idnits 2.17.1 draft-pot-prefer-push-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 146: '...-Depth pushes, servers SHOULD also set...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 02, 2018) is 1969 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-19) exists of draft-ietf-httpbis-header-structure-09 ** Obsolete normative reference: RFC 7540 (Obsoleted by RFC 9113) Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group E. Pot 3 Internet-Draft December 02, 2018 4 Intended status: Standards Track 5 Expires: June 5, 2019 7 HTTP-client suggested Push Preference 8 draft-pot-prefer-push-00 10 Abstract 12 TODO 14 Status of This Memo 16 This Internet-Draft is submitted in full conformance with the 17 provisions of BCP 78 and BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF). Note that other groups may also distribute 21 working documents as Internet-Drafts. The list of current Internet- 22 Drafts is at https://datatracker.ietf.org/drafts/current/. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 This Internet-Draft will expire on June 5, 2019. 31 Copyright Notice 33 Copyright (c) 2018 IETF Trust and the persons identified as the 34 document authors. All rights reserved. 36 This document is subject to BCP 78 and the IETF Trust's Legal 37 Provisions Relating to IETF Documents 38 (https://trustee.ietf.org/license-info) in effect on the date of 39 publication of this document. Please review these documents 40 carefully, as they describe your rights and restrictions with respect 41 to this document. Code Components extracted from this document must 42 include Simplified BSD License text as described in Section 4.e of 43 the Trust Legal Provisions and are provided without warranty as 44 described in the Simplified BSD License. 46 1. Introduction 48 HTTP/2 [RFC7540] allows a server to push request and response pairs 49 to HTTP clients. This can save round-trips between server and client 50 and reduces the total time required for a client to retrieve all 51 requested resources. 53 This mechanism is completely controlled by the server, and it is up 54 to implementors of services to anticipate what resources a client 55 might need next. 57 This specification defines a new HTTP header that allows a client to 58 inform a server of resources they will require next based on a link 59 relation type [RFC8288]. 61 2. Rationale 63 Many HTTP-based services provide some mechanism to embed the HTTP 64 response bodies of resources into other HTTP resource. A common 65 example of this is when a resource is structured as a "collection of 66 resources". Examples of this include: 68 o The Atom Syndication Format [RFC4287] that encodes "ATOM:entry" 69 XML elements for each subordinate. 71 o The [HAL] format, which provides an "_embedded" element to 72 embedding bodies of resources in other resources. 74 o The [JSON-API] format, which provides a "included" property to 75 embed resources. 77 Embedding resource responses in other resources has two major 78 peformance advantages: 80 1. It reduces the number of roundtrips. A client can make a single 81 HTTP request and get many responses. 83 2. Generating a related set of resources can often be implemented on 84 a server to be less time consuming that generating each response 85 individually. 87 These mechanism also poses an issue. HTTP clients and intermediaries 88 are not aware of these embedded resources, because there was never a 89 true HTTP request. 91 By leveraging HTTP/2 push instead of format-specific embedding 92 mechanisms, it's possible for services to push subordinate resources 93 as soon as possible, generate HTTP responses as a "set" all while 94 still taking advantage of existing HTTP infrastructure. Another 95 advantage of HTTP/2 push over embedding it that it allows resources 96 of mixed mediatypes to be pushed. 98 In many REST apis, sub-ordiniate or embedded resources are identified 99 by their link relation. By using the link relation, it will be 100 possible for a client to indicate to a server which links they intent 101 to follow, allowing a server to only push the resources that the 102 client knows it will need. 104 3. The header format 106 This format should uses the "List" format from the Structured Headers 107 format [I-D.ietf-httpbis-header-structure]. 109 GET /articles HTTP/1.1 110 Prefer-Push: item, author, "https://example.org/custom-rel" 112 4. Handling a Prefer-Push request 114 When a server receives the "Prefer-Push" header, it can choose to 115 push the related resources. It's up to the discretion of the 116 implementor to decide which resources to push. A server is also free 117 to ignore push-requests. 119 [RFC8288] defines Web Links as an abstract concept that can be 120 specified in a variety of ways. It defines the HTTP "Link" header as 121 a specific serialization. Like [RFC8288], this specification is not 122 dependent on the serialization of the Web Link. 124 5. Using with "preload" relationship types 126 [W3C.CR-preload-20171026] defines a "preload" relationship type. 127 This relationship type can be used by an origin to inform a client or 128 intermediate to start fetching a resource, or a proxy to initiate a 129 HTTP/2 push. 131 A distinct difference between "preload" and "Prefer-Push" is that 132 "preload" can be used by origin servers to inform clients and 133 intermediates to fetch and potentially push resources optimistically, 134 but fundamentally "Prefer-Push" is a completely client-driven 135 mechanism. 137 As such, these features can co-exist. 139 6. Security considerations 141 The Prefer-Push mechanism can potentially result in a large number of 142 resources being pushed. This can result in a Denial-of-Service 143 attack. 145 A server must set reasonable restrictions around the amount of pushes 146 it sends. In the case of N-Depth pushes, servers SHOULD also set 147 restrictions around the depth it supports. 149 7. IANA considerations 151 This document defines the "Prefer-Push" HTTP request fields and 152 registers them in the Permanent Message Header Fields registry. 154 7.1. Prefer-Push 156 o Header field name: Prefer-Push 158 o Applicable protocol: HTTP 160 o Status: standard 162 o Author/Change controller: IETF 164 o Specification document(s): Section 7.1 of this document 166 o Related information: for Client Hints 168 8. Acknowledgements 170 9. References 172 9.1. Normative References 174 [I-D.ietf-httpbis-header-structure] 175 Nottingham, M. and P. Kamp, "Structured Headers for HTTP", 176 draft-ietf-httpbis-header-structure-09 (work in progress), 177 December 2018. 179 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 180 Transfer Protocol Version 2 (HTTP/2)", RFC 7540, 181 DOI 10.17487/RFC7540, May 2015, 182 . 184 [RFC8288] Nottingham, M., "Web Linking", RFC 8288, 185 DOI 10.17487/RFC8288, October 2017, 186 . 188 [W3C.CR-preload-20171026] 189 Grigorik, I. and Y. Weiss, "Preload", World Wide Web 190 Consortium CR CR-preload-20171026, October 2017, 191 . 193 9.2. Informative References 195 [HAL] Kelly, M., "JSON Hypertext Application Language", June 196 2012, 197 . 199 [JSON-API] 200 "JSON:API", n.d., . 202 [RFC4287] Nottingham, M., Ed. and R. Sayre, Ed., "The Atom 203 Syndication Format", RFC 4287, DOI 10.17487/RFC4287, 204 December 2005, . 206 Appendix A. Example 208 A server serves a document with a JSON-based media-type. The 209 following example document might represent a list of articles: 211 HTTP/1.1 200 OK 212 Content-Type: application/vnd.example.links+json 214 { 215 "links": [ 216 { "rel": "item", "href": "/article/1" }, 217 { "rel": "item", "href": "/article/2" }, 218 { "rel": "item", "href": "/article/3" }, 219 { "rel": "item", "href": "/article/4" }, 220 { "rel": "item", "href": "/article/5" } 221 ] 222 "total" : 5, 223 } 225 A "Prefer-Push"-enabled client knows it will want to receive the full 226 representations of all articles. When the client receives the list 227 of articles via a "GET" request, it can indicate this preference with 228 the "Prefer-Push" header: 230 GET /article HTTP/1.1 231 Accept: application/vnd.example.links+json 232 Prefer-Push: item 233 Upon recieving this request, server may immediately generate the 234 request and response pairs for every "item" link in the collection 235 and initiate push streams for each. 237 Author's Address 239 Evert Pot 241 Email: me@evertpot.com 242 URI: https://evertpot.com/