be useful with a subset of 161 protocols, but would not harm the functionality of other protocols. 162 For example, some protocols can deliver messages faster for 163 applications that do not require messages to arrive in the order in 164 which they were sent. However, this functionality needs to be 165 explicitly allowed by the application, since reordering messages 166 would be undesirable in many cases. 168 1.2. Overview 170 This document describes the Transport Services architecture in three 171 sections: 173 * Section 2 describes how the API model of Transport Services 174 differs from traditional socket-based APIs. Specifically, it 175 offers asynchronous event-driven interaction, the use of messages 176 for data transfer, and the flexibility to use different transport 177 protocols and paths without requiring major changes to the 178 application. 180 * Section 3 explains the design principles behind the Transport 181 Services API. These principles are intended to make sure that 182 transport protocols can continue to be enhanced and evolve without 183 requiring too many changes by application developers. 185 * Section 4 presents the Transport Services architecture diagram and 186 defines the concepts that are used by both the API and 187 implementation documents. The Preconnection allows applications 188 to configure Connection Properties, and the Connection represents 189 an object that can be used to send and receive Messages. 191 1.3. Specification of Requirements 193 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 194 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 195 "OPTIONAL" in this document are to be interpreted as described in BCP 196 14 [RFC2119] [RFC8174] when, and only when, they appear in all 197 capitals, as shown here. 199 2. API Model 201 The traditional model of using sockets for networking can be 202 represented as follows: 204 * Applications create connections and transfer data using the Socket 205 API. 207 * The Socket API provides the interface to the implementations of 208 TCP and UDP (typically implemented in the system's kernel). 210 * TCP and UDP in the kernel send and receive data over the available 211 network-layer interfaces. 213 * Sockets are bound directly to transport-layer and network-layer 214 addresses, obtained via a separate resolution step, usually 215 performed by a system-provided stub resolver. 217 +-----------------------------------------------------+ 218 | Application | 219 +-----------------------------------------------------+ 220 | | | 221 +------------+ +------------+ +--------------+ 222 | stub | | Stream API | | Datagram API | 223 | resolver | +------------+ +--------------+ 224 +------------+ | | 225 +---------------------------------+ 226 | TCP UDP | 227 | Kernel Networking Stack | 228 +---------------------------------+ 229 | 230 +-----------------------------------------------------+ 231 | Network Layer Interface | 232 +-----------------------------------------------------+ 233 Figure 1: Socket API Model 235 The Transport Services architecture evolves this general model of 236 interaction, aiming to both modernize the API surface presented to 237 applications by the transport layer and enrich the capabilities of 238 the Transport Services implementation. It combines interfaces for 239 multiple interaction patterns into a unified whole. By combining 240 name resolution with connection establishment and data transfer in a 241 single API, it allows for more flexible implementations to provide 242 path and transport protocol agility on the application's behalf. 244 +-----------------------------------------------------+ 245 | Application | 246 +-----------------------------------------------------+ 247 | 248 +-----------------------------------------------------+ 249 | Transport Services API | 250 +-----------------------------------------------------+ 251 | 252 +-----------------------------------------------------+ 253 | Transport Services Implementation | 254 | (Using: DNS, UDP, TCP, SCTP, DCCP, TLS, QUIC, etc) | 255 +-----------------------------------------------------+ 256 | 257 +-----------------------------------------------------+ 258 | Network Layer Interface | 259 +-----------------------------------------------------+ 261 Figure 2: Transport Services API Model 263 The Transport Services API [I-D.ietf-taps-interface] defines the 264 mechanism for an application to create network connections and 265 transfer data. The implementation [I-D.ietf-taps-impl] is 266 responsible for mapping the API to the various available transport 267 protocols and managing the available network interfaces and paths. 269 There are key differences between the architecture of the Transport 270 Services system and the architecture of the Socket API: the Transport 271 Services API is asynchronous and event-driven; it uses messages for 272 representing data transfer to applications; and it assumes an 273 implementation that can use multiple IP addresses, multiple 274 protocols, multiple paths, and provide multiple application streams. 276 2.1. Event-Driven API 278 Originally, sockets presented a blocking interface for establishing 279 connections and transferring data. However, most modern applications 280 interact with the network asynchronously. Emulation of an 281 asynchronous interface using sockets generally uses a try-and-fail 282 model. If the application wants to read, but data has not yet been 283 received from the peer, the call to read will fail. The application 284 then waits and can try again later. 286 In contrast to sockets, all interaction with a Transport Services 287 system is expected to be asynchronous, and use an event-driven model 288 (see Section 4.1.5). For example, if the application wants to read, 289 its call to read will not complete immediately, but will deliver an 290 event containing the received data once it is available. Error 291 handling is also asynchronous; a failure to send results in an 292 asynchronous send error as an event. 294 The Transport Services API also delivers events regarding the 295 lifetime of a connection and changes in the available network links, 296 which were not previously made explicit in sockets. 298 Using asynchronous events allows for a more natural interaction model 299 when establishing connections and transferring data. Events in time 300 more closely reflect the nature of interactions over networks, as 301 opposed to how sockets represent network resources as file system 302 objects that may be temporarily unavailable. 304 Separate from events, callbacks are also provided for asynchronous 305 interactions with the API not directly related to events on the 306 network or network interfaces. 308 2.2. Data Transfer Using Messages 310 Sockets provide a message interface for datagram protocols like UDP, 311 but provide an unstructured stream abstraction for TCP. While TCP 312 does indeed provide the ability to send and receive data as streams, 313 most applications need to interpret structure within these streams. 314 For example, HTTP/1.1 uses character delimiters to segment messages 315 over a stream [RFC7230]; TLS record headers carry a version, content 316 type, and length [RFC8446]; and HTTP/2 uses frames to segment its 317 headers and bodies [RFC7540]. 319 The Transport Services API represents data as messages, so that it 320 more closely matches the way applications use the network. Providing 321 a message-based abstraction provides many benefits, such as: 323 * the ability to associate deadlines with messages, for applications 324 that care about timing; 326 * the ability to provide control of reliability, choosing which 327 messages to retransmit when there is packet loss, and how best to 328 make use of the data that arrived; 330 * the ability to manage dependencies between messages, when the 331 Transport Services system could decide to not deliver a message, 332 either following packet loss or because it has missed a deadline. 333 In particular, this can avoid (re-)sending data that relies on a 334 previous transmission that was never received. 336 * the ability to automatically assign messages and connections to 337 underlying transport connections to utilize multi-streaming and 338 pooled connections. 340 Allowing applications to interact with messages is backwards- 341 compatible with existings protocols and APIs, as it does not change 342 the wire format of any protocol. Instead, it gives the protocol 343 stack additional information to allow it to make better use of modern 344 transport services, while simplifying the application's role in 345 parsing data. For protocols which natively use a streaming 346 abstraction, framers (Section 4.1.4) bridge the gap between the two 347 abstractions. 349 2.3. Flexibile Implementation 351 Sockets, for protocols like TCP, are generally limited to connecting 352 to a single address over a single interface. They also present a 353 single stream to the application. Software layers built upon sockets 354 often propagate this limitation of a single-address single-stream 355 model. The Transport Services architecture is designed to handle 356 multiple candidate endpoints, protocols, and paths; and support 357 multipath and multistreaming protocols. 359 Transport Services implementations are meant to be flexible at 360 connection establishment time, considering many different options and 361 trying to select the most optimal combinations (Section 4.2.1 and 362 Section 4.2.2). This requires applications to provide higher-level 363 endpoints than IP addresses, such as hostnames and URLs, which are 364 used by a Transport Services implementation for resolution, path 365 selection, and racing. Transport services implementations can 366 further implement fallback mechanisms if connection establishment of 367 one protocol fails or performance is detected to be unsatisfactory. 369 Flexibility after connection establishment is also important. 370 Transport protocols that can migrate between multiple network-layer 371 interfaces need to be able to process and react to interface changes. 372 Protocols that support multiple application-layer streams need to 373 support initiating and receiving new streams using existing 374 connections. 376 3. Design Principles 378 The goal of the Transport Services architecture is to redefine the 379 interface between applications and transports in a way that allows 380 the transport layer to evolve and improve without fundamentally 381 changing the contract with the application. This requires a careful 382 consideration of how to expose the capabilities of protocols. 384 There are several degrees in which a Transport Services system is 385 intended to offer flexibility to an application: it can provide 386 access to multiple sets of protocols and protocol features; it can 387 use these protocols across multiple paths that could have different 388 performance and functional characteristics; and it can communicate 389 with different remote systems to optimize performance, robustness to 390 failure, or some other metric. Beyond these, if the API for the 391 system remains the same over time, new protocols and features could 392 be added to the system's implementation without requiring changes in 393 applications for adoption. 395 3.1. Common APIs for Common Features 397 Functionality that is common across multiple transport protocols 398 ought to be accessible through a unified set of API calls. An 399 application using a Transport Services API can implement logic for 400 its basic use of transport networking (establishing the transport, 401 and sending and receiving data) once, and expect that implementation 402 to continue to function as the transports change. 404 As a baseline, any Transport Services API needs to allow access to 405 the distilled minimal set of features offered by transport protocols 406 [I-D.ietf-taps-minset]. 408 3.2. Access to Specialized Features 410 There are applications that will need to control fine-grained details 411 of transport protocols to optimize their behavior and ensure 412 compatibility with remote systems. A Transport Services system 413 therefore ought to also permit more specialized protocol features to 414 be used. The interface for these specialized options ought to be 415 exposed differently from the common options to ensure flexibility. 417 A specialized feature could be required by an application only when 418 using a specific protocol, and not when using others. For example, 419 if an application is using TCP, it could require control over the 420 User Timeout Option for TCP; these options would not take effect for 421 other transport protocols. In such cases, the API ought to expose 422 the features in such a way that they take effect when a particular 423 protocol is selected, but do not imply that only that protocol could 424 be used. For example, if the API allows an application to specify a 425 preference to use the User Timeout Option, communication would not 426 fail when a protocol such as QUIC is selected. 428 Other specialized features, however, could be strictly required by an 429 application and thus constrain the set of protocols that can be used. 430 For example, if an application requires support for automatic 431 handover or failover for a connection, only protocol stacks that 432 provide this feature are eligible to be used, e.g., protocol stacks 433 that include a multipath protocol or a protocol that supports 434 connection migration. A Transport Services API needs to allow 435 applications to define such requirements and constrain the system's 436 options. Since such options are not part of the core/common 437 features, it will generally be simple for an application to modify 438 its set of constraints and change the set of allowable protocol 439 features without changing the core implementation. 441 3.3. Scope for API and Implementation Definitions 443 The Transport Services API is envisioned as the abstract model for a 444 family of APIs that share a common way to expose transport features 445 and encourage flexibility. The abstract API definition 446 [I-D.ietf-taps-interface] describes this interface and how it can be 447 exposed to application developers. 449 Implementations that provide the Transport Services API 450 [I-D.ietf-taps-impl] will vary due to system-specific support and the 451 needs of the deployment scenario. It is expected that all 452 implementations of Transport Services will offer the entire mandatory 453 API. All implementations are expected to offer an API that is 454 sufficient to use the distilled minimal set of features offered by 455 transport protocols [I-D.ietf-taps-minset], including API support for 456 TCP and UDP transport. However, some features provided by this API 457 will not be functional in certain implementations. For example, it 458 is possible that some very constrained devices might not have a full 459 TCP implementation beneath the API. 461 To preserve flexibility and compatibility with future protocols, top- 462 level features in the Transport Services API ought to avoid 463 referencing particular transport protocols. The mappings of these 464 API features to specific implementations of each feature is explained 465 in the [I-D.ietf-taps-impl] along with the implications of the 466 feature on existing protocols. It is expected that 468 [I-D.ietf-taps-interface] will be updated and supplemented as new 469 protocols and protocol features are developed. 471 It is important to note that neither the Transport Services API 472 [I-D.ietf-taps-interface] nor the Implementation document 473 [I-D.ietf-taps-impl] define new protocols or protocol capabilities 474 that affect what is communicated across the network. Use of a 475 Transport Services system does not require that a peer on the other 476 side of a connection uses the same API or implementation. A 477 Transport Services system acting as a connection initiator can 478 communicate with any existing system that implements the transport 479 protocol(s) selected by the Transport Services system. Similarly, a 480 Transport Services system acting as a listener can receive 481 connections for any protocol that is supported by the system from 482 existing initiators that implement the protocol, independent of 483 whether the initiator uses Transport Services as well or not. 485 4. Transport Services Architecture and Concepts 487 The concepts defined in this document are intended primarily for use 488 in the documents and specifications that describe the Transport 489 Services architecture and API. While the specific terminology can be 490 used in some implementations, it is expected that there will remain a 491 variety of terms used by running code. 493 The architecture divides the concepts for Transport Services into two 494 categories: 496 1. API concepts, which are intended to be exposed to applications; 497 and 499 2. System-implementation concepts, which are intended to be 500 internally used when building systems that implement Transport 501 Services. 503 The following diagram summarizes the top-level concepts in the 504 architecture and how they relate to one another. 506 +-----------------------------------------------------+ 507 | Application | 508 +-+----------------+------^-------+--------^----------+ 509 | | | | | 510 pre- | data | events 511 establishment | transfer | | 512 | establishment | termination | 513 | | | | | 514 | +--v------v-------v+ | 515 +-v-------------+ Connection(s) +-------+----------+ 516 | Transport +--------+---------+ | 517 | Services | | 518 | API | +-------------+ | 519 +------------------------+--+ Framer(s) |-----------+ 520 | +-------------+ 521 +------------------------|----------------------------+ 522 | Transport | | 523 | System | +-----------------+ | 524 | Implementation | | Cached | | 525 | | | State | | 526 | (Candidate Gathering) | +-----------------+ | 527 | | | 528 | (Candidate Racing) | +-----------------+ | 529 | | | System | | 530 | | | Policy | | 531 | +----------v-----+ +-----------------+ | 532 | | Protocol | | 533 +-------------+ Stack(s) +----------------------+ 534 +-------+--------+ 535 V 536 Network Layer Interface 538 Figure 3: Concepts and Relationships in the Transport Services 539 Architecture 541 4.1. Transport Services API Concepts 543 Fundamentally, a Transport Services API needs to provide connection 544 objects (Section 4.1.1) that allow applications to establish 545 communication, and then send and receive data. These could be 546 exposed as handles or referenced objects, depending on the language. 548 Beyond the connection objects, there are several high-level groups of 549 actions that any Transport Services API needs to provide: 551 * Pre-Establishment (Section 4.1.2) encompasses the properties that 552 an application can pass to describe its intent, requirements, 553 prohibitions, and preferences for its networking operations. 555 These properties apply to multiple transport protocols, unless 556 otherwise specified. Properties specified during Pre- 557 Establishment can have a large impact on the rest of the 558 interface: they modify how establishment occurs, they influence 559 the expectations around data transfer, and they determine the set 560 of events that will be supported. 562 * Establishment (Section 4.1.3) focuses on the actions that an 563 application takes on the connection objects to prepare for data 564 transfer. 566 * Data Transfer (Section 4.1.4) consists of how an application 567 represents the data to be sent and received, the functions 568 required to send and receive that data, and how the application is 569 notified of the status of its data transfer. 571 * Event Handling (Section 4.1.5) defines categories of notifications 572 which an application can receive during the lifetime of transport 573 objects. Events also provide opportunities for the application to 574 interact with the underlying transport by querying state or 575 updating maintenance options. 577 * Termination (Section 4.1.6) focuses on the methods by which data 578 transmission is stopped, and state is torn down in the transport. 580 The diagram below provides a high-level view of the actions and 581 events during the lifetime of a Connection object. Note that some 582 actions are alternatives (e.g., whether to initiate a connection or 583 to listen for incoming connections), while others are optional (e.g., 584 setting Connection and Message Properties in Pre-Establishment) or 585 have been omitted for brevity and simplicity. 587 Pre-Establishment : Established : Termination 588 ----------------- : ----------- : ----------- 589 : : 590 +-- Local Endpoint : Message : 591 +-- Remote Endpoint : Receive() | : 592 +-- Transport Properties : Send() | : 593 +-- Security Parameters : | : 594 | : | : 595 | InitiateWithSend() | Close() : 596 | +---------------+ Initiate() +-----+------+ Abort() : 597 +---+ Preconnection |------------->| Connection |-----------> Closed 598 +---------------+ Rendezvous() +------------+ : 599 Listen() | : | | : 600 | : | v : 601 v : | Connection : 602 +----------+ : | Ready : 603 | Listener |----------------------+ : 604 +----------+ Connection Received : 605 : : 607 Figure 4: The lifetime of a Connection object 609 4.1.1. Connections and Related Objects 611 * Preconnection: A Preconnection object is a representation of a 612 potential Connection. It has state that describes parameters of a 613 Connection that might exist in the future: the Local Endpoint from 614 which that Connection will be established, the Remote Endpoint 615 (Section 4.1.2) to which it will connect, and Transport Properties 616 that influence the paths and protocols a Connection will use. A 617 Preconnection can be fully specified such that it represents a 618 single possible Connection, or it can be partially specified such 619 that it represents a family of possible Connections. The Local 620 Endpoint (Section 4.1.2) is required if the Preconnection is used 621 to Listen for incoming Connections. The Local Endpoint is 622 optional if it is used to Initiate Connections. The Remote 623 Endpoint is required in the Preconnection that is used to Initiate 624 Connections. The Remote Endpoint is optional if it is used to 625 Listen for incoming Connections. The Local Endpoint and the 626 Remote Endpoint are both required if a peer-to-peer Rendezvous is 627 to occur based on the Preconnection. 629 * Transport Properties: Transport Properties allow the application 630 to express their requirements, prohibitions, and preferences and 631 configure the Transport Services system. There are three kinds of 632 Transport Properties: 634 - Selection Properties (Section 4.1.2) that can only be specified 635 on a Preconnection. 637 - Connection Properties (Section 4.1.2) that can be specified on 638 a Preconnection and changed on the Connection. 640 - Message Properties (Section 4.1.4) that can be specified as 641 defaults on a Preconnection or a Connection, and can also be 642 specified during data transfer to affect specific Messages. 644 * Connection: A Connection object represents one or more active 645 transport protocol instances that can send and/or receive Messages 646 between local and remote systems. It holds state pertaining to 647 the underlying transport protocol instances and any ongoing data 648 transfers. This represents, for example, an active Connection in 649 a connection-oriented protocol such as TCP, or a fully-specified 650 5-tuple for a connectionless protocol such as UDP. It can also 651 represent a pool of transport protocol instances, e.g., a set of 652 TCP and QUIC connections to equivalent endpoints, or a stream of a 653 multi-streaming transport protocol instance. Connections can be 654 created from a Preconnection or by a Listener. 656 * Listener: A Listener object accepts incoming transport protocol 657 connections from remote systems and generates corresponding 658 Connection objects. It is created from a Preconnection object 659 that specifies the type of incoming Connections it will accept. 661 4.1.2. Pre-Establishment 663 * Endpoint: An Endpoint represents an identifier for one side of a 664 transport connection. Endpoints can be Local Endpoints or Remote 665 Endpoints, and respectively represent an identity that the 666 application uses for the source or destination of a connection. 667 An Endpoint can be specified at various levels of abstraction, and 668 an Endpoint at a higher level of abstraction (such as a hostname) 669 can be resolved to more concrete identities (such as IP 670 addresses). 672 * Remote Endpoint: The Remote Endpoint represents the application's 673 identifier for a peer that can participate in a transport 674 connection; for example, the combination of a DNS name for the 675 peer and a service name/port. 677 * Local Endpoint: The Local Endpoint represents the application's 678 identifier for itself that it uses for transport connections; for 679 example, a local IP address and port. 681 * Selection Properties: The Selection Properties consist of the 682 options that an application can set to influence the selection of 683 paths between the local and remote systems, to influence the 684 selection of transport protocols, or to configure the behavior of 685 generic transport protocol features. These options can take the 686 form of requirements, prohibitions, or preferences. Examples of 687 options that influence path selection include the interface type 688 (such as a Wi-Fi connection, or a Cellular LTE connection), 689 requirements around the largest Message that can be sent, or 690 preferences for throughput and latency properties. Examples of 691 options that influence protocol selection and configuration of 692 transport protocol features include reliability, multipath 693 support, and fast open support. 695 * Connection Properties: The Connection Properties are used to 696 configure protocol-specific options and control per-connection 697 behavior of the Transport Services system; for example, a 698 protocol-specific Connection Property can express that if TCP is 699 used, the implementation ought to use the User Timeout Option. 700 Note that the presence of such a property does not require that a 701 specific protocol will be used. In general, these properties do 702 not explicitly determine the selection of paths or protocols, but 703 can be used in this way by an implementation during connection 704 establishment. Connection Properties are specified on a 705 Preconnection prior to Connection establishment, and can be 706 modified on the Connection later. Changes made to Connection 707 Properties after Connection establishment take effect on a best- 708 effort basis. 710 * Security Parameters: Security Parameters define an application's 711 requirements for authentication and encryption on a Connection. 712 They are used by Transport Security protocols (such as those 713 described in [I-D.ietf-taps-transport-security]) to establish 714 secure Connections. Examples of parameters that can be set 715 include local identities, private keys, supported cryptographic 716 algorithms, and requirements for validating trust of remote 717 identities. Security Parameters are primarily associated with a 718 Preconnection object, but properties related to identities can be 719 associated directly with Endpoints. 721 4.1.3. Establishment Actions 723 * Initiate: The primary action that an application can take to 724 create a Connection to a Remote Endpoint, and prepare any required 725 local or remote state to enable the transmission of Messages. For 726 some protocols, this will initiate a client-to-server style 727 handshake; for other protocols, this will just establish local 728 state (e.g., with connectionless protocols such as UDP). The 729 process of identifying options for connecting, such as resolution 730 of the Remote Endpoint, occurs in response to the Initiate call. 732 * Listen: Enables a listener to accept incoming Connections. The 733 Listener will then create Connection objects as incoming 734 connections are accepted (Section 4.1.5). Listeners by default 735 register with multiple paths, protocols, and local endpoints, 736 unless constrained by Selection Properties and/or the specified 737 Local Endpoint(s). Connections can be accepted on any of the 738 available paths or endpoints. 740 * Rendezvous: The action of establishing a peer-to-peer connection 741 with a Remote Endpoint. It simultaneously attempts to initiate a 742 connection to a Remote Endpoint while listening for an incoming 743 connection from that endpoint. The process of identifying options 744 for the connection, such as resolution of the Remote Endpoint, 745 occurs in response to the Rendezvous call. As with Listeners, the 746 set of local paths and endpoints is constrained by Selection 747 Properties. If successful, the Rendezvous call returns a 748 Connection object to represent the established peer-to-peer 749 connection. The processes by which connections are initiated 750 during a Rendezvous action will depend on the set of Local and 751 Remote Endpoints configured on the Preconnection. For example, if 752 the Local and Remote Endpoints are TCP host candidates, then a TCP 753 simultaneous open [RFC0793] will be performed. However, if the 754 set of Local Endpoints includes server reflexive candidates, such 755 as those provided by STUN, a Rendezvous action will race 756 candidates in the style of the ICE algorithm [RFC8445] to perform 757 NAT binding discovery and initiate a peer-to-peer connection. 759 4.1.4. Data Transfer Objects and Actions 761 * Message: A Message object is a unit of data that can be 762 represented as bytes that can be transferred between two systems 763 over a transport connection. The bytes within a Message are 764 assumed to be ordered. If an application does not care about the 765 order in which a peer receives two distinct spans of bytes, those 766 spans of bytes are considered independent Messages. 768 * Message Properties: Message Properties are used to specify details 769 about Message transmission. They can be specified directly on 770 individual Messages, or can be set on a Preconnection or 771 Connection as defaults. These properties might only apply to how 772 a Message is sent (such as how the transport will treat 773 prioritization and reliability), but can also include properties 774 that specific protocols encode and communicate to the Remote 775 Endpoint. When receiving Messages, Message Properties can contain 776 information about the received Message, such as metadata generated 777 at the receiver and information signalled by the remote endpoint. 778 For example, a Message can be marked with a Message Property 779 indicating that it is the final message on a connection if the 780 peer sent a TCP FIN. 782 * Send: The action to transmit a Message over a Connection to the 783 remote system. The interface to Send can accept Message 784 Properties specific to how the Message content is to be sent. The 785 status of the Send operation is delivered back to the sending 786 application in an event (Section 4.1.5). 788 * Receive: An action that indicates that the application is ready to 789 asynchronously accept a Message over a Connection from a remote 790 system, while the Message content itself will be delivered in an 791 event (Section 4.1.5). The interface to Receive can include 792 Message Properties specific to the Message that is to be delivered 793 to the application. 795 * Framer: A Framer is a data translation layer that can be added to 796 a Connection to define how application-layer Messages are 797 transmitted over a transport protocol. This is particularly 798 relevant for protocols that otherwise present unstructured 799 streams, such as TCP. 801 4.1.5. Event Handling 803 The following categories of events can be delivered to an 804 application: 806 * Connection Ready: Signals to an application that a given 807 Connection is ready to send and/or receive Messages. If the 808 Connection relies on handshakes to establish state between peers, 809 then it is assumed that these steps have been taken. 811 * Connection Closed: Signals to an application that a given 812 Connection is no longer usable for sending or receiving Messages. 813 The event delivers a reason or error to the application that 814 describes the nature of the termination. 816 * Connection Received: Signals to an application that a given 817 Listener has received a Connection. 819 * Message Received: Delivers received Message content to the 820 application, based on a Receive action. This can include an error 821 if the Receive action cannot be satisfied due to the Connection 822 being closed. 824 * Message Sent: Notifies the application of the status of its Send 825 action. This might indicate a failure if the Message cannot be 826 sent, or an indication that the Message has been processed by the 827 protocol stack. 829 * Path Properties Changed: Notifies the application that some 830 property of the Connection has changed that might influence how 831 and where data is sent and/or received. 833 4.1.6. Termination Actions 835 * Close: The action an application takes on a Connection to indicate 836 that it no longer intends to send data, is no longer willing to 837 receive data, and that the protocol should signal this state to 838 the remote system if the transport protocol allows this. (Note 839 that this is distinct from the concept of "half-closing" a 840 bidirectional connection, such as when a FIN is sent in one 841 direction of a TCP connection. Indicating the end of a stream in 842 the Transport Services architecture is possible using Message 843 Properties when sending.) 845 * Abort: The action the application takes on a Connection to 846 indicate a Close and also indicate that the Transport Services 847 system should not attempt to deliver any outstanding data. This 848 is intended for immediate termination of a connection, without 849 cleaning up state. 851 4.1.7. Connection Groups 853 A Connection Group is a set of Connections that share properties and 854 caches. For multiplexing transport protocols, only Connections 855 within the same Connection Group are allowed to be multiplexed 856 together. An application can explicitly define Connection Groups to 857 control caching boundaries, as discussed in Section 4.2.4. 859 4.2. Transport Services Implementation Concepts 861 This section defines the set of objects used internally to a system 862 or library to implement the functionality needed to provide a 863 transport service across a network, as required by the abstract 864 interface. 866 * Path: Represents an available set of properties that a local 867 system can use to communicate with a remote system, such as 868 routes, addresses, and physical and virtual network interfaces. 870 * Protocol Instance: A single instance of one protocol, including 871 any state necessary to establish connectivity or send and receive 872 Messages. 874 * Protocol Stack: A set of Protocol Instances (including relevant 875 application, security, transport, or Internet protocols) that are 876 used together to establish connectivity or send and receive 877 Messages. A single stack can be simple (a single transport 878 protocol instance over IP), or it can be complex (multiple 879 application protocol streams going through a single security and 880 transport protocol, over IP; or, a multi-path transport protocol 881 over multiple transport sub-flows). 883 * Candidate Path: One path that is available to an application and 884 conforms to the Selection Properties and System Policy, of which 885 there can be several. Candidate Paths are identified during the 886 gathering phase (Section 4.2.1) and can be used during the racing 887 phase (Section 4.2.2). 889 * Candidate Protocol Stack: One Protocol Stack that can be used by 890 an application for a connection, of which there can be several. 891 Candidate Protocol Stacks are identified during the gathering 892 phase (Section 4.2.1) and are started during the racing phase 893 (Section 4.2.2). 895 * System Policy: Represents the input from an operating system or 896 other global preferences that can constrain or influence how an 897 implementation will gather candidate paths and Protocol Stacks 898 (Section 4.2.1) and race the candidates during establishment 899 (Section 4.2.2). Specific aspects of the System Policy either 900 apply to all Connections or only certain ones, depending on the 901 runtime context and properties of the Connection. 903 * Cached State: The state and history that the implementation keeps 904 for each set of associated Endpoints that have been used 905 previously. This can include DNS results, TLS session state, 906 previous success and quality of transport protocols over certain 907 paths, as well as other information. 909 4.2.1. Candidate Gathering 911 * Candidate Path Selection: Candidate Path Selection represents the 912 act of choosing one or more paths that are available to use based 913 on the Selection Properties and any available Local and Remote 914 Endpoints provided by the application, as well as the policies and 915 heuristics of a Transport Services system. 917 * Candidate Protocol Selection: Candidate Protocol Selection 918 represents the act of choosing one or more sets of Protocol Stacks 919 that are available to use based on the Transport Properties 920 provided by the application, and the heuristics or policies within 921 the Transport Services system. 923 4.2.2. Candidate Racing 925 Connection establishment attempts for a set of candidates may be 926 performed simultaneously, synchronously, serially, or some 927 combination of all of these. We refer to this process as racing, 928 borrowing terminology from Happy Eyeballs [RFC8305]. 930 * Protocol Option Racing: Protocol Option Racing is the act of 931 attempting to establish, or scheduling attempts to establish, 932 multiple Protocol Stacks that differ based on the composition of 933 protocols or the options used for protocols. 935 * Path Racing: Path Racing is the act of attempting to establish, or 936 scheduling attempts to establish, multiple Protocol Stacks that 937 differ based on a selection from the available Paths. Since 938 different Paths will have distinct configurations for local 939 addresses and DNS servers, attempts across different Paths will 940 perform separate DNS resolution steps, which can lead to further 941 racing of the resolved Remote Endpoints. 943 * Remote Endpoint Racing: Remote Endpoint Racing is the act of 944 attempting to establish, or scheduling attempts to establish, 945 multiple Protocol Stacks that differ based on the specific 946 representation of the Remote Endpoint, such as a particular IP 947 address that was resolved from a DNS hostname. 949 4.2.3. Protocol Stack Equivalence 951 The Transport Services architecture defines a mechanism that allows 952 applications to easily make use of various network paths and Protocol 953 Stacks without requiring major changes in application logic. In some 954 cases, changing which Protocol Stacks or network paths are used will 955 require updating the preferences expressed by the application that 956 uses the Transport Services system. For example, an application can 957 enable the use of a multipath or multistreaming transport protocol by 958 modifying the properties in its Pre-Connection configuration. In 959 some cases, however, the Transport Services system will be able to 960 automatically change Protocol Stacks without an update to the 961 application, either by selecting a new stack entirely, or by racing 962 multiple candidate Protocol Stacks during connection establishment. 963 This functionality in the API can be a powerful driver of new 964 protocol adoption, but needs to be constrained carefully to avoid 965 unexpected behavior that can lead to functional or security problems. 967 If two different Protocol Stacks can be safely swapped, or raced in 968 parallel (see Section 4.2.2), then they are considered to be 969 "equivalent". Equivalent Protocol Stacks need to meet the following 970 criteria: 972 1. Both stacks MUST offer the interface requested by the application 973 for connection establishment and data transmission. For example, 974 if an application requires preservation of message boundaries, a 975 Protocol Stack that runs UDP as the top-level interface to the 976 application is not equivalent to a Protocol Stack that runs TCP 977 as the top-level interface. A UDP stack would allow an 978 application to read out message boundaries based on datagrams 979 sent from the remote system, whereas TCP does not preserve 980 message boundaries on its own, but needs a framing protocol on 981 top to determine message boundaries. 983 2. Both stacks MUST offer the transport services that are requested 984 by the application. For example, if an application specifies 985 that it requires reliable transmission of data, then a Protocol 986 Stack using UDP without any reliability layer on top would not be 987 allowed to replace a Protocol Stack using TCP. However, if the 988 application does not require reliability, then a Protocol Stack 989 that adds reliability could be regarded as an equivalent Protocol 990 Stack as long as providing this would not conflict with any other 991 application-requested properties. 993 3. Both stacks MUST offer security protocols and parameters as 994 requested by the application [I-D.ietf-taps-transport-security]. 995 Security features and properties, such as cryptographic 996 algorithms, peer authentication, and identity privacy vary across 997 security protocols, and across versions of security protocols. 998 Protocol equivalence ought not to be assumed for different 999 protocols or protocol versions, even if they offer similar 1000 application configuration options. To ensure that security 1001 protocols are not incorrectly swapped, Transport Services systems 1002 SHOULD only automatically generate equivalent Protocol Stacks 1003 when the transport security protocols within the stacks are 1004 identical. Specifically, a Transport Services system would 1005 consider protocols identical only if they are of the same type 1006 and version. For example, the same version of TLS running over 1007 two different transport Protocol Stacks are considered 1008 equivalent, whereas TLS 1.2 and TLS 1.3 [RFC8446] are not 1009 considered equivalent. However, Transport Services systems MAY 1010 allow applications to indicate that they consider two different 1011 transport protocols equivalent, e.g., to allow fallback to TLS 1012 1.2 if TLS 1.3 is not available. 1014 4.2.4. Separating Connection Groups 1016 By default, stored properties of the implementation, such as cached 1017 protocol state, cached path state, and heuristics, may be shared 1018 (e.g. across multiple connections in an application). This provides 1019 efficiency and convenience for the application, since the Transport 1020 Services implementation can automatically optimize behavior. 1022 There are several reasons, however, that an application might want to 1023 explicitly isolate some Connections. These reasons include: 1025 * Privacy concerns about re-using cached protocol state that can 1026 lead to linkability. Sensitive state may include TLS session 1027 state [RFC8446] and HTTP cookies [RFC6265]. 1029 * Privacy concerns about allowing Connections to multiplex together, 1030 which can tell a Remote Endpoint that all of the Connections are 1031 coming from the same application (for example, when Connections 1032 are multiplexed HTTP/2 or QUIC streams). 1034 * Performance concerns about Connections introducing head-of-line 1035 blocking due to multiplexing or needing to share state on a single 1036 thread. 1038 The Transport Services API can allow applications to explicitly 1039 define Connection Groups that force separation of Cached State and 1040 Protocol Stacks. For example, a web browser application might use 1041 Connection Groups with separate caches for different tabs in the 1042 browser to decrease linkability. 1044 The interface to specify a Connection Group can expose fine-grained 1045 tuning for which properties and cached state is allowed to be shared 1046 with other Connections. For example, an application might want to 1047 allow sharing TCP Fast Open cookies across groups, but not TLS 1048 session state. 1050 5. IANA Considerations 1052 RFC-EDITOR: Please remove this section before publication. 1054 This document has no actions for IANA. 1056 6. Security Considerations 1058 The Transport Services architecture does not recommend use of 1059 specific security protocols or algorithms. Its goal is to offer ease 1060 of use for existing protocols by providing a generic security-related 1061 interface. Each provided interface translates to an existing 1062 protocol-specific interface provided by supported security protocols. 1063 For example, trust verification callbacks are common parts of TLS 1064 APIs. Transport Services APIs will expose similar functionality 1065 [I-D.ietf-taps-transport-security]. 1067 As described above in Section 4.2.3, if a Transport Services system 1068 races between two different Protocol Stacks, both SHOULD use the same 1069 security protocols and options. However, a Transport Services system 1070 MAY race different security protocols, e.g., if the application 1071 explicitly specifies that it considers them equivalent. 1073 Applications need to ensure that they use security APIs 1074 appropriately. In cases where applications use an interface to 1075 provide sensitive keying material, e.g., access to private keys or 1076 copies of pre-shared keys (PSKs), key use needs to be validated. For 1077 example, applications ought not to use PSK material created for the 1078 Encapsulating Security Protocol (ESP, part of IPsec) [RFC4303] with 1079 QUIC, and applications ought not to use private keys intended for 1080 server authentication as keys for client authentication. 1082 Moreover, Transport Services systems MUST NOT automatically fall back 1083 from secure protocols to insecure protocols, or to weaker versions of 1084 secure protocols. For example, if an application requests a specific 1085 version of TLS, but the desired version of TLS is not available, its 1086 connection will fail. Applications are thus responsible for 1087 implementing security protocol fallback or version fallback by 1088 creating multiple Transport Services Connections, if so desired. 1089 Alternatively, a Transport Services system MAY allow applications to 1090 specify that fallback to a specific other version of a protocol is 1091 allowed. 1093 7. Acknowledgements 1095 This work has received funding from the European Union's Horizon 2020 1096 research and innovation programme under grant agreements No. 644334 1097 (NEAT) and No. 688421 (MAMI). 1099 This work has been supported by Leibniz Prize project funds of DFG - 1100 German Research Foundation: Gottfried Wilhelm Leibniz-Preis 2011 (FKZ 1101 FE 570/4-1). 1103 This work has been supported by the UK Engineering and Physical 1104 Sciences Research Council under grant EP/R04144X/1. 1106 Thanks to Theresa Enghardt, Max Franke, Mirja Kuehlewind, Jonathan 1107 Lennox, and Michael Welzl for the discussions and feedback that 1108 helped shape the architecture described here. Thanks as well to 1109 Stuart Cheshire, Josh Graessley, David Schinazi, and Eric Kinnear for 1110 their implementation and design efforts, including Happy Eyeballs, 1111 that heavily influenced this work. 1113 8. References 1115 8.1. Normative References 1117 [I-D.ietf-taps-interface] 1118 Trammell, B., Welzl, M., Enghardt, T., Fairhurst, G., 1119 Kuehlewind, M., Perkins, C., Tiesel, P., Wood, C., and T. 1120 Pauly, "An Abstract Application Layer Interface to 1121 Transport Services", Work in Progress, Internet-Draft, 1122 draft-ietf-taps-interface-05, 4 November 2019, 1123 . 1126 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1127 Requirement Levels", BCP 14, RFC 2119, 1128 DOI 10.17487/RFC2119, March 1997, 1129 . 1131 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1132 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1133 May 2017, . 1135 8.2. Informative References 1137 [I-D.ietf-taps-impl] 1138 Brunstrom, A., Pauly, T., Enghardt, T., Grinnemo, K., 1139 Jones, T., Tiesel, P., Perkins, C., and M. Welzl, 1140 "Implementing Interfaces to Transport Services", Work in 1141 Progress, Internet-Draft, draft-ietf-taps-impl-05, 4 1142 November 2019, . 1145 [I-D.ietf-taps-minset] 1146 Welzl, M. and S. Gjessing, "A Minimal Set of Transport 1147 Services for End Systems", Work in Progress, Internet- 1148 Draft, draft-ietf-taps-minset-11, 27 September 2018, 1149 . 1152 [I-D.ietf-taps-transport-security] 1153 Enghardt, T., Pauly, T., Perkins, C., Rose, K., and C. 1154 Wood, "A Survey of the Interaction Between Security 1155 Protocols and Transport Services", Work in Progress, 1156 Internet-Draft, draft-ietf-taps-transport-security-11, 5 1157 March 2020, . 1160 [POSIX] "IEEE Std. 1003.1-2008 Standard for Information Technology 1161 -- Portable Operating System Interface (POSIX). Open 1162 group Technical Standard: Base Specifications, Issue 7", 1163 2008. 1165 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 1166 RFC 793, DOI 10.17487/RFC0793, September 1981, 1167 . 1169 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 1170 RFC 4303, DOI 10.17487/RFC4303, December 2005, 1171 . 1173 [RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265, 1174 DOI 10.17487/RFC6265, April 2011, 1175 . 1177 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 1178 Protocol (HTTP/1.1): Message Syntax and Routing", 1179 RFC 7230, DOI 10.17487/RFC7230, June 2014, 1180 . 1182 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 1183 Transfer Protocol Version 2 (HTTP/2)", RFC 7540, 1184 DOI 10.17487/RFC7540, May 2015, 1185 . 1187 [RFC8095] Fairhurst, G., Ed., Trammell, B., Ed., and M. Kuehlewind, 1188 Ed., "Services Provided by IETF Transport Protocols and 1189 Congestion Control Mechanisms", RFC 8095, 1190 DOI 10.17487/RFC8095, March 2017, 1191 . 1193 [RFC8305] Schinazi, D. and T. Pauly, "Happy Eyeballs Version 2: 1194 Better Connectivity Using Concurrency", RFC 8305, 1195 DOI 10.17487/RFC8305, December 2017, 1196 . 1198 [RFC8445] Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive 1199 Connectivity Establishment (ICE): A Protocol for Network 1200 Address Translator (NAT) Traversal", RFC 8445, 1201 DOI 10.17487/RFC8445, July 2018, 1202 . 1204 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1205 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1206 . 1208 Authors' Addresses 1210 Tommy Pauly (editor) 1211 Apple Inc. 1212 One Apple Park Way 1213 Cupertino, California 95014, 1214 United States of America 1216 Email: tpauly@apple.com 1218 Brian Trammell (editor) 1219 Google 1220 Gustav-Gull-Platz 1 1221 CH- 8004 Zurich 1222 Switzerland 1224 Email: ietf@trammell.ch 1226 Anna Brunstrom 1227 Karlstad University 1228 Universitetsgatan 2 1229 SE- 651 88 Karlstad 1230 Sweden 1232 Email: anna.brunstrom@kau.se 1234 Godred Fairhurst 1235 University of Aberdeen 1236 Fraser Noble Building 1237 Aberdeen, AB24 3UE 1239 Email: gorry@erg.abdn.ac.uk 1240 URI: http://www.erg.abdn.ac.uk/ 1242 Colin Perkins 1243 University of Glasgow 1244 School of Computing Science 1245 Glasgow G12 8QQ 1246 United Kingdom 1248 Email: csp@csperkins.org 1250 Philipp S. Tiesel 1251 TU Berlin 1252 Einsteinufer 25 1253 10587 Berlin 1254 Germany 1256 Email: philipp@tiesel.net 1258 Chris Wood 1259 Apple Inc. 1260 One Apple Park Way 1261 Cupertino, California 95014, 1262 United States of America 1264 Email: cawood@apple.com