idnits 2.17.1 draft-vvv-webtransport-http3-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([HTTP3], [OVERVIEW]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (May 3, 2019) is 1820 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-01) exists of draft-vvv-webtransport-overview-00 ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) == Outdated reference: A later version (-02) exists of draft-vvv-webtransport-quic-00 Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group V. Vasiliev 3 Internet-Draft Google 4 Intended status: Standards Track May 3, 2019 5 Expires: November 4, 2019 7 WebTransport over HTTP/3 8 draft-vvv-webtransport-http3-00 10 Abstract 12 WebTransport [OVERVIEW] is a protocol framework that enables clients 13 constrained by the Web security model to communicate with a remote 14 server using a secure multiplexed transport. This document describes 15 Http3Transport, a WebTransport protocol that is based on HTTP/3 16 [HTTP3] and provides support for unidirectional streams, 17 bidirectional streams and datagrams, all multiplexed within the same 18 HTTP/3 connection. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at https://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on November 4, 2019. 37 Copyright Notice 39 Copyright (c) 2019 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (https://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 3 57 3. Session IDs . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 4. Session Establishment . . . . . . . . . . . . . . . . . . . . 4 59 4.1. Establishing a Transport-Capable HTTP/3 Connection . . . 4 60 4.2. Extended CONNECT in HTTP/3 . . . . . . . . . . . . . . . 4 61 4.3. Creating a New Session . . . . . . . . . . . . . . . . . 5 62 4.4. Limiting Number of Simultaneous Sessions . . . . . . . . 5 63 5. WebTransport Features . . . . . . . . . . . . . . . . . . . . 6 64 5.1. Unidirectional streams . . . . . . . . . . . . . . . . . 6 65 5.2. Client-Initiated Bidirectional Streams . . . . . . . . . 6 66 5.3. Server-Initiated Bidirectional Streams . . . . . . . . . 7 67 5.4. Datagrams . . . . . . . . . . . . . . . . . . . . . . . . 7 68 6. Session Termination . . . . . . . . . . . . . . . . . . . . . 8 69 7. Transport Properties . . . . . . . . . . . . . . . . . . . . 8 70 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 71 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 72 9.1. Upgrade Token Registration . . . . . . . . . . . . . . . 9 73 9.2. QUIC Transport Parameter Registration . . . . . . . . . . 9 74 9.3. Frame Type Registration . . . . . . . . . . . . . . . . . 10 75 9.4. Stream Type Registration . . . . . . . . . . . . . . . . 10 76 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 77 10.1. Normative References . . . . . . . . . . . . . . . . . . 10 78 10.2. Informative References . . . . . . . . . . . . . . . . . 12 79 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 12 81 1. Introduction 83 HTTP/3 [HTTP3] is a protocol defined on top of QUIC [QUIC-TRANSPORT] 84 that can provide multiplexed HTTP requests within the same QUIC 85 connection. This document defines Http3Transport, a mechanism for 86 embedding arbitrary streams of non-HTTP data into HTTP/3 in a manner 87 that it can be used within WebTransport model [OVERVIEW]. Using the 88 mechanism described here, multiple Http3Transport can be transmitted 89 simultaneously with regular HTTP traffic on the same HTTP/3 90 connection. 92 1.1. Terminology 94 The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 95 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 96 "OPTIONAL" in this document are to be interpreted as described in BCP 97 14 [RFC2119] [RFC8174] when, and only when, they appear in all 98 capitals, as shown here. 100 This document follows terminology defined in Section 1.2 of 101 [OVERVIEW]. Note that this document distinguishes between a 102 WebTransport server and an HTTP/3 server. An HTTP/3 server is the 103 server that terminates HTTP/3 connection; a WebTransport is one of 104 potentially many applications that accepts WebTransport sessions, 105 which HTTP/3 server can multiplex using the mechanisms defined in 106 this document. 108 2. Protocol Overview 110 Http3Transport servers are identified by a pair of authority value 111 and path value (defined in [RFC3986] Sections 3.2 and 3.3 112 correspondingly). 114 When an HTTP/3 connection is established, the client and the server 115 have to negotiate a specific set of QUIC transport parameters that 116 would allow HTTP/3 connection to back an Http3Transport later, 117 notably, the "http3_transport_support" parameter that signals 118 Http3Transport support to the peer. 120 Http3Transport session begins with the client sending an extended 121 CONNECT request [RFC8441]. If the server accepts the request, an 122 Http3Transport session is established. As a part of this process, 123 the client proposes, and the server confirms, a session ID. A 124 session ID (SID) is unique within a given HTTP/3 connection, and is 125 used to associate all of the streams and datagrams with the specific 126 session. 128 After the session is established, the peers can exchange data in 129 following ways: 131 o A client can create a bidirectional stream using a special 132 indefinite-length HTTP/3 frame that transfers ownership of the 133 stream to Http3Transport. 135 o A server can create a bidirectional stream, which is possible 136 since HTTP/3 does not define any semantics for server-initiated 137 bidirectional streams. 139 o Both client and server can create a unidirectional stream using a 140 special stream type. 142 o A datagram can be sent using QUIC DATAGRAM frame [QUIC-DATAGRAM]. 144 Http3Transport is terminated when the corresponding CONNECT stream is 145 closed. 147 3. Session IDs 149 In order to allow multiple Http3Transport sessions to occur within 150 the same HTTP/3 connection, Http3Transport assigns every session a 151 unique ID, further referred to as session ID. A session ID is a 152 62-bit number that is unique within the scope of HTTP/3 connection, 153 and is never reused even after the session is closed. The client 154 unilaterally picks the session ID. As the IDs are encoded using 155 variable length integers, the client SHOULD start with zero and then 156 sequentially increment the IDs. A session ID is considered to be 157 used, and thus ineligible for new transports, as soon as the client 158 sends a request proposing it. These reuse requirements guarantee 159 that both HTTP/3 endpoints have a consistent view of session ID 160 space. 162 Session ID is a hop-by-hop property: if Http3Transport is proxied, 163 the same session can have different IDs from client's and from 164 server's perspective. Because of that, session IDs SHOULD NOT be 165 exposed to the application. 167 4. Session Establishment 169 4.1. Establishing a Transport-Capable HTTP/3 Connection 171 In order to indicate support for Http3Transport, the client MAY send 172 an empty "http3_transport_support" transport parameter, and the 173 server MAY echo it in response. The peers MUST NOT use any 174 Http3Transport-related functionality unless the parameter is 175 negotiated. The negotiation is done through a QUIC transport 176 parameter instead of HTTP/3-level setting in order to ensure that the 177 server is aware of the connection being Http3Transport-capable when 178 deciding which server transport parameters to send. 180 If "http3_transport_support" is negotiated, support for QUIC DATAGRAM 181 frame MUST be negotiated. The "initial_max_bidi_streams" MUST be 182 greater than zero, overriding the existing requirement in [HTTP3]. 184 4.2. Extended CONNECT in HTTP/3 186 [RFC8441] defines an extended CONNECT method in Section 4, enabled by 187 SETTINGS_ENABLE_CONNECT_PROTOCOL parameter. That parameter is only 188 defined for HTTP/2. This document does not create a new parameter to 189 support extended CONNECT in general HTTP/3 context; instead, 190 "http3_transport_support" transport parameter implies that a peer 191 understands extended CONNECT. 193 4.3. Creating a New Session 195 In order to create a new Http3Transport session, a client can send an 196 HTTP CONNECT request. The ":protocol" pseudo-header field MUST be 197 set to "webtransport". The ":scheme" field MUST be "https". Both 198 the ":authority" and the ":path" value MUST be set; those fields 199 indicate the desired WebTransport server. The client MUST pick a new 200 session ID as described in Section 3 and send it encoded as a 201 hexadecimal literal in ":sessionid" header. An "Origin" header 202 [RFC6454] MUST be provided within the request. 204 Upon receiving an extended CONNECT request with a ":protocol" field 205 set to ":webtransport", the HTTP/3 server can check if it has a 206 WebTransport server associated with the specified ":authority" and 207 ":path" values. If it does not, it SHOULD reply with status code 404 208 (Section 6.5.4, [RFC7231]). If it does, it MAY accept the session by 209 replying with status code 200. Before accepting it, the HTTP/3 210 server MUST verify that the proposed session ID does not conflict 211 with any currently open sessions, and it MAY verify that it was not 212 used ever before on this connection. The WebTransport server MUST 213 verify the "Origin" header to ensure that the specified origin is 214 allowed to access the server in question. 216 From the client perspective, an Http3Transport session is established 217 when the client receives a 200 response. From the server 218 perspective, a session is established once it sends a 200 response. 219 Both endpoints MUST NOT open any streams or send any datagrams before 220 the session is established. Http3Transport does not support 0-RTT. 222 4.4. Limiting Number of Simultaneous Sessions 224 From the flow control perspective, Http3Transport sessions count 225 against the stream flow control just like regular HTTP requests, 226 since they are established via an HTTP CONNECT request. This 227 document does not make any effort to introduce a separate flow 228 control mechanism for sessions, nor to separate HTTP requests from 229 WebTransport data streams. If the server needs to limit the rate of 230 incoming requests, it has alternative mechanisms at its disposal: 232 o "HTTP_REQUEST_REJECTED" error code defined in [HTTP3] indicates 233 the receiving HTTP/3 stack that the request was not processed in 234 any way. 236 o HTTP status code 429 indicates that the request was rejected due 237 to rate limiting [RFC6585]. Unlike the previous method, this 238 signal is directly propagated to the application. 240 5. WebTransport Features 242 Http3Transport provides a full set of features described in 243 [OVERVIEW]: unidirectional streams, bidirectional streams and 244 datagrams, initiated by either endpoint. 246 Session IDs are used to demultiplex streams and datagrams belonging 247 to different Http3Transport sessions. On the wire, those are encoded 248 using QUIC variable length integer scheme described in 249 [QUIC-TRANSPORT]. 251 5.1. Unidirectional streams 253 Once established, both endpoints can open unidirectional streams. 254 The HTTP/3 control stream type SHALL be 0x54. The body of the stream 255 SHALL be the stream type, followed by the session ID, encoded as a 256 variable-length integer, followed by the user-specified stream data 257 (Figure 1). 259 0 1 2 3 260 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 262 | 0x54 (i) ... 263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 264 | Session ID (i) ... 265 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 266 | Stream Body ... 267 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 269 Figure 1: Unidirectional Http3Transport stream format 271 5.2. Client-Initiated Bidirectional Streams 273 Http3Transport clients can initiate bidirectional streams by opening 274 an HTTP/3 bidirectional stream and sending an HTTP/3 frame with type 275 "WEBTRANSPORT_STREAM" (type=0x41). The format of the frame SHALL be 276 the frame type, followed by the session ID, encoded as a variable- 277 length integer, followed by the user-specified stream data 278 (Figure 2). The frame SHALL last until the end of the stream. 280 0 1 2 3 281 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 282 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 283 | 0x41 (i) ... 284 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 285 | Session ID (i) ... 286 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 287 | Stream Body ... 288 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 290 Figure 2: WEBTRANSPORT_STREAM frame format 292 5.3. Server-Initiated Bidirectional Streams 294 Http3Transport servers can initiate bidirectional streams by opening 295 a bidirectional stream within the HTTP/3 connection. Note that since 296 HTTP/3 does not define any semantics for server-initiated 297 bidirectional streams, this document is a normative reference for the 298 semantics of such streams for all HTTP/3 connections in which the 299 "http3_transport_support" option is negotiated. The format of those 300 streams SHALL be the session ID, encoded as a variable-length 301 integer, followed by the user-specified stream data (Figure 3). 303 0 1 2 3 304 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 305 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 306 | Session ID (i) ... 307 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 308 | Stream Body ... 309 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 311 Figure 3: Server-initiated bidirectional stream format 313 5.4. Datagrams 315 Datagrams can be sent using the DATAGRAM frame as defined in 316 [QUIC-DATAGRAM]. Just as with server-initiated bidirectional 317 streams, the HTTP/3 specification does not assign any semantics to 318 the datagrams, hence making this document a normative reference for 319 all HTTP/3 connections in which the "http3_transport_support" option 320 is negotiated. The format of those datagrams SHALL be the session 321 ID, followed by the user-specified payload (Figure 4). 323 0 1 2 3 324 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 325 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 326 | Session ID (i) ... 327 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 328 | Datagram Body ... 329 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 331 Figure 4: Datagram format 333 In QUIC, a datagram frame can span at most one packet. Because of 334 that, the applications have to know the maximum size of the datagram 335 they can send. However, when proxying the datagrams, the hop-by-hop 336 MTUs can vary. TODO: describe how the path MTU can be computed, 337 specifically propagation across HTTP proxies. 339 6. Session Termination 341 An Http3Transport is terminated when either peer closes the stream 342 associated with the CONNECT request that initiated the session. Upon 343 learning about the session being terminated, the endpoint MUST stop 344 sending new datagrams and reset all of the streams associated with 345 the session. 347 7. Transport Properties 349 Http3Transport supports most of WebTransport features as described in 350 Table 1. 352 +---------------------+--------------------------+ 353 | Property | Support | 354 +---------------------+--------------------------+ 355 | Stream independence | Always supported | 356 | | | 357 | Partial reliability | Always supported | 358 | | | 359 | Pooling support | Always supported | 360 | | | 361 | Connection mobility | Implementation-dependent | 362 +---------------------+--------------------------+ 364 Table 1: Transport properties of Http3Transport 366 8. Security Considerations 368 Http3Transport satisfies all of the security requirements imposed by 369 [QUIC-TRANSPORT] on WebTransport protocols, thus providing a secure 370 framework for client-server communication in cases when the the 371 client is potentially untrusted. Since HTTP/3 is QUIC-based, a lot 372 of the analysis in [WEBTRANSPORT-QUIC] applies here. 374 Http3Transport requires explicit opt-in through the use of a QUIC 375 transport parameter; this avoids potential protocol confusion attacks 376 by ensuring the HTTP/3 server explicitly supports it. It also 377 requires the use of the Origin header, providing the server with the 378 ability to deny access to Web-based clients that do not originate 379 from a trusted origin. 381 Just like HTTP/3 itself, Http3Transport pools traffic to different 382 origins within a single connection. Different origins imply 383 different trust domains, meaning that the implementations have to 384 treat each transport as potentially hostile towards others on the 385 same connection. One potential attack is a resource exhaustion 386 attack: since all of the transports share both congestion control and 387 flow control context, a single client aggressively using up those 388 resources can cause other transports to stall. The user agent thus 389 SHOULD implement a fairness scheme that ensures that each transport 390 within connection gets a reasonable share of controlled resources; 391 this applies both to sending data and to opening new streams. 393 9. IANA Considerations 395 9.1. Upgrade Token Registration 397 The following entry is added to the "Hypertext Transfer Protocol 398 (HTTP) Upgrade Token Registry" registry established by [RFC7230]: 400 The "webtransport" label identifies HTTP/3 used as a protocol for 401 WebTransport: 403 Value: webtransport 405 Description WebTransport over HTTP/3 407 Reference: This document 409 9.2. QUIC Transport Parameter Registration 411 The following entry is added to the "QUIC Transport Parameter 412 Registry" registry established by [QUIC-TRANSPORT]: 414 The "http3_transport_support" parameter indicates that the specified 415 HTTP/3 connection is Http3Transport-capable. 417 Value: 0x???? 418 Parameter Name: http3_transport_support 420 Specification: This document 422 9.3. Frame Type Registration 424 The following entry is added to the "HTTP/3 Frame Type" registry 425 established by [HTTP3]: 427 The "WEBTRANSPORT_STREAM" frame allows HTTP/3 client-initiated 428 bidirectional streams to be used by WebTransport: 430 Code: 0x54 432 Frame Type: WEBTRANSPORT_STREAM 434 Specification: This document 436 9.4. Stream Type Registration 438 The following entry is added to the "HTTP/3 Stream Type" registry 439 established by [HTTP3]: 441 The "WebTransport stream" type allows unidirectional streams to be 442 used by WebTransport: 444 Code: 0x41 446 Stream Type: WebTransport stream 448 Specification: This document 450 Sender: Both 452 10. References 454 10.1. Normative References 456 [HTTP3] Bishop, M., Ed., "Hypertext Transfer Protocol Version 3 457 (HTTP/3)", draft-ietf-quic-http (work in progress). 459 [OVERVIEW] 460 Vasiliev, V., "The WebTransport Protocol Framework", 461 draft-vvv-webtransport-overview-00 (work in progress). 463 [QUIC-DATAGRAM] 464 Pauly, T., Kinnear, E., and D. Schinazi, "An Unreliable 465 Datagram Extension to QUIC", draft-pauly-quic-datagram 466 (work in progress). 468 [QUIC-TRANSPORT] 469 Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based 470 Multiplexed and Secure Transport", draft-ietf-quic- 471 transport (work in progress). 473 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 474 Requirement Levels", BCP 14, RFC 2119, 475 DOI 10.17487/RFC2119, March 1997, 476 . 478 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 479 Resource Identifier (URI): Generic Syntax", STD 66, 480 RFC 3986, DOI 10.17487/RFC3986, January 2005, 481 . 483 [RFC6454] Barth, A., "The Web Origin Concept", RFC 6454, 484 DOI 10.17487/RFC6454, December 2011, 485 . 487 [RFC6585] Nottingham, M. and R. Fielding, "Additional HTTP Status 488 Codes", RFC 6585, DOI 10.17487/RFC6585, April 2012, 489 . 491 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 492 Protocol (HTTP/1.1): Message Syntax and Routing", 493 RFC 7230, DOI 10.17487/RFC7230, June 2014, 494 . 496 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 497 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, 498 DOI 10.17487/RFC7231, June 2014, 499 . 501 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 502 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 503 May 2017, . 505 [RFC8441] McManus, P., "Bootstrapping WebSockets with HTTP/2", 506 RFC 8441, DOI 10.17487/RFC8441, September 2018, 507 . 509 10.2. Informative References 511 [WEBTRANSPORT-QUIC] 512 Vasiliev, V., "WebTransport over QUIC", draft-vvv- 513 webtransport-quic-00 (work in progress). 515 Author's Address 517 Victor Vasiliev 518 Google 520 Email: vasilvv@google.com