HTTP Alternative Services
draft-ietf-httpbis-alt-svc-14
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2021-03-16
|
14 | (System) | Received changes through RFC Editor sync (added Errata tag) |
2016-04-08
|
14 | (System) | IANA registries were updated to include RFC7838 |
2016-04-07
|
14 | (System) | RFC published |
2016-04-06
|
14 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2016-04-01
|
14 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2016-03-23
|
14 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2016-03-21
|
14 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2016-03-20
|
14 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2016-03-18
|
14 | (System) | IANA Action state changed to Waiting on Authors |
2016-03-08
|
14 | (System) | RFC Editor state changed to EDIT |
2016-03-08
|
14 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2016-03-08
|
14 | (System) | Announcement was received by RFC Editor |
2016-03-08
|
14 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2016-03-08
|
14 | Julian Reschke | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2016-03-08
|
14 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-14.txt |
2016-03-08
|
13 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2016-03-08
|
13 | Amy Vezza | IESG has approved the document |
2016-03-08
|
13 | Amy Vezza | Closed "Approve" ballot |
2016-03-08
|
13 | Amy Vezza | Ballot approval text was generated |
2016-03-08
|
13 | Barry Leiba | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed |
2016-03-03
|
13 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Benoit Claise |
2016-03-03
|
13 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Benoit Claise |
2016-03-03
|
13 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'Withdrawn' |
2016-03-03
|
13 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2016-03-03
|
13 | Michelle Cotton | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2016-03-03
|
13 | Benoît Claise | [Ballot comment] A clear sentence such as this one would have helped me: OLD: This specification defines a new concept in HTTP, "Alternative … [Ballot comment] A clear sentence such as this one would have helped me: OLD: This specification defines a new concept in HTTP, "Alternative Services", that allows an origin server to nominate additional means of interacting with it on the network. NEW: This specification defines a new concept in HTTP, "Alternative Services", applicable to both HTTP 1.1 and HTTP 2.0, that allows an origin server to nominate additional means of interacting with it on the network. I overlooked this info in the following sentence, i.e. the fact that HTTP header = HTTP 1.1: It defines a general framework for this in Section 2, along with specific mechanisms for advertising their existence using HTTP header fields (Section 3) or HTTP/2 frames (Section 4), plus a way to indicate that an alternative service was used (Section 5). |
2016-03-03
|
13 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2016-03-02
|
13 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2016-03-02
|
13 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2016-03-02
|
13 | Spencer Dawkins | [Ballot comment] A couple of very nitty nits. In this text When the protocol does not explicitly carry the scheme (e.g., as is … [Ballot comment] A couple of very nitty nits. In this text When the protocol does not explicitly carry the scheme (e.g., as is usually the case for HTTP/1.1 over TLS, servers can mitigate this ^ I think there's a missing closing parenthesis right around here. If there's not, I'm having trouble parsing the sentence. risk by either assuming that all requests have an insecure context, or by refraining from advertising alternative services for insecure schemes (such as HTTP). If there was an obvious reference for SPDY in this text The Alt-Svc header field was influenced by the design of the Alternate-Protocol header field in SPDY. that might be useful to include. |
2016-03-02
|
13 | Spencer Dawkins | [Ballot Position Update] New position, Yes, has been recorded for Spencer Dawkins |
2016-03-02
|
13 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2016-03-01
|
13 | Ben Campbell | [Ballot comment] Just a few minor comments: = Substantive = - 2.2, last paragraph: Why might a client choose not to to remove non-persistent alternatives … [Ballot comment] Just a few minor comments: = Substantive = - 2.2, last paragraph: Why might a client choose not to to remove non-persistent alternatives from cache on a network change? (i.e., why not MUST)? - 2.4, first 2 paragraphs: These paragraphs seem to be equivalent to saying “Clients MAY use alternative services; also they SHOULD.” Or is the intent that, if a client uses alternative services, it SHOULD do so under these conditions? = Editorial = - 2.3, first paragraph: I find "MUST only" constructions to be confusing and sometimes ambiguous due to the implied NOT. I suggest making that explicit: OLD A client MUST only use a TLS-based alternative service if the client also supports TLS Server Name Indication (SNI). NEW A client MUST NOT use a TLS-based alternative service unless the client supports TLS Server Name Indication (SNI). |
2016-03-01
|
13 | Ben Campbell | [Ballot Position Update] New position, Yes, has been recorded for Ben Campbell |
2016-03-01
|
13 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2016-03-01
|
13 | Barry Leiba | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup |
2016-03-01
|
13 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2016-03-01
|
13 | Julian Reschke | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2016-03-01
|
13 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-13.txt |
2016-03-01
|
12 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2016-03-01
|
12 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2016-03-01
|
12 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2016-03-01
|
12 | Stephen Farrell | [Ballot comment] - If TLS1.3 continues to have 0rtt replayable early-data, could that interact badly with Alt-Svc? Or what about false-start? For example, if such … [Ballot comment] - If TLS1.3 continues to have 0rtt replayable early-data, could that interact badly with Alt-Svc? Or what about false-start? For example, if such a combination meant that an otherwise functional replay detection scheme would fail to spot a replay that would be bad. This is not a DISCUSS, as neither TLS1.3 nor false-start are formally "done" so blocking this for that reason would be "odd";-) However, both are implemented or will be, so I would love to chat about it and that might lead to some new security considerations text, here or in a TLS document. - Does this still all work for opportunistic security for HTTP? If not, why not? Note: I'm not asking if the WG have reached consensus on oppo, rather I'd like to be reassured that if they do, this will still work for that. I think that's all ok, though, right? - section 3: with "clear" you say alternatives are to be invalidated. Does that mean anything about cached resources? I assume not, but just checking. - section 5: I wondered why you didn't include the ALPN identifier here? - 9.2: What does "might also choose" mean and which "other requirements" have you in mind? That's very vague. - 9.5: What are you telling me with the last para? |
2016-03-01
|
12 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2016-03-01
|
12 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2016-02-29
|
12 | Francis Dupont | Request for Last Call review by GENART Completed: Ready. Reviewer: Francis Dupont. |
2016-02-25
|
12 | Sabrina Tanamal | IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK |
2016-02-25
|
12 | Alissa Cooper | [Ballot comment] Couple of places where the language used was confusing for me: = Sec 2.4 = s/it can be used until the alternative connection … [Ballot comment] Couple of places where the language used was confusing for me: = Sec 2.4 = s/it can be used until the alternative connection is established./the existing connection can be used until the alternative connection is established./ = Sec 3.1 = OLD Unknown parameters MUST be ignored, that is the values (alt-value) they appear in MUST be processed as if the unknown parameter was not present. NEW Unknown parameters MUST be ignored. That is, the values (alt-value) in which they appear MUST be processed as if the unknown parameters were not present. |
2016-02-25
|
12 | Alissa Cooper | [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper |
2016-02-25
|
12 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Chris Lonvick. |
2016-02-24
|
12 | Barry Leiba | Ballot has been issued |
2016-02-24
|
12 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2016-02-24
|
12 | Barry Leiba | Created "Approve" ballot |
2016-02-24
|
12 | Barry Leiba | IESG state changed to Waiting for AD Go-Ahead::Revised I-D Needed from Waiting for AD Go-Ahead |
2016-02-24
|
12 | Barry Leiba | Changed consensus to Yes from Unknown |
2016-02-24
|
12 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2016-02-23
|
12 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2016-02-23
|
12 | Sabrina Tanamal | (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-httpbis-alt-svc-12.txt. If any part of this review is inaccurate, please let us know. IANA … (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-httpbis-alt-svc-12.txt. If any part of this review is inaccurate, please let us know. IANA understands that, upon approval of this document, there are three actions which IANA needs to complete. First, in the Permanent Message Header Field Names subregistry of the Message Headers registry located at: https://www.iana.org/assignments/message-headers/ two new message header fields will be added as follows: Header Field Name: Alt=Svc Template: Protocol: http Status: standard Reference: [ RFC-to-be ] Header Field Name: Alt-Used Template: Protocol: http Status: standard Reference: [ RFC-to-be ] As this document requests registrations in an Expert Review or Specification Required (see RFC 5226) registry, we will initiate the required Expert Review via a separate request. Expert review will need to be completed before your document can be approved for publication as an RFC. Second, in the HTTP/2 Frame Type subregistry of the Hypertext Transfer Protocol version 2 (HTTP/2) Parameters registry located at: https://www.iana.org/assignments/http2-parameters/ a single, new frame type will be registered as follows: Code: [ TBD-at-Registratio ] Frame Type: ALTSVC Reference: [RFC-to-be, Section 4 ] IANA notes that the draft requests that the value '0xa' be used for the code in this registration. Third, a new top-level registry will be created at the IANA Matrix located at: https://www.iana.org/protocols named the HTTP Alt-Svc Parameter Registry. This new registry is to be maintained through Expert Review as defined in RFC 5226. There are initial registrations in the new registry as follows: +-------------------+----------------------------+ | Alt-Svc Parameter | Reference | +-------------------+----------------------------+ | ma | [ REC-to-be, Section 3.1 ] | | persist | [ REC-to-be, Section 3.1 ] | +-------------------+----------------------------+ IANA understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Specialist ICANN |
2016-02-13
|
12 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Susan Hares |
2016-02-13
|
12 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Susan Hares |
2016-02-11
|
12 | Jean Mahoney | Request for Last Call review by GENART is assigned to Francis Dupont |
2016-02-11
|
12 | Jean Mahoney | Request for Last Call review by GENART is assigned to Francis Dupont |
2016-02-11
|
12 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Chris Lonvick |
2016-02-11
|
12 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Chris Lonvick |
2016-02-10
|
12 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2016-02-10
|
12 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: httpbis-chairs@ietf.org, michael.bishop@microsoft.com, draft-ietf-httpbis-alt-svc@ietf.org, "Mike Bishop" , ietf-http-wg@w3.org, … The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: httpbis-chairs@ietf.org, michael.bishop@microsoft.com, draft-ietf-httpbis-alt-svc@ietf.org, "Mike Bishop" , ietf-http-wg@w3.org, barryleiba@gmail.com Reply-To: ietf@ietf.org Sender: Subject: Last Call: (HTTP Alternative Services) to Proposed Standard The IESG has received a request from the Hypertext Transfer Protocol WG (httpbis) to consider the following document: - 'HTTP Alternative Services' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2016-02-24. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies "Alternative Services" for HTTP, which allow an origin's resources to be authoritatively available at a separate network location, possibly accessed with a different protocol configuration. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-httpbis-alt-svc/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-httpbis-alt-svc/ballot/ No IPR declarations have been submitted directly on this I-D. |
2016-02-10
|
12 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2016-02-10
|
12 | Amy Vezza | Last call announcement was changed |
2016-02-09
|
12 | Barry Leiba | Placed on agenda for telechat - 2016-03-03 |
2016-02-09
|
12 | Barry Leiba | Last call was requested |
2016-02-09
|
12 | Barry Leiba | Last call announcement was generated |
2016-02-09
|
12 | Barry Leiba | Ballot approval text was generated |
2016-02-09
|
12 | Barry Leiba | IESG state changed to Last Call Requested from AD Evaluation::Point Raised - writeup needed |
2016-02-08
|
12 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-12.txt |
2016-02-03
|
11 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-11.txt |
2015-12-31
|
10 | Barry Leiba | IESG state changed to AD Evaluation::Point Raised - writeup needed from AD Evaluation |
2015-12-30
|
10 | Barry Leiba | IESG state changed to AD Evaluation from Publication Requested |
2015-12-30
|
10 | Barry Leiba | Ballot writeup was changed |
2015-12-30
|
10 | Barry Leiba | Ballot writeup was generated |
2015-12-29
|
10 | Mark Nottingham | # Shepherd Writeup for Alt-Svc ## 1. Summary Mike Bishop is the document shepherd; Barry Leiba is the responsible Area Director. This document specifies a … # Shepherd Writeup for Alt-Svc ## 1. Summary Mike Bishop is the document shepherd; Barry Leiba is the responsible Area Director. This document specifies a method to provide clients authoritative access to HTTP origins at a different network location and/or using a different protocol stack. The requested publication type is Proposed Standard. ## 2. Review and Consensus The document started as an individual draft which provided a potential solution to several related problems in the HTTP space, helping clients become aware of multiple network or protocol endpoints for an origin that could serve the same content in different ways. It drew inspiration from an existing proprietary solution, Alternate-Protocol, used by Chromium during SPDY development. There was implementation interest from Mozilla Firefox and Akamai, along with willingness from Google Chrome to migrate from Alternate-Protocol to Alt-Svc. Other implementers were less interested, but as the behavior is fully optional for clients, the consensus was to adopt the document. During the HTTP/2 standardization process, the Alt-Svc document was discussed and worked on in parallel; HTTP/2-specific pieces were originally added to the HTTP/2 specification at the time of adoption, but were moved into this document after HTTP/2's extension story was agreed upon. There has been some interest in defining additional ways to discover Alternative Services, and this document intentionally does not close the door on that. It discusses client behavior when dealing with Alternatives of which it is aware, and defines two possible ways a client can learn about Alternatives. Future drafts may define additional ways, such as DNS. Technical discussions involved a broad section of the working group, with the most focus from a few client and proxy implementers. There has been some back and forth about the right balance between utility and security, but the document now reflects general consensus. This is reflected by a thoroughly-discussed Security Considerations section, which covers ways in which Alt-Svc could be used to track clients or persist attacks, and gives guidance to implementations on ways to minimize the potential impacts. ## 3. Intellectual Property Each author has stated that their direct, personal knowledge of any IPR related to this document has already been disclosed, in conformance with BCPs 78 and 79. No disclosures have been submitted regarding prior work in this space. ## 4. Other Points There are no downward references. The IANA Considerations are clear, and the Expert Reviewers for the existing registries have been actively involved in the draft process. A new registry is also created for parameters modifying properties of Alt-Svc listings. There was some discussion over whether parameters would be mandatory-to-understand (ignoring the entire entry otherwise), or always optional. In the end, parameters were made optional-to-understand in all cases, to avoid exploding the list of alternatives when multiple optional parameters were used. |
2015-12-29
|
10 | Mark Nottingham | Responsible AD changed to Barry Leiba |
2015-12-29
|
10 | Mark Nottingham | IETF WG state changed to Submitted to IESG for Publication from In WG Last Call |
2015-12-29
|
10 | Mark Nottingham | IESG state changed to Publication Requested |
2015-12-29
|
10 | Mark Nottingham | IESG process started in state Publication Requested |
2015-12-29
|
10 | Mark Nottingham | Changed document writeup |
2015-12-20
|
10 | Mark Nottingham | Notification list changed to "Mike Bishop" <michael.bishop@microsoft.com> |
2015-12-20
|
10 | Mark Nottingham | Document shepherd changed to Mike Bishop |
2015-12-14
|
10 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-10.txt |
2015-12-06
|
09 | Mark Nottingham | Document shepherd changed to (None) |
2015-11-18
|
09 | Mark Nottingham | IETF WG state changed to In WG Last Call from WG Document |
2015-11-17
|
09 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-09.txt |
2015-09-20
|
08 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-08.txt |
2015-05-15
|
07 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-07.txt |
2015-02-10
|
06 | Mark Nottingham | Intended Status changed to Proposed Standard from None |
2015-02-05
|
06 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-06.txt |
2014-12-01
|
05 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-05.txt |
2014-10-27
|
04 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-04.txt |
2014-09-30
|
03 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-03.txt |
2014-07-04
|
02 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-02.txt |
2014-04-01
|
01 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-01.txt |
2014-03-28
|
00 | Mark Nottingham | Document shepherd changed to Mark Nottingham |
2014-03-28
|
00 | Julian Reschke | New version available: draft-ietf-httpbis-alt-svc-00.txt |