HTTP L. Pardue Internet-Draft Cloudflare Intended status: Standards Track 13 July 2020 Expires: 14 January 2021 HTTP Alternative Services That Do Not Support Desired Extensions draft-pardue-alt-svc-ext-unsupported-00 Abstract This document describes an error case when an HTTP Alternative Service does not support the extension points of the original connection. It defines an error code that can be used by endpoints to signal the encounter. Discussion Venues This note is to be removed before publishing as an RFC. Discussion of this document takes place on the ALT Working Group mailing list (alt@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/alt/ (https://mailarchive.ietf.org/arch/browse/alt/). Source for this draft and an issue tracker can be found at https://github.com/LPardue/draft-pardue-alt-svc-ext-unsupported (https://github.com/LPardue/draft-pardue-alt-svc-ext-unsupported). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 14 January 2021. Pardue Expires 14 January 2021 [Page 1] Internet-Draft Alt-Svc Extension Unsupported July 2020 Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Conventions and Definitions . . . . . . . . . . . . . . . . . 3 3. Detecting and Signalling . . . . . . . . . . . . . . . . . . 3 4. HTTP/2 Error Code . . . . . . . . . . . . . . . . . . . . . . 4 5. HTTP/3 Error Code . . . . . . . . . . . . . . . . . . . . . . 4 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 8.1. Normative References . . . . . . . . . . . . . . . . . . 4 8.2. Informative References . . . . . . . . . . . . . . . . . 5 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction HTTP/2 ([HTTP2]) and HTTP/3 ([HTTP3]) provide several extension points, only some of which require negotiation before use. For any HTTP connection that is actively using extensions, it is possible that the server might advertise an Alternative Service ([ALT-SVC]) that contains no indication of whether the current extension points are supported by indicated server. A client has to proactively engage with the Alternative in order to determine what extension points it supports, which will often require the client to establish a new transport-layer connection and HTTP handshake. The client might determine that the Alternative does not support the same extensions as the current connection and decide to close the connection. For an extension that is negotiated via SETTINGS frames, the client might be able to detect the lack of extensions early in the lifecycle. For other forms of extension, the problem might not be detectable until later on, for instance when extension frame exchanges fail. Pardue Expires 14 January 2021 [Page 2] Internet-Draft Alt-Svc Extension Unsupported July 2020 The guidance in [ALT-SVC] has lead to clients that are robust to different types of failures. Following a "make-before-break" approach avoids active transfers being interupted by an opportunistic change in connection. As such, testing an Alternative and finding that its extension points are incompatible is unlikely to be a hard failure cases. However, Alt-Svc is the primary method of switching between HTTP/2 and HTTP/3 and there is a possibility that extensions offered in one version of a connection are not provided in another. It is also feasible that support for extension points are not unilaterally deployed across a fleet of servers, whether in the same organization domain or not. A client might encounter problems with the Alternative due to permanent error or transient erro due to synchronization or coordination issues between the origin and the Alternative. Advertising Alternative Services has quite a low barrier and does require up front coordination, meaning it is quite easy for an origin administrator to configure things that are logically invalid. Alternatives can detect problems and take action; [ALT-SVC] defines status 421 Misdirected Request that allows the Alternative to signal such a problem. However, there is are cases where clients will be misdirected to Alternatives that cannot satisfy the extension expectations of the client. A server that detects this issue can either close the connection or degrade into a mode that does not use the extension. This document defines an error code for HTTP/2 and HTTP/3 that can be sent by an endpoint when closing streams or connections due to a failure with extenstion expectations. This clearly disambiguates the failure case from other types, i.e. general protocol error, which can allow the peer to take more specific meaures, such as identifying configuration errors. 2. Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Detecting and Signalling HTTP/2 and HTTP/3 endpoints might use various means to detect that a desired extension is not supported on the connection, no specific measures are prescribed by this document. Pardue Expires 14 January 2021 [Page 3] Internet-Draft Alt-Svc Extension Unsupported July 2020 When an endpoint detects that a desired extension is unsupported it MAY terminate a stream or a connection with the error code EXTENSION_UNSUPPORTED or H3_EXTENSION_UNSUPPORTED. 4. HTTP/2 Error Code EXTENSION_UNSUPPORTED (0xf10): The endpoint detected that its peer wants to use an extension that is not locally supported, or the peer does not support an extension that is desired. 5. HTTP/3 Error Code H3_EXTENSION_UNSUPPORTED (0x1f10): The endpoint detected that its peer wants to use an extension that is not locally supported, or the peer does not support an extension that is desired. 6. Security Considerations None, probably. 7. IANA Considerations This specification registers the following entry in the HTTP/2 Error Code registry established by [HTTP2]: Name: EXTENSION_UNSUPPORTED Code: 0xf10 Description: Extension unsupported Specification: This document This specification registers the following entry in the HTTP/3 Error Code registry established by [HTTP3]: Name: EXTENSION_UNSUPPORTED Code: 0x1f10 Description: Extension unsupported Specification: This document 8. References 8.1. Normative References Pardue Expires 14 January 2021 [Page 4] Internet-Draft Alt-Svc Extension Unsupported July 2020 [HTTP2] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext Transfer Protocol Version 2 (HTTP/2)", RFC 7540, DOI 10.17487/RFC7540, May 2015, . [HTTP3] Bishop, M., "Hypertext Transfer Protocol Version 3 (HTTP/3)", Work in Progress, Internet-Draft, draft-ietf- quic-http-29, 9 June 2020, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 8.2. Informative References [ALT-SVC] Nottingham, M., McManus, P., and J. Reschke, "HTTP Alternative Services", RFC 7838, DOI 10.17487/RFC7838, April 2016, . Acknowledgments Patrick McManus, Mike Bishop and Ryan Hamilton shared some opinions on the error cases of Alt-Svc, in various channels, that have been incorporated into this document. Author's Address Lucas Pardue Cloudflare Email: lucaspardue.24.7@gmail.com Pardue Expires 14 January 2021 [Page 5]