| rfc9209v1.txt | rfc9209.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) M. Nottingham | Internet Engineering Task Force (IETF) M. Nottingham | |||
| Request for Comments: 9209 Fastly | Request for Comments: 9209 Fastly | |||
| Category: Standards Track P. Sikora | Category: Standards Track P. Sikora | |||
| ISSN: 2070-1721 Google | ISSN: 2070-1721 Google | |||
| February 2022 | March 2022 | |||
| The Proxy-Status HTTP Response Header Field | The Proxy-Status HTTP Response Header Field | |||
| Abstract | Abstract | |||
| This document defines the Proxy-Status HTTP field to convey the | This document defines the Proxy-Status HTTP response field to convey | |||
| details of intermediary response handling, including generated | the details of an intermediary's response handling, including | |||
| errors. | generated errors. | |||
| Status of This Memo | Status of This Memo | |||
| This is an Internet Standards Track document. | This is an Internet Standards Track document. | |||
| This document is a product of the Internet Engineering Task Force | This document is a product of the Internet Engineering Task Force | |||
| (IETF). It represents the consensus of the IETF community. It has | (IETF). It represents the consensus of the IETF community. It has | |||
| received public review and has been approved for publication by the | received public review and has been approved for publication by the | |||
| Internet Engineering Steering Group (IESG). Further information on | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 7841. | Internet Standards is available in Section 2 of RFC 7841. | |||
| skipping to change at line 136 ¶ | skipping to change at line 136 ¶ | |||
| these can likewise be extended per Section 2.4. | these can likewise be extended per Section 2.4. | |||
| 1.1. Notational Conventions | 1.1. Notational Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This specification uses Structured Fields [STRUCTURED-FIELDS] to | This document uses the following terminology from Section 3 of | |||
| specify syntax and parsing and uses ABNF [RFC5234] as shorthand for | [STRUCTURED-FIELDS] to specify syntax and parsing: List, String, | |||
| that syntax. The terms sf-list, sf-item, sf-string, sf-token, sf- | Token, Integer, and Byte Sequence. | |||
| integer, and key refer to the structured types defined therein. | ||||
| Note that in this specification, "proxy" is used to indicate both | Note that in this specification, "proxy" is used to indicate both | |||
| forward and reverse proxies, otherwise known as gateways. "Next hop" | forward and reverse proxies, otherwise known as gateways. "Next hop" | |||
| indicates the connection in the direction leading to the origin | indicates the connection in the direction leading to the origin | |||
| server for the request. | server for the request. | |||
| 2. The Proxy-Status HTTP Field | 2. The Proxy-Status HTTP Field | |||
| The Proxy-Status HTTP response field allows an intermediary to convey | The Proxy-Status HTTP response field allows an intermediary to convey | |||
| additional information about its handling of a response and its | additional information about its handling of a response and its | |||
| associated request. The syntax of this header field conforms to | associated request. | |||
| [STRUCTURED-FIELDS]. | ||||
| It is a List ([STRUCTURED-FIELDS], Section 3.1): | ||||
| Proxy-Status = sf-list | ||||
| Each member of the list represents an intermediary that has handled | Its value is a List (see Section 3.1 of [STRUCTURED-FIELDS]). Each | |||
| the response. The first member of the list represents the | member of the List represents an intermediary that has handled the | |||
| intermediary closest to the origin server, and the last member of the | response. The first member represents the intermediary closest to | |||
| list represents the intermediary closest to the user agent. | the origin server, and the last member represents the intermediary | |||
| closest to the user agent. | ||||
| For example: | For example: | |||
| Proxy-Status: revproxy1.example.net, ExampleCDN | Proxy-Status: revproxy1.example.net, ExampleCDN | |||
| indicates that this response was handled first by | indicates that this response was handled first by | |||
| revproxy1.example.net (a reverse proxy adjacent to the origin server) | revproxy1.example.net (a reverse proxy adjacent to the origin server) | |||
| and then ExampleCDN. | and then ExampleCDN. | |||
| Intermediaries determine when it is appropriate to add the Proxy- | Intermediaries determine when it is appropriate to add the Proxy- | |||
| Status field to a response. Some might decide to append it to all | Status field to a response. Some might decide to append it to all | |||
| responses, whereas others might only do so when specifically | responses, whereas others might only do so when specifically | |||
| configured to or when the request contains a header field that | configured to or when the request contains a header field that | |||
| activates a debugging mode. | activates a debugging mode. | |||
| Each member of the list identifies the intermediary that inserted the | Each member of the List identifies the intermediary that inserted the | |||
| value and MUST have a type of either sf-string or sf-token. | value and MUST have a type of either String or Token. Depending on | |||
| Depending on the deployment, this might be a service name (but not a | the deployment, this might be a service name (but not a software or | |||
| software or hardware product name; e.g., "ExampleCDN" is appropriate, | hardware product name; e.g., "ExampleCDN" is appropriate, but | |||
| but "ExampleProxy" is not because it doesn't identify the | "ExampleProxy" is not because it doesn't identify the deployment), a | |||
| deployment), a hostname ("proxy-3.example.com"), an IP address, or a | hostname ("proxy-3.example.com"), an IP address, or a generated | |||
| generated string. | string. | |||
| Parameters on each member (per Section 3.1.2 of [STRUCTURED-FIELDS]) | Parameters of each member (per Section 3.1.2 of [STRUCTURED-FIELDS]) | |||
| convey additional information about that intermediary's handling of | convey additional information about that intermediary's handling of | |||
| the response and its associated request; see Section 2.1. While all | the response and its associated request; see Section 2.1. While all | |||
| of these parameters are OPTIONAL, intermediaries are encouraged to | of these parameters are OPTIONAL, intermediaries are encouraged to | |||
| provide as much information as possible (but see Section 4 for | provide as much information as possible (but see Section 4 for | |||
| security considerations in doing so). | security considerations in doing so). | |||
| When adding a value to the Proxy-Status field, intermediaries SHOULD | When adding a value to the Proxy-Status field, intermediaries SHOULD | |||
| preserve the existing members of the field to allow debugging of the | preserve the existing members of the field to allow debugging of the | |||
| entire chain of intermediaries handling the request unless explicitly | entire chain of intermediaries handling the request unless explicitly | |||
| configured to remove them (e.g., to prevent internal network details | configured to remove them (e.g., to prevent internal network details | |||
| skipping to change at line 238 ¶ | skipping to change at line 233 ¶ | |||
| which would thereby allow a downstream recipient to understand that | which would thereby allow a downstream recipient to understand that | |||
| processing by 'SomeOtherProxy' occurred before 'ThisProxy'. | processing by 'SomeOtherProxy' occurred before 'ThisProxy'. | |||
| A client MAY promote the Proxy-Status trailer field into a header | A client MAY promote the Proxy-Status trailer field into a header | |||
| field by following these steps: | field by following these steps: | |||
| 1. For each member trailer_member of the Proxy-Status trailer field | 1. For each member trailer_member of the Proxy-Status trailer field | |||
| value: | value: | |||
| 1. Let header_member be the first (leftmost) value of the Proxy- | 1. Let header_member be the first (leftmost) value of the Proxy- | |||
| Status header field value, comparing the sf-token or sf- | Status header field value, comparing the String or Token | |||
| string character by character without consideration of | character by character without consideration of parameters. | |||
| parameters. | ||||
| 2. If no matching header_member is found, continue processing | 2. If no matching header_member is found, continue processing | |||
| the next trailer_member. | the next trailer_member. | |||
| 3. Replace header_member with trailer_member in its entirety, | 3. Replace header_member with trailer_member in its entirety, | |||
| including any parameters. | including any parameters. | |||
| 2. Remove the Proxy-Status trailer field if empty. | 2. Remove the Proxy-Status trailer field if empty. | |||
| 2.1. Proxy-Status Parameters | 2.1. Proxy-Status Parameters | |||
| This section lists parameters that can be used on the members of the | This section lists parameters that can be used on the members of the | |||
| Proxy-Status field. Unrecognised parameters MUST be ignored. | Proxy-Status field. Unrecognised parameters MUST be ignored. | |||
| 2.1.1. error | 2.1.1. error | |||
| The error parameter's value is an sf-token that is a Proxy Error | The error parameter's value is a Token that is a proxy error type. | |||
| Type. When present, it indicates that the intermediary encountered | When present, it indicates that the intermediary encountered an issue | |||
| an issue when obtaining this response. | when obtaining this response. | |||
| The presence of some Proxy Error Types indicates that the response | The presence of some proxy error types indicates that the response | |||
| was generated by the intermediary itself, rather than being forwarded | was generated by the intermediary itself, rather than being forwarded | |||
| from the origin server. This is the case when, for example, the | from the origin server. This is the case when, for example, the | |||
| origin server can't be contacted, so the proxy has to create its own | origin server can't be contacted, so the proxy has to create its own | |||
| response. | response. | |||
| Other Proxy Error Types can be added to (potentially partial) | Other proxy error types can be added to (potentially partial) | |||
| responses that were generated by the origin server or some other | responses that were generated by the origin server or some other | |||
| inbound server. For example, if the forward connection abruptly | inbound server. For example, if the forward connection abruptly | |||
| closes, an intermediary might add Proxy-Status with an appropriate | closes, an intermediary might add Proxy-Status with an appropriate | |||
| error as a trailer field. | error as a trailer field. | |||
| Proxy Error Types that are registered with a 'Response only generated | Proxy error types that are registered with a 'Response only generated | |||
| by intermediaries' value of 'true' indicate that they can only occur | by intermediaries' value of 'true' indicate that they can only occur | |||
| in responses generated by the intermediary. If the value is 'false', | in responses generated by the intermediary. If the value is 'false', | |||
| the response might be generated by the intermediary or an inbound | the response might be generated by the intermediary or an inbound | |||
| server. | server. | |||
| Section 2.3 lists the Proxy Error Types defined in this document; new | Section 2.3 lists the proxy error types defined in this document; new | |||
| ones can be defined using the procedure outlined in Section 2.4. | ones can be defined using the procedure outlined in Section 2.4. | |||
| For example: | For example: | |||
| HTTP/1.1 504 Gateway Timeout | HTTP/1.1 504 Gateway Timeout | |||
| Proxy-Status: ExampleCDN; error=connection_timeout | Proxy-Status: ExampleCDN; error=connection_timeout | |||
| indicates that this 504 response was generated by ExampleCDN due to a | indicates that this 504 response was generated by ExampleCDN due to a | |||
| connection timeout when going forward. | connection timeout when going forward. | |||
| Or: | Or: | |||
| HTTP/1.1 429 Too Many Requests | HTTP/1.1 429 Too Many Requests | |||
| Proxy-Status: r34.example.net; error=http_request_error, ExampleCDN | Proxy-Status: r34.example.net; error=http_request_error, ExampleCDN | |||
| indicates that this 429 (Too Many Requests) response was generated by | indicates that this 429 (Too Many Requests) response was generated by | |||
| r34.example.net, not the CDN or the origin. | r34.example.net, not the CDN or the origin. | |||
| When sending the error parameter, the most specific Proxy Error Type | When sending the error parameter, the most specific proxy error type | |||
| SHOULD be sent, provided that it accurately represents the error | SHOULD be sent, provided that it accurately represents the error | |||
| condition. If an appropriate Proxy Error Type is not defined, there | condition. If an appropriate proxy error type is not defined, there | |||
| are a number of generic error types (e.g., proxy_internal_error, | are a number of generic error types (e.g., proxy_internal_error, | |||
| http_protocol_error) that can be used. If they are not suitable, | http_protocol_error) that can be used. If they are not suitable, | |||
| consider registering a new Proxy Error Type (see Section 2.4). | consider registering a new proxy error type (see Section 2.4). | |||
| Each Proxy Error Type has a recommended HTTP status code. When | Each proxy error type has a recommended HTTP status code. When | |||
| generating an HTTP response containing the error, its HTTP status | generating an HTTP response containing the error, its HTTP status | |||
| code SHOULD be set to the recommended HTTP status code. However, | code SHOULD be set to the recommended HTTP status code. However, | |||
| there may be circumstances (e.g., for backwards compatibility with | there may be circumstances (e.g., for backwards compatibility with | |||
| previous behaviours, a status code has already been sent) when | previous behaviours, a status code has already been sent) when | |||
| another status code might be used. | another status code might be used. | |||
| Proxy Error Types can also define any number of extra parameters for | Proxy error types can also define any number of extra parameters for | |||
| use with that type. Their use, like all parameters, is optional. As | use with that type. Their use, like all parameters, is optional. As | |||
| a result, if an extra parameter is used with a Proxy Error Type for | a result, if an extra parameter is used with a proxy error type for | |||
| which it is not defined, it will be ignored. | which it is not defined, it will be ignored. | |||
| 2.1.2. next-hop | 2.1.2. next-hop | |||
| The next-hop parameter's value is an sf-string or sf-token that | The next-hop parameter's value is a String or Token that identifies | |||
| identifies the intermediary or origin server selected (and used, if | the intermediary or origin server selected (and used, if contacted) | |||
| contacted) to obtain this response. It might be a hostname, IP | to obtain this response. It might be a hostname, IP address, or | |||
| address, or alias. | alias. | |||
| For example: | For example: | |||
| Proxy-Status: cdn.example.org; next-hop=backend.example.org:8001 | Proxy-Status: cdn.example.org; next-hop=backend.example.org:8001 | |||
| indicates that cdn.example.org used backend.example.org:8001 as the | indicates that cdn.example.org used backend.example.org:8001 as the | |||
| next hop for this request. | next hop for this request. | |||
| 2.1.3. next-protocol | 2.1.3. next-protocol | |||
| The next-protocol parameter's value indicates the Application-Layer | The next-protocol parameter's value indicates the Application-Layer | |||
| Protocol Negotiation (ALPN) protocol identifier [RFC7301] of the | Protocol Negotiation (ALPN) protocol identifier [RFC7301] of the | |||
| protocol used by the intermediary to connect to the next hop when | protocol used by the intermediary to connect to the next hop when | |||
| obtaining this response. | obtaining this response. | |||
| The value MUST be either an sf-token or sf-binary, representing a TLS | The value MUST be either a Token or Byte Sequence representing a TLS | |||
| ALPN Protocol ID (see <https://www.iana.org/assignments/tls- | ALPN Protocol ID (see <https://www.iana.org/assignments/tls- | |||
| extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol- | extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol- | |||
| ids>). If the protocol identifier is able to be expressed as an sf- | ids>). If the protocol identifier is able to be expressed as a Token | |||
| token using ASCII encoding, that form MUST be used. | using ASCII encoding, that form MUST be used. | |||
| For example: | For example: | |||
| Proxy-Status: "proxy.example.org"; next-protocol=h2 | Proxy-Status: "proxy.example.org"; next-protocol=h2 | |||
| Note that the ALPN identifier is being used here to identify the | Note that the ALPN identifier is being used here to identify the | |||
| protocol in use; it may or may not have been actually used in the | protocol in use; it may or may not have been actually used in the | |||
| protocol negotiation. | protocol negotiation. | |||
| 2.1.4. received-status | 2.1.4. received-status | |||
| The received-status parameter's value indicates the HTTP status code | The received-status parameter's value indicates the HTTP status code | |||
| that the intermediary received from the next-hop server when | that the intermediary received from the next-hop server when | |||
| obtaining this response. | obtaining this response. | |||
| The value MUST be an sf-integer. | The value MUST be an Integer. | |||
| For example: | For example: | |||
| Proxy-Status: ExampleCDN; received-status=200 | Proxy-Status: ExampleCDN; received-status=200 | |||
| 2.1.5. details | 2.1.5. details | |||
| The details parameter's value is an sf-string containing additional | The details parameter's value is a String containing additional | |||
| information not captured anywhere else. This can include | information not captured anywhere else. This can include | |||
| implementation-specific or deployment-specific information. | implementation-specific or deployment-specific information. | |||
| For example: | For example: | |||
| Proxy-Status: proxy.example.net; error="http_protocol_error"; | Proxy-Status: proxy.example.net; error="http_protocol_error"; | |||
| details="Malformed response header: space before colon" | details="Malformed response header: space before colon" | |||
| 2.2. Defining New Proxy-Status Parameters | 2.2. Defining New Proxy-Status Parameters | |||
| New Proxy-Status Parameters can be defined by registering them in the | New Proxy-Status parameters can be defined by registering them in the | |||
| "HTTP Proxy-Status Parameters" registry. | "HTTP Proxy-Status Parameters" registry. | |||
| Registration requests are reviewed and approved by Expert Review, per | Registration requests are reviewed and approved by Expert Review, per | |||
| [RFC8126], Section 4.5. A specification document is appreciated but | [RFC8126], Section 4.5. A specification document is appreciated but | |||
| not required. | not required. | |||
| The expert(s) should consider the following factors when evaluating | The expert(s) should consider the following factors when evaluating | |||
| requests: | requests: | |||
| * Community feedback | * Community feedback | |||
| skipping to change at line 402 ¶ | skipping to change at line 396 ¶ | |||
| application-specific, or deployment-specific values. If a generic | application-specific, or deployment-specific values. If a generic | |||
| value cannot be agreed upon in the community, the parameter's name | value cannot be agreed upon in the community, the parameter's name | |||
| should be correspondingly specific (e.g., with a prefix that | should be correspondingly specific (e.g., with a prefix that | |||
| identifies the vendor, application, or deployment). | identifies the vendor, application, or deployment). | |||
| * Parameter names should not conflict with registered extra | * Parameter names should not conflict with registered extra | |||
| parameters in the "HTTP Proxy Error Types" registry. | parameters in the "HTTP Proxy Error Types" registry. | |||
| Registration requests should use the following template: | Registration requests should use the following template: | |||
| Name: [a name for the Proxy-Status Parameter that matches key] | Name: [a name for the Proxy-Status parameter that matches key] | |||
| Description: [a description of the parameter semantics and value] | Description: [a description of the parameter semantics and value] | |||
| Reference: [to a specification defining this parameter; optional] | Reference: [to a specification defining this parameter; optional] | |||
| See the registry at <https://iana.org/assignments/http-proxy-status> | See the registry at <https://www.iana.org/assignments/http-proxy- | |||
| for details on where to send registration requests. | status> for details on where to send registration requests. | |||
| 2.3. Proxy Error Types | 2.3. Proxy Error Types | |||
| This section lists the Proxy Error Types defined by this document. | This section lists the proxy error types defined by this document. | |||
| See Section 2.4 for information about defining new Proxy Error Types. | See Section 2.4 for information about defining new proxy error types. | |||
| Note that implementations might not produce all Proxy Error Types. | Note that implementations might not produce all proxy error types. | |||
| The set of types below is designed to map to existing states in | The set of types below is designed to map to existing states in | |||
| implementations and therefore may not be applicable to some. | implementations and therefore may not be applicable to some. | |||
| 2.3.1. DNS Timeout | 2.3.1. DNS Timeout | |||
| Name: dns_timeout | Name: dns_timeout | |||
| Description: The intermediary encountered a timeout when trying to | Description: The intermediary encountered a timeout when trying to | |||
| find an IP address for the next-hop hostname. | find an IP address for the next-hop hostname. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 504 | Recommended HTTP Status Code: 504 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.2. DNS Error | 2.3.2. DNS Error | |||
| Name: dns_error | Name: dns_error | |||
| Description: The intermediary encountered a DNS error when trying to | Description: The intermediary encountered a DNS error when trying to | |||
| find an IP address for the next-hop hostname. | find an IP address for the next-hop hostname. | |||
| Extra Parameters: | Extra Parameters: | |||
| rcode: An sf-string conveying the DNS RCODE that indicates the | rcode: A String conveying the DNS RCODE that indicates the error | |||
| error type. See [RFC8499], Section 3. | type. See [RFC8499], Section 3. | |||
| info-code: An sf-integer conveying the Extended DNS Error Code | info-code: An Integer conveying the Extended DNS Error Code INFO- | |||
| INFO-CODE. See [RFC8914]. | CODE. See [RFC8914]. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.3. Destination Not Found | 2.3.3. Destination Not Found | |||
| Name: destination_not_found | Name: destination_not_found | |||
| Description: The intermediary cannot determine the appropriate next | Description: The intermediary cannot determine the appropriate next | |||
| hop to use for this request; for example, it may not be | hop to use for this request; for example, it may not be | |||
| configured. Note that this error is specific to gateways, which | configured. Note that this error is specific to gateways, which | |||
| typically require specific configuration to identify the "backend" | typically require specific configuration to identify the "backend" | |||
| server; forward proxies use in-band information to identify the | server; forward proxies use in-band information to identify the | |||
| origin server. | origin server. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 500 | Recommended HTTP Status Code: 500 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.4. Destination Unavailable | 2.3.4. Destination Unavailable | |||
| Name: destination_unavailable | Name: destination_unavailable | |||
| Description: The intermediary considers the next hop to be | Description: The intermediary considers the next hop to be | |||
| unavailable; e.g., recent attempts to communicate with it may have | unavailable; e.g., recent attempts to communicate with it may have | |||
| failed, or a health check may indicate that it is down. | failed, or a health check may indicate that it is down. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 503 | Recommended HTTP Status Code: 503 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.5. Destination IP Prohibited | 2.3.5. Destination IP Prohibited | |||
| Name: destination_ip_prohibited | Name: destination_ip_prohibited | |||
| Description: The intermediary is configured to prohibit connections | Description: The intermediary is configured to prohibit connections | |||
| to the next-hop IP address. | to the next-hop IP address. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.6. Destination IP Unroutable | 2.3.6. Destination IP Unroutable | |||
| Name: destination_ip_unroutable | Name: destination_ip_unroutable | |||
| Description: The intermediary cannot find a route to the next-hop IP | Description: The intermediary cannot find a route to the next-hop IP | |||
| address. | address. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.7. Connection Refused | 2.3.7. Connection Refused | |||
| Name: connection_refused | Name: connection_refused | |||
| Description: The intermediary's connection to the next hop was | Description: The intermediary's connection to the next hop was | |||
| refused. | refused. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.8. Connection Terminated | 2.3.8. Connection Terminated | |||
| Name: connection_terminated | Name: connection_terminated | |||
| Description: The intermediary's connection to the next hop was | Description: The intermediary's connection to the next hop was | |||
| closed before a complete response was received. | closed before a complete response was received. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.9. Connection Timeout | 2.3.9. Connection Timeout | |||
| Name: connection_timeout | Name: connection_timeout | |||
| Description: The intermediary's attempt to open a connection to the | Description: The intermediary's attempt to open a connection to the | |||
| next hop timed out. | next hop timed out. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 504 | Recommended HTTP Status Code: 504 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.10. Connection Read Timeout | 2.3.10. Connection Read Timeout | |||
| Name: connection_read_timeout | Name: connection_read_timeout | |||
| Description: The intermediary was expecting data on a connection | Description: The intermediary was expecting data on a connection | |||
| (e.g., part of a response) but did not receive any new data in a | (e.g., part of a response) but did not receive any new data in a | |||
| configured time limit. | configured time limit. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 504 | Recommended HTTP Status Code: 504 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.11. Connection Write Timeout | 2.3.11. Connection Write Timeout | |||
| Name: connection_write_timeout | Name: connection_write_timeout | |||
| Description: The intermediary was attempting to write data to a | Description: The intermediary was attempting to write data to a | |||
| connection but was not able to (e.g., because its buffers were | connection but was not able to (e.g., because its buffers were | |||
| full). | full). | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 504 | Recommended HTTP Status Code: 504 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.12. Connection Limit Reached | 2.3.12. Connection Limit Reached | |||
| Name: connection_limit_reached | Name: connection_limit_reached | |||
| Description: The intermediary is configured to limit the number of | Description: The intermediary is configured to limit the number of | |||
| connections it has to the next hop, and that limit has been | connections it has to the next hop, and that limit has been | |||
| passed. | exceeded. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 503 | Recommended HTTP Status Code: 503 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.13. TLS Protocol Error | 2.3.13. TLS Protocol Error | |||
| Name: tls_protocol_error | Name: tls_protocol_error | |||
| Description: The intermediary encountered a TLS error when | Description: The intermediary encountered a TLS error when | |||
| communicating with the next hop, either during the handshake or | communicating with the next hop, either during the handshake or | |||
| afterwards. | afterwards. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| Notes: Not appropriate when a TLS alert is received; see | Notes: Not appropriate when a TLS alert is received; see | |||
| tls_alert_received. | tls_alert_received. | |||
| 2.3.14. TLS Certificate Error | 2.3.14. TLS Certificate Error | |||
| Name: tls_certificate_error | Name: tls_certificate_error | |||
| Description: The intermediary encountered an error when verifying | Description: The intermediary encountered an error when verifying | |||
| the certificate presented by the next hop. | the certificate presented by the next hop. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.15. TLS Alert Received | 2.3.15. TLS Alert Received | |||
| Name: tls_alert_received | Name: tls_alert_received | |||
| Description: The intermediary received a TLS alert from the next | Description: The intermediary received a TLS alert from the next | |||
| hop. | hop. | |||
| Extra Parameters: | Extra Parameters: | |||
| alert-id: An sf-integer containing the applicable value from the | alert-id: An Integer containing the applicable value from the | |||
| "TLS Alerts" registry. See [RFC8446]. | "TLS Alerts" registry. See [RFC8446]. | |||
| alert-message: An sf-token or sf-string containing the applicable | alert-message: A Token or String containing the applicable | |||
| description string from the "TLS Alerts" registry. See | description string from the "TLS Alerts" registry. See | |||
| [RFC8446]. | [RFC8446]. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.16. HTTP Request Error | 2.3.16. HTTP Request Error | |||
| Name: http_request_error | Name: http_request_error | |||
| Description: The intermediary is generating a client (4xx) response | Description: The intermediary is generating a client (4xx) response | |||
| on the origin's behalf. Applicable status codes include (but are | on the origin's behalf. Applicable status codes include (but are | |||
| not limited to) 400, 403, 405, 406, 408, 411, 413, 414, 415, 416, | not limited to) 400, 403, 405, 406, 408, 411, 413, 414, 415, 416, | |||
| 417, and 429. | 417, and 429. | |||
| Extra Parameters: | Extra Parameters: | |||
| status-code: An sf-integer containing the generated status code. | status-code: An Integer containing the generated status code. | |||
| status-phrase: An sf-string containing the generated status | status-phrase: A String containing the generated status phrase. | |||
| phrase. | ||||
| Recommended HTTP status code: The applicable 4xx status code | Recommended HTTP Status Code: The applicable 4xx status code | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| Notes: This type helps distinguish between responses generated by | Notes: This type helps distinguish between responses generated by | |||
| intermediaries from those generated by the origin. | intermediaries from those generated by the origin. | |||
| 2.3.17. HTTP Request Denied | 2.3.17. HTTP Request Denied | |||
| Name: http_request_denied | Name: http_request_denied | |||
| Description: The intermediary rejected the HTTP request based on its | Description: The intermediary rejected the HTTP request based on its | |||
| configuration and/or policy settings. The request wasn't | configuration and/or policy settings. The request wasn't | |||
| forwarded to the next hop. | forwarded to the next hop. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 403 | Recommended HTTP Status Code: 403 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.18. HTTP Incomplete Response | 2.3.18. HTTP Incomplete Response | |||
| Name: http_response_incomplete | Name: http_response_incomplete | |||
| Description: The intermediary received an incomplete response to the | Description: The intermediary received an incomplete response to the | |||
| request from the next hop. | request from the next hop. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.19. HTTP Response Header Section Too Large | 2.3.19. HTTP Response Header Section Too Large | |||
| Name: http_response_header_section_size | Name: http_response_header_section_size | |||
| Description: The intermediary received a response to the request | Description: The intermediary received a response to the request | |||
| whose header section was considered too large. | whose header section was considered too large. | |||
| Extra Parameters: | Extra Parameters: | |||
| header-section-size: An sf-integer indicating how large the | header-section-size: An Integer indicating how large the received | |||
| received headers were. Note that they might not be complete; | headers were. Note that they might not be complete; i.e., the | |||
| i.e., the intermediary may have discarded or refused additional | intermediary may have discarded or refused additional data. | |||
| data. | ||||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.20. HTTP Response Header Field Line Too Large | 2.3.20. HTTP Response Header Field Line Too Large | |||
| Name: http_response_header_size | Name: http_response_header_size | |||
| Description: The intermediary received a response to the request | Description: The intermediary received a response to the request | |||
| containing an individual header field line that was considered too | containing an individual header field line that was considered too | |||
| large. | large. | |||
| Extra Parameters: | Extra Parameters: | |||
| header-name: An sf-string indicating the name of the header field | header-name: A String indicating the name of the header field | |||
| that triggered the error. | that triggered the error. | |||
| header-size: An sf-integer indicating the size of the header | header-size: An Integer indicating the size of the header field | |||
| field that triggered the error. | that triggered the error. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.21. HTTP Response Body Too Large | 2.3.21. HTTP Response Body Too Large | |||
| Name: http_response_body_size | Name: http_response_body_size | |||
| Description: The intermediary received a response to the request | Description: The intermediary received a response to the request | |||
| whose body was considered too large. | whose body was considered too large. | |||
| Extra Parameters: | Extra Parameters: | |||
| body-size: An sf-integer indicating how large the received body | body-size: An Integer indicating how large the received body was. | |||
| was. Note that it may not have been complete; i.e., the | Note that it may not have been complete; i.e., the intermediary | |||
| intermediary may have discarded or refused additional data. | may have discarded or refused additional data. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.22. HTTP Response Trailer Section Too Large | 2.3.22. HTTP Response Trailer Section Too Large | |||
| Name: http_response_trailer_section_size | Name: http_response_trailer_section_size | |||
| Description: The intermediary received a response to the request | Description: The intermediary received a response to the request | |||
| whose trailer section was considered too large. | whose trailer section was considered too large. | |||
| Extra Parameters: | Extra Parameters: | |||
| trailer-section-size: An sf-integer indicating how large the | trailer-section-size: An Integer indicating how large the | |||
| received trailers were. Note that they might not be complete; | received trailers were. Note that they might not be complete; | |||
| i.e., the intermediary may have discarded or refused additional | i.e., the intermediary may have discarded or refused additional | |||
| data. | data. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.23. HTTP Response Trailer Field Line Too Large | 2.3.23. HTTP Response Trailer Field Line Too Large | |||
| Name: http_response_trailer_size | Name: http_response_trailer_size | |||
| Description: The intermediary received a response to the request | Description: The intermediary received a response to the request | |||
| containing an individual trailer field line that was considered | containing an individual trailer field line that was considered | |||
| too large. | too large. | |||
| Extra Parameters: | Extra Parameters: | |||
| trailer-name: An sf-string indicating the name of the trailer | trailer-name: A String indicating the name of the trailer field | |||
| field that triggered the error. | that triggered the error. | |||
| trailer-size: An sf-integer indicating the size of the trailer | trailer-size: An Integer indicating the size of the trailer field | |||
| field that triggered the error. | that triggered the error. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.24. HTTP Response Transfer-Coding Error | 2.3.24. HTTP Response Transfer-Coding Error | |||
| Name: http_response_transfer_coding | Name: http_response_transfer_coding | |||
| Description: The intermediary encountered an error decoding the | Description: The intermediary encountered an error decoding the | |||
| transfer coding of the response. | transfer coding of the response. | |||
| Extra Parameters: | Extra Parameters: | |||
| coding: An sf-token containing the specific coding (from the | coding: A Token containing the specific coding (from the "HTTP | |||
| "HTTP Transfer Coding Registry") that caused the error. | Transfer Coding Registry") that caused the error. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.25. HTTP Response Content-Coding Error | 2.3.25. HTTP Response Content-Coding Error | |||
| Name: http_response_content_coding | Name: http_response_content_coding | |||
| Description: The intermediary encountered an error decoding the | Description: The intermediary encountered an error decoding the | |||
| content coding of the response. | content coding of the response. | |||
| Extra Parameters: | Extra Parameters: | |||
| coding: An sf-token containing the specific coding (from the | coding: A Token containing the specific coding (from the "HTTP | |||
| "HTTP Content Coding Registry") that caused the error. | Content Coding Registry") that caused the error. | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.26. HTTP Response Timeout | 2.3.26. HTTP Response Timeout | |||
| Name: http_response_timeout | Name: http_response_timeout | |||
| Description: The intermediary reached a configured time limit | Description: The intermediary reached a configured time limit | |||
| waiting for the complete response. | waiting for the complete response. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 504 | Recommended HTTP Status Code: 504 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.27. HTTP Upgrade Failed | 2.3.27. HTTP Upgrade Failed | |||
| Name: http_upgrade_failed | Name: http_upgrade_failed | |||
| Description: The HTTP Upgrade between the intermediary and the next | Description: The process of negotiating an upgrade of the HTTP | |||
| hop failed. | version between the intermediary and the next hop failed. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.28. HTTP Protocol Error | 2.3.28. HTTP Protocol Error | |||
| Name: http_protocol_error | Name: http_protocol_error | |||
| Description: The intermediary encountered an HTTP protocol error | Description: The intermediary encountered an HTTP protocol error | |||
| when communicating with the next hop. This error should only be | when communicating with the next hop. This error should only be | |||
| used when a more specific one is not defined. | used when a more specific one is not defined. | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: false | Response Only Generated by Intermediaries: false | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.29. Proxy Internal Response | 2.3.29. Proxy Internal Response | |||
| Name: proxy_internal_response | Name: proxy_internal_response | |||
| Description: The intermediary generated the response locally without | Description: The intermediary generated the response itself without | |||
| attempting to connect to the next hop (e.g., in response to a | attempting to connect to the next hop. | |||
| request to a debug endpoint terminated at the intermediary). | ||||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: The most appropriate status code for | Recommended HTTP Status Code: The most appropriate status code for | |||
| the response | the response | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.30. Proxy Internal Error | 2.3.30. Proxy Internal Error | |||
| Name: proxy_internal_error | Name: proxy_internal_error | |||
| Description: The intermediary encountered an internal error | Description: The intermediary encountered an internal error | |||
| unrelated to the origin. | unrelated to the origin. | |||
| Extra Parameters: None | Extra Parameters: None | |||
| Recommended HTTP status code: 500 | Recommended HTTP Status Code: 500 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.31. Proxy Configuration Error | 2.3.31. Proxy Configuration Error | |||
| Name: proxy_configuration_error | Name: proxy_configuration_error | |||
| Description: The intermediary encountered an error regarding its | Description: The intermediary encountered an error regarding its | |||
| configuration. | configuration. | |||
| Extra Parameters: None | Extra Parameters: None | |||
| Recommended HTTP status code: 500 | Recommended HTTP Status Code: 500 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.3.32. Proxy Loop Detected | 2.3.32. Proxy Loop Detected | |||
| Name: proxy_loop_detected | Name: proxy_loop_detected | |||
| Description: The intermediary tried to forward the request to | Description: The intermediary tried to forward the request to | |||
| itself, or a loop has been detected using different means (e.g., | itself, or a loop has been detected using different means (e.g., | |||
| [RFC8586]). | [RFC8586]). | |||
| Extra Parameters: None. | Extra Parameters: None | |||
| Recommended HTTP status code: 502 | Recommended HTTP Status Code: 502 | |||
| Response only generated by intermediaries: true | Response Only Generated by Intermediaries: true | |||
| Reference: RFC 9209 | Reference: RFC 9209 | |||
| 2.4. Defining New Proxy Error Types | 2.4. Defining New Proxy Error Types | |||
| New Proxy Error Types can be defined by registering them in the "HTTP | New proxy error types can be defined by registering them in the "HTTP | |||
| Proxy Error Types" registry. | Proxy Error Types" registry. | |||
| Registration requests are reviewed and approved by Expert Review, per | Registration requests are reviewed and approved by Expert Review, per | |||
| [RFC8126], Section 4.5. A specification document is appreciated but | [RFC8126], Section 4.5. A specification document is appreciated but | |||
| not required. | not required. | |||
| The expert(s) should consider the following factors when evaluating | The expert(s) should consider the following factors when evaluating | |||
| requests: | requests: | |||
| * Community feedback | * Community feedback | |||
| * If the value is sufficiently well-defined | * If the value is sufficiently well-defined | |||
| * Generic types are preferred over vendor-specific, application- | * Generic types are preferred over vendor-specific, application- | |||
| specific, or deployment-specific values. If a generic value | specific, or deployment-specific values. If a generic value | |||
| cannot be agreed upon in the community, the type's name should be | cannot be agreed upon in the community, the type's name should be | |||
| correspondingly specific (e.g., with a prefix that identifies the | correspondingly specific (e.g., with a prefix that identifies the | |||
| vendor, application, or deployment). | vendor, application, or deployment). | |||
| * Extra Parameters should not conflict with registered Proxy-Status | * Extra parameters should not conflict with registered Proxy-Status | |||
| parameters. | parameters. | |||
| Registration requests should use the following template: | Registration requests should use the following template: | |||
| Name: [a name for the Proxy Error Type that matches sf-token] | Name: [a name for the proxy error type that is of type Token] | |||
| Description: [a description of the conditions that generate the | Description: [a description of the conditions that generate the | |||
| Proxy Error Type] | proxy error type] | |||
| Extra Parameters: [zero or more optional parameters, along with | Extra Parameters: [zero or more optional parameters, along with | |||
| their allowable type(s)] | their allowable Structured Type(s)] | |||
| Recommended HTTP status code: [the appropriate HTTP status code for | Recommended HTTP Status Code: [the appropriate HTTP status code for | |||
| this entry] | this entry] | |||
| Response only generated by intermediaries: ['true' or 'false'] | Response Only Generated by Intermediaries: ['true' or 'false'] | |||
| Reference: [to a specification defining this error type; optional] | Reference: [to a specification defining this error type; optional] | |||
| Notes: [optional] | Notes: [optional] | |||
| If the Proxy Error Type might occur in responses that are not | If the proxy error type might occur in responses that are not | |||
| generated by the intermediary -- for example, when an error is | generated by the intermediary -- for example, when an error is | |||
| detected as the response is streamed from a forward connection, | detected as the response is streamed from a forward connection, | |||
| causing a Proxy-Status trailer field to be appended -- the 'Response | causing a Proxy-Status trailer field to be appended -- the 'Response | |||
| only generated by intermediaries' should be 'false'. If the Proxy | only generated by intermediaries' should be 'false'. If the proxy | |||
| Error Type only occurs in responses that are generated by the | error type only occurs in responses that are generated by the | |||
| intermediary, it should be 'true'. | intermediary, it should be 'true'. | |||
| See the registry at <https://iana.org/assignments/http-proxy-status> | See the registry at <https://www.iana.org/assignments/http-proxy- | |||
| for details on where to send registration requests. | status> for details on where to send registration requests. | |||
| 3. IANA Considerations | 3. IANA Considerations | |||
| IANA has created the "HTTP Proxy-Status Parameters" registry and the | IANA has created the "HTTP Proxy-Status Parameters" registry and the | |||
| "HTTP Proxy Error Types" registry at <https://iana.org/assignments/ | "HTTP Proxy Error Types" registry at | |||
| http-proxy-status> and has populated them with the types defined in | <https://www.iana.org/assignments/http-proxy-status> and has | |||
| Sections 2.1 and 2.3, respectively; see Sections 2.2 and 2.4 for | populated them with the types defined in Sections 2.1 and 2.3 | |||
| their associated procedures. | respectively; see Sections 2.2 and 2.4 for their associated | |||
| procedures. | ||||
| Additionally, the following entry has been added to the "Hypertext | Additionally, the following entry has been added to the "Hypertext | |||
| Transfer Protocol (HTTP) Field Name Registry": | Transfer Protocol (HTTP) Field Name Registry": | |||
| Field name: Proxy-Status | Field name: Proxy-Status | |||
| Status: permanent | Status: permanent | |||
| Specification document(s): RFC 9209 | Specification document(s): RFC 9209 | |||
| Comments: | Comments: | |||
| 4. Security Considerations | 4. Security Considerations | |||
| skipping to change at line 1072 ¶ | skipping to change at line 1064 ¶ | |||
| generation of the field itself. Also, the field's content is not | generation of the field itself. Also, the field's content is not | |||
| verified; an intermediary can claim certain actions (e.g., sending a | verified; an intermediary can claim certain actions (e.g., sending a | |||
| request over an encrypted channel) but fail to actually do that. | request over an encrypted channel) but fail to actually do that. | |||
| 5. References | 5. References | |||
| 5.1. Normative References | 5.1. Normative References | |||
| [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
| Ed., "HTTP Semantics", RFC 9110, DOI 10.17487/RFC9110, | Ed., "HTTP Semantics", RFC 9110, DOI 10.17487/RFC9110, | |||
| February 2022, <https://www.rfc-editor.org/info/rfc9110>. | March 2022, <https://www.rfc-editor.org/info/rfc9110>. | |||
| [STRUCTURED-FIELDS] | ||||
| Nottingham, M. and P-H. Kamp, "Structured Field Values for | ||||
| HTTP", RFC 8941, DOI 10.17487/RFC8941, February 2021, | ||||
| <https://www.rfc-editor.org/info/rfc8941>. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | ||||
| "Transport Layer Security (TLS) Application-Layer Protocol | ||||
| Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | ||||
| July 2014, <https://www.rfc-editor.org/info/rfc7301>. | ||||
| [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | |||
| Writing an IANA Considerations Section in RFCs", BCP 26, | Writing an IANA Considerations Section in RFCs", BCP 26, | |||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | RFC 8126, DOI 10.17487/RFC8126, June 2017, | |||
| <https://www.rfc-editor.org/info/rfc8126>. | <https://www.rfc-editor.org/info/rfc8126>. | |||
| [RFC8499] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | ||||
| Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, | ||||
| January 2019, <https://www.rfc-editor.org/info/rfc8499>. | ||||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| "Transport Layer Security (TLS) Application-Layer Protocol | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
| Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | <https://www.rfc-editor.org/info/rfc8446>. | |||
| July 2014, <https://www.rfc-editor.org/info/rfc7301>. | ||||
| [RFC8499] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | ||||
| Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, | ||||
| January 2019, <https://www.rfc-editor.org/info/rfc8499>. | ||||
| [RFC8914] Kumari, W., Hunt, E., Arends, R., Hardaker, W., and D. | [RFC8914] Kumari, W., Hunt, E., Arends, R., Hardaker, W., and D. | |||
| Lawrence, "Extended DNS Errors", RFC 8914, | Lawrence, "Extended DNS Errors", RFC 8914, | |||
| DOI 10.17487/RFC8914, October 2020, | DOI 10.17487/RFC8914, October 2020, | |||
| <https://www.rfc-editor.org/info/rfc8914>. | <https://www.rfc-editor.org/info/rfc8914>. | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [STRUCTURED-FIELDS] | |||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Nottingham, M. and P-H. Kamp, "Structured Field Values for | |||
| <https://www.rfc-editor.org/info/rfc8446>. | HTTP", RFC 8941, DOI 10.17487/RFC8941, March 2021, | |||
| <https://www.rfc-editor.org/info/rfc8941>. | ||||
| 5.2. Informative References | 5.2. Informative References | |||
| [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax | ||||
| Specifications: ABNF", STD 68, RFC 5234, | ||||
| DOI 10.17487/RFC5234, January 2008, | ||||
| <https://www.rfc-editor.org/info/rfc5234>. | ||||
| [RFC8586] Ludin, S., Nottingham, M., and N. Sullivan, "Loop | [RFC8586] Ludin, S., Nottingham, M., and N. Sullivan, "Loop | |||
| Detection in Content Delivery Networks (CDNs)", RFC 8586, | Detection in Content Delivery Networks (CDNs)", RFC 8586, | |||
| DOI 10.17487/RFC8586, April 2019, | DOI 10.17487/RFC8586, April 2019, | |||
| <https://www.rfc-editor.org/info/rfc8586>. | <https://www.rfc-editor.org/info/rfc8586>. | |||
| Authors' Addresses | Authors' Addresses | |||
| Mark Nottingham | Mark Nottingham | |||
| Fastly | Fastly | |||
| Prahran | Prahran | |||
| End of changes. 148 change blocks. | ||||
| 214 lines changed or deleted | 201 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||