HTTP K. Oku Internet-Draft Fastly Intended status: Standards Track L. Pardue Expires: May 8, 2020 Cloudflare November 05, 2019 Extensible Prioritization Scheme for HTTP draft-kazuho-httpbis-priority-03 Abstract This document describes a scheme for prioritizing HTTP responses. This scheme expresses the priority of each HTTP response using absolute values, rather than as a relative relationship between a group of HTTP responses. This document defines the Priority header field for communicating the initial priority in an HTTP version-independent manner, as well as HTTP/2 and HTTP/3 frames for reprioritizing the responses. These share a common format structure that is designed to provide future extensibility. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 8, 2020. Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of Oku & Pardue Expires May 8, 2020 [Page 1] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 2. Motivation for Replacing HTTP/2 Priorities . . . . . . . . . 4 3. Negotiating Priorities . . . . . . . . . . . . . . . . . . . 5 3.1. The SETTINGS_PRIORITIES SETTINGS Parameter . . . . . . . 5 3.2. Defined Prioritization Scheme Values . . . . . . . . . . 6 3.2.1. H2_TREE . . . . . . . . . . . . . . . . . . . . . . . 6 3.2.2. URGENCY . . . . . . . . . . . . . . . . . . . . . . . 7 4. The Priority HTTP Header Field . . . . . . . . . . . . . . . 7 4.1. urgency . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.1.1. prerequisite . . . . . . . . . . . . . . . . . . . . 8 4.1.2. default . . . . . . . . . . . . . . . . . . . . . . . 8 4.1.3. supplementary . . . . . . . . . . . . . . . . . . . . 8 4.1.4. background . . . . . . . . . . . . . . . . . . . . . 9 4.2. progressive . . . . . . . . . . . . . . . . . . . . . . . 9 5. Reprioritization . . . . . . . . . . . . . . . . . . . . . . 10 5.1. HTTP/2 PRIORITY_UPDATE Frame . . . . . . . . . . . . . . 11 5.2. HTTP/3 PRIORITY_UPDATE Frame . . . . . . . . . . . . . . 11 6. Merging Client- and Server-Driven Parameters . . . . . . . . 12 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 7.1. Fairness and Coalescing Intermediaries . . . . . . . . . 13 8. Considerations . . . . . . . . . . . . . . . . . . . . . . . 14 8.1. Why use an End-to-End Header Field? . . . . . . . . . . . 14 8.2. Why do Urgencies Have Meanings? . . . . . . . . . . . . . 14 8.3. Can an Intermediary Send its own Signal? . . . . . . . . 15 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 9.1. HTTP Prioritization Scheme Registry . . . . . . . . . . . 16 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 10.1. Normative References . . . . . . . . . . . . . . . . . . 17 10.2. Informative References . . . . . . . . . . . . . . . . . 18 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 18 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 19 B.1. Since draft-kazuho-httpbis-priority-02 . . . . . . . . . 19 B.2. Since draft-kazuho-httpbis-priority-01 . . . . . . . . . 19 B.3. Since draft-kazuho-httpbis-priority-00 . . . . . . . . . 19 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 Oku & Pardue Expires May 8, 2020 [Page 2] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 1. Introduction It is common for an HTTP ([RFC7230]) resource representation to have relationships to one or more other resources. Clients will often discover these relationships while processing a retrieved representation, leading to further retrieval requests. Meanwhile, the nature of the relationship determines whether the client is blocked from continuing to process locally available resources. For example, visual rendering of an HTML document could be blocked by the retrieval of a CSS file that the document refers to. In contrast, inline images do not block rendering and get drawn progressively as the chunks of the images arrive. To provide meaningful representation of a document at the earliest moment, it is important for an HTTP server to prioritize the HTTP responses, or the chunks of those HTTP responses, that it sends. HTTP/2 ([RFC7540]) provides such a prioritization scheme. A client sends a series of PRIORITY frames to communicate to the server a "priority tree"; this represents the client's preferred ordering and weighted distribution of the bandwidth among the HTTP responses. However, the design and implementation of this scheme has been observed to have shortcomings, explained in Section 2. This document defines the Priority HTTP header field that can be used by both client and server to specify the precedence of HTTP responses in a standardized, extensible, protocol-version-independent, end-to- end format. Along with the protocol-version-specific frame for reprioritization, this prioritization scheme acts as a substitute for the original prioritization scheme of HTTP/2. 1.1. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. The terms sh-token and sh-boolean are imported from [STRUCTURED-HEADERS]. Example HTTP requests and responses use the HTTP/2-style formatting from [RFC7540]. This document uses the variable-length integer encoding from [I-D.ietf-quic-transport]. Oku & Pardue Expires May 8, 2020 [Page 3] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 2. Motivation for Replacing HTTP/2 Priorities An important feature of any implementation of a protocol that provides multiplexing is the ability to prioritize the sending of information. This was an important realization in the design of HTTP/2. Prioritization is a difficult problem, so it will always be suboptimal, particularly if one endpoint operates in ignorance of the needs of its peer. HTTP/2 introduced a complex prioritization signaling scheme that used a combination of dependencies and weights, formed into an unbalanced tree. This scheme has suffered from poor deployment and interoperability. The rich flexibility of client-driven HTTP/2 prioritization tree building is rarely exercised; experience shows that clients either choose a single model optimized for a web use case (and don't vary it) or do nothing at all. But every client builds their prioritization tree in a different way, which makes it difficult for servers to understand their intent and act or intervene accordingly. Many HTTP/2 server implementations do not include support for the priority scheme, some favoring instead bespoke server-driven schemes based on heuristics and other hints, like the content type of resources and the order in which requests arrive. For example, a server, with knowledge of the document structure, might want to prioritize the delivery of images that are critical to user experience above other images, but below the CSS files. Since client trees vary, it is impossible for the server to determine how such images should be prioritized against other responses. The HTTP/2 scheme allows intermediaries to coalesce multiple client trees into a single tree that is used for a single upstream HTTP/2 connection. However, most intermediaries do not support this. The scheme does not define a method that can be used by a server to express the priority of a response. Without such a method, intermediaries cannot coordinate client-driven and server-driven priorities. HTTP/2 describes denial-of-service considerations for implementations. On 2019-08-13 Netflix issued an advisory notice about the discovery of several resource exhaustion vectors affecting multiple HTTP/2 implementations. One attack, CVE-2019-9513 aka "Resource Loop", is based on manipulation of the priority tree. The HTTP/2 scheme depends on in-order delivery of signals, leading to challenges in porting the scheme to protocols that do not provide Oku & Pardue Expires May 8, 2020 [Page 4] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 global ordering. For example, the scheme cannot be used in HTTP/3 [I-D.ietf-quic-http] without changing the signal and its processing. Considering the problems with deployment and adaptability to HTTP/3, retaining the HTTP/2 priority scheme increases the complexity of the entire system without any evidence that the value it provides offsets that complexity. In fact, multiple experiments from independent research have shown that simpler schemes can reach at least equivalent performance characteristics compared to the more complex HTTP/2 setups seen in practice, at least for the web use case. The problems and insights laid out above are motivation for the alternative and more straightforward prioritization scheme presented in this document. In order to support deployment of new schemes, a general-purpose negotiation mechanism is specified in Section 3. 3. Negotiating Priorities The document specifies a negotiation mechanism that allows each peer to communicate which, if any, priority schemes are supported, as well as the server's ranked preference. For both HTTP/2 and HTTP/3, either peer's SETTINGS may arrive first, so any negotiation must be unilateral and not rely upon receiving the peer's SETTINGS value. Servers are likely to only use one prioritization scheme at once per each connection, and may be unable to change the scheme once established, so the setting MUST be sent prior to the first request if it is ever sent. In HTTP/3, SETTINGS might arrive after the first request even if they are sent first. Therefore, future specifications that define alternative prioritization schemes for HTTP/3 SHOULD define how the server would act when it receives a stream-level priority signal prior to receiving the SETTINGS frame. 3.1. The SETTINGS_PRIORITIES SETTINGS Parameter This document defines a new SETTINGS_PRIORITIES parameter (0x9) for HTTP/2 and HTTP/3, which allows both peers to indicate which prioritization schemes they support. The value of this parameter is interpreted in two ways depending on if it is zero or non-zero. If the setting has a value of zero it indicates no support for priorities. If either side sends the parameter with a value of zero, clients SHOULD NOT send hop-by-hop priority signals (e.g., HTTP/2 PRIORITY frame) and servers SHOULD NOT make any assumptions based on the presence or lack thereof of such signals. Oku & Pardue Expires May 8, 2020 [Page 5] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 If the value is non-zero, then it is interpreted as an ordered preference list of prioritization schemes represented by 8-bit values. The least significant 8 bits indicate the sender's most preferred priority scheme, the second least significant 8 bits indicate the sender's second choice, and so on. This allows expressing support for 4 schemes in HTTP/2 and 7 in HTTP/3. A sender MUST comply with the following restrictions when constructing a preference list: duplicate 8-bit values (excluding the value 0) MUST NOT be used, and if any byte is 0 then all more significant bytes MUST also be 0. An endpoint that receives a setting in violation of these requirements MUST treat it as a connection error of type PROTOCOL_ERROR for HTTP/2 [RFC7540], or of type H3_SETTINGS_ERROR for HTTP/3 [I-D.ietf-quic-http]. In HTTP/2, the setting SHOULD appear in the first SETTINGS frame and peers MUST NOT process the setting if it is received multiple times in order to avoid changing the agreed upon prioritization scheme. If there is a prioritization scheme supported by both the client and server, then the server's preference order prevails and both peers SHOULD only use the agreed upon priority scheme for the remainder of the session. The server chooses because it is in the best position to know what information from the client is of the most value. Once the negotiation is complete, endpoints MAY stop sending hop-by- hop prioritization signals that were not negotiated in order to conserve bandwidth. However, endpoints SHOULD continue sending end- to-end signals (e.g., the Priority header field), as that might have meaningful effect to other nodes that handle the HTTP message. 3.2. Defined Prioritization Scheme Values This document defines two prioritization scheme values for use with the SETTINGS_PRIORITIES setting. 3.2.1. H2_TREE This document defines the priority scheme identifier H2_TREE (8-bit value of 1) that indicates support for HTTP/2-style priorities ([RFC7540], Section 5.3). The H2_TREE priority scheme identifier MUST NOT be be sent in an HTTP/3 settings because there is no defined mapping of this scheme. Endpoints MUST treat receipt of H2_TREE as a connection error of type H3_SETTINGS_ERROR. Oku & Pardue Expires May 8, 2020 [Page 6] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 3.2.2. URGENCY This document defines the priority scheme identifier URGENCY (8-bit value of 2) that indicates support for the extensible priority scheme defined in the present document. An intermediary connecting to a backend server SHOULD declare support for the extensible priority scheme when and only when all the requests that are to be sent on that backend connection originates from one client-side connection that has negotiated the use of the extensible priority scheme (see Section 7.1). 4. The Priority HTTP Header Field The Priority HTTP header field can appear in requests and responses. A client uses it to specify the priority of the response. A server uses it to inform the client that the priority was overwritten. An intermediary can use the Priority information from client requests and server responses to correct or amend the precedence to suit it (see Section 6). The value of the Priority header field is a Structured Headers Dictionary ([STRUCTURED-HEADERS]). Each dictionary member represents a parameter of the Priority header field. This document defines the "urgency" and "progressive" parameters. Values of these parameters MUST always be present. When any of the defined parameters are omitted, or if the Priority header field is not used, their default values SHOULD be applied. Unknown parameters MUST be ignored. 4.1. urgency The "urgency" parameter takes an integer between -1 and 6 as shown below: +-----------------+-------------------------------+ | Urgency | Definition | +-----------------+-------------------------------+ | -1 | prerequisite (Section 4.1.1) | | 0 | default (Section 4.1.2) | | between 1 and 5 | supplementary (Section 4.1.3) | | 6 | background (Section 4.1.4) | +-----------------+-------------------------------+ Table 1: Urgencies The value is encoded as an sh-integer. The default value is zero. Oku & Pardue Expires May 8, 2020 [Page 7] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 A server SHOULD transmit HTTP responses in the order of their urgency values. The lower the value, the higher the precedence. The following example shows a request for a CSS file with the urgency set to "-1": :method = GET :scheme = https :authority = example.net :path = /style.css priority = urgency=-1 The definition of the urgencies and their expected use-case are described below. Endpoints SHOULD respect the definition of the values when assigning urgencies. 4.1.1. prerequisite The prerequisite urgency (value -1) indicates that the response prevents other responses with an urgency of prerequisite or default from being used. For example, use of an external stylesheet can block a web browser from rendering the HTML. In such case, the stylesheet is given the prerequisite urgency. 4.1.2. default The default urgency (value 0) indicates a response that is to be used as it is delivered to the client, but one that does not block other responses from being used. For example, when a user using a web browser navigates to a new HTML document, the request for that HTML is given the default urgency. When that HTML document uses a custom font, the request for that custom font SHOULD also be given the default urgency. This is because the availability of the custom font is likely a precondition for the user to use that portion of the HTML document, which is to be rendered by that font. 4.1.3. supplementary The supplementary urgency indicates a response that is helpful to the client using a composition of responses, even though the response itself is not mandatory for using those responses. For example, inline images (i.e., images being fetched and displayed as part of the document) are visually important elements of an HTML Oku & Pardue Expires May 8, 2020 [Page 8] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 document. As such, users will typically not be prevented from using the document, at least to some degree, before any or all of these images are loaded. Display of those images are thus considered to be an improvement for visual clients rather than a prerequisite for all user agents. Therefore, such images will be given the supplementary urgency. Values between 1 and 5 are used to represent this urgency, to provide flexibility to the endpoints for giving some responses more or less precedence than others that belong to the supplementary group. Section 6 explains how these values might be used. Clients SHOULD NOT use values 1 and 5. Servers MAY use these values to prioritize a response above or below other supplementary responses. Clients MAY use values 2 to indicate that a request is given relatively high priority, or 4 to indicate relatively low priority, within the supplementary urgency group. For example, an image certain to be visible at the top of the page, might be assigned a value of 2 instead of 3, as it will have a high visual impact for the user. Conversely, an asynchronously loaded JavaScript file might be assigned an urgency value of 4, as it is less likely to have a visual impact. When none of the considerations above is applicable, the value of 3 SHOULD be used. 4.1.4. background The background urgency (value 6) is used for responses of which the delivery can be postponed without having an impact on using other responses. As an example, the download of a large file in a web browser would be assigned the background urgency so it would not impact further page loads on the same connection. 4.2. progressive The "progressive" parameter takes an sh-boolean as the value that indicates if a response can be processed progressively, i.e. provide some meaningful output as chunks of the response arrive. The default value of the "progressive" parameter is "0". Oku & Pardue Expires May 8, 2020 [Page 9] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 A server SHOULD distribute the bandwidth of a connection between progressive responses that share the same urgency. A server SHOULD transmit non-progressive responses one by one, preferably in the order the requests were generated. Doing so maximizes the chance of the client making progress in using the composition of the HTTP responses at the earliest moment. The following example shows a request for a JPEG file with the urgency parameter set to "3" and the progressive parameter set to "1". :method = GET :scheme = https :authority = example.net :path = /image.jpg priority = urgency=3, progressive=?1 5. Reprioritization Once a client sends a request, circumstances might change and mean that it is beneficial to change the priority of the response. As an example, a web browser might issue a prefetch request for a JavaScript file with the urgency parameter of the Priority request header field set to "urgency=6" (background). Then, when the user navigates to a page which references the new JavaScript file, while the prefetch is in progress, the browser would send a reprioritization frame with the priority field value set to "urgency=-1" (prerequisite). However, a client cannot reprioritize a response by using the Priority header field. This is because an HTTP header field can only be sent as part of an HTTP message. Therefore, to support reprioritization, it is necessary to define a HTTP-version-dependent mechanism for transmitting the priority parameters. This document specifies a new PRIORITY_UPDATE frame type for HTTP/2 ([RFC7540]) and HTTP/3 ([I-D.ietf-quic-http]) that is specialized for reprioritization. It carries updated priority parameters and references the target of the reprioritization based on a version- specific identifier; in HTTP/2 this is the Stream ID, in HTTP/3 this is either the Stream ID or Push ID. In HTTP/2 and HTTP/3 a request message sent on a stream transitions it into a state that prevents the client from sending additional frames on the stream. Modifying this behavior requires a semantic change to the protocol, this is avoided by restricting the stream on which a PRIORITY_UPDATE frame can be sent. In HTTP/2 the frame is on Oku & Pardue Expires May 8, 2020 [Page 10] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 stream zero and in HTTP/3 it is sent on the control stream ([I-D.ietf-quic-http], Section 6.2.1). 5.1. HTTP/2 PRIORITY_UPDATE Frame The HTTP/2 PRIORITY_UPDATE frame (type=0xF) carries the stream ID of the response that is being reprioritized, and the updated priority in ASCII text, using the same representation as that of the Priority header field value. The Stream Identifier field ([RFC7540], Section 4.1) in the PRIORITY_UPDATE frame header MUST be zero (0x0). 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +---------------------------------------------------------------+ |R| Stream ID (31) | +---------------------------------------------------------------+ | Priority Field Value (*) ... +---------------------------------------------------------------+ Figure 1: HTTP/2 PRIORITY_UPDATE Frame Payload TODO: add more description of how to handle things like receiving PRIORITY_UPDATE on wrong stream, a PRIORITY_UPDATE with an invalid ID, etc. 5.2. HTTP/3 PRIORITY_UPDATE Frame The HTTP/3 PRIORITY_UPDATE frame (type=0xF) carries the identifier of the element that is being reprioritized, and the updated priority in ASCII text, using the same representation as that of the Priority header field value. The PRIORITY_UPDATE frame MUST be sent on the control stream ([I-D.ietf-quic-http], Section 6.2.1). 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |T| Empty | Prioritized Element ID (i) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Priority Field Value (*) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: HTTP/3 PRIORITY_UPDATE Frame Payload The PRIORITY_UPDATE frame payload has the following fields: Oku & Pardue Expires May 8, 2020 [Page 11] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 T (Prioritized Element Type): A one-bit field indicating the type of element being prioritized. A value of 0 indicates a reprioritization for a Request Stream, so the Prioritized Element ID is interpreted as a Stream ID. A value of 1 indicates a reprioritization for a Push stream, so the Prioritized Element ID is interpreted as a Push ID. Empty: A seven-bit field that has no semantic value. TODO: add more description of how to handle things like receiving PRIORITY_UPDATE on wrong stream, a PRIORITY_UPDATE with an invalid ID, etc. 6. Merging Client- and Server-Driven Parameters It is not always the case that the client has the best understanding of how the HTTP responses deserve to be prioritized. For example, use of an HTML document might depend heavily on one of the inline images. Existence of such dependencies is typically best known to the server. By using the "Priority" response header, a server can override the prioritization hints provided by the client. When used, the parameters found in the response header field overrides those specified by the client. For example, when the client sends an HTTP request with :method = GET :scheme = https :authority = example.net :path = /menu.png priority = urgency=3, progressive=?1 and the origin responds with :status = 200 content-type = image/png priority = urgency=1 the intermediary's understanding of the urgency is promoted from "3" to "1", because the server-provided value overrides the value provided by the client. The progressiveness continues to be "1", the value specified by the client, as the server did not specify the "progressive" parameter. Oku & Pardue Expires May 8, 2020 [Page 12] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 7. Security Considerations 7.1. Fairness and Coalescing Intermediaries When an intermediary coalesces HTTP requests coming from multiple clients into one HTTP/2 or HTTP/3 connection going to the backend server, requests that originate from one client might have higher precedence than those coming from others. It is sometimes beneficial for the server running behind an intermediary to obey to the value of the Priority header field. As an example, a resource-constrained server might defer the transmission of software update files that would have the background urgency being associated. However, in the worst case, the asymmetry between the precedence declared by multiple clients might cause responses going to one end client to be delayed totally after those going to another. In order to mitigate this fairness problem, when a server responds to a request that is known to have come through an intermediary, the server SHOULD prioritize the response as if it was assigned the priority of "urgency=0, progressive=?1" (i.e. round-robin) regardless of the value of the Priority header field being transmitted, unless the server has the knowledge that no intermediaries are coalescing requests from multiple clients. That can be determined by the settings when the intermediaries support this specification (see Section 3.2.2), or else through configuration. A server can determine if a request came from an intermediary through configuration, or by consulting if that request contains one of the following header fields: o CDN-Loop ([RFC8586]) o Forwarded, X-Forwarded-For ([RFC7239]) o Via ([RFC7230], Section 5.7.1) Responding to requests coming through an intermediary in a round- robin manner works well when the network bottleneck exists between the intermediary and the end client, as the intermediary would be buffering the responses and then be forwarding the chunks of those buffered responses based on the prioritization scheme it implements. A sophisticated server MAY use a weighted round-robin reflecting the urgencies expressed in the requests, so that less urgent responses would receive less bandwidth in case the bottleneck exists between the server and the intermediary. Oku & Pardue Expires May 8, 2020 [Page 13] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 8. Considerations 8.1. Why use an End-to-End Header Field? Contrary to the prioritization scheme of HTTP/2 that uses a hop-by- hop frame, the Priority header field is defined as end-to-end. The rationale is that the Priority header field transmits how each response affects the client's processing of those responses, rather than how relatively urgent each response is to others. The way a client processes a response is a property associated to that client generating that request. Not that of an intermediary. Therefore, it is an end-to-end property. How these end-to-end properties carried by the Priority header field affect the prioritization between the responses that share a connection is a hop-by-hop issue. Having the Priority header field defined as end-to-end is important for caching intermediaries. Such intermediaries can cache the value of the Priority header field along with the response, and utilize the value of the cached header field when serving the cached response, only because the header field is defined as end-to-end rather than hop-by-hop. It should also be noted that the use of a header field carrying a textual value makes the prioritization scheme extensible; see the discussion below. 8.2. Why do Urgencies Have Meanings? One of the aims of this specification is to define a mechanism for merging client- and server-provided hints for prioritizing the responses. For that to work, each urgency level needs to have a well-defined meaning. As an example, a server can assign the highest precedence among the supplementary responses to an HTTP response carrying an icon, because the meaning of "urgency=1" is shared among the endpoints. This specification restricts itself to defining a minimum set of urgency levels in order to provide sufficient granularity for prioritizing responses for ordinary web browsing, at minimal complexity. However, that does not mean that the prioritization scheme would forever be stuck to the eight levels. The design provides extensibility. If deemed necessary, it would be possible to subdivide any of the eight urgency levels that are currently defined. Or, a graphical user-agent could send a "visible" parameter to indicate if the resource being requested is within the viewport. Oku & Pardue Expires May 8, 2020 [Page 14] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 A server can combine the hints provided in the Priority header field with other information in order to improve the prioritization of responses. For example, a server that receives requests for a font [RFC8081] and images with the same urgency might give higher precedence to the font, so that a visual client can render textual information at an early moment. 8.3. Can an Intermediary Send its own Signal? There might be a benefit in recommending a coalescing intermediary to embed its own prioritization hints into the HTTP request that it forwards to the backend server, as otherwise the Priority header field would not be as helpful to the backend (see Section 7.1). One way of achieving that, without dropping the original signal, would be to let the intermediary express its own signal using the Priority header field, at the same time transplanting the original value to a different header field. As an example, when a client sends an HTTP request carrying a priority of "urgency=-1" and the intermediary wants to instead associate "urgency=0; progressive=?1", the intermediary would send a HTTP request that contains to the following two header fields to the backend server: priority = urgency=0; progressive=?1 original-priority = urgency=-1 9. IANA Considerations This specification registers the following entry in the Permanent Message Header Field Names registry established by [RFC3864]: Header field name: Priority Applicable protocol: http Status: standard Author/change controller: IETF Specification document(s): This document Related information: n/a This specification registers the following entry in the HTTP/2 Settings registry established by [RFC7540]: Oku & Pardue Expires May 8, 2020 [Page 15] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 Name: SETTINGS_PRIORITIES Code: 0x9 Initial value: 0 Specification: This document This specification registers the following entry in the HTTP/2 Settings registry established by [I-D.ietf-quic-http]: Name: SETTINGS_PRIORITIES Code: 0x9 Initial value: 0 Specification: This document This specification registers the following entry in the HTTP/2 Frame Type registry established by [RFC7540]: Frame Type: PRIORITY_UPDATE Code: 0xF Specification: This document This specification registers the following entries in the HTTP/3 Frame Type registry established by [I-D.ietf-quic-http]: Frame Type: PRIORITY_UPDATE Code: 0xF Specification: This document 9.1. HTTP Prioritization Scheme Registry This document establishes a registry for HTTP prioritization scheme codes to be used in conjunction with the SETTINGS_PRIORITIES parameter. The "HTTP Prioritization Scheme" registry manages an 8-bit space. The "HTTP Prioritization Scheme" registry operates under either of the "IETF Review" or "IESG Approval" policies [RFC5226] for values between 0x00 and 0xef, with values between 0xf0 and 0xff being reserved for Experimental Use. New entries in this registry require the following information: Oku & Pardue Expires May 8, 2020 [Page 16] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 Prioritization Scheme: A name or label for the prioritization scheme. Code: The 8-bit code assigned to the prioritization scheme. Specification: A reference to a specification that includes a description of the prioritization scheme. The entries in the following table are registered by this document. +-----------------------+------+---------------+ | Prioritization Scheme | Code | Specification | +-----------------------+------+---------------+ | H2_TREE | 1 | Section 3.2.1 | | URGENCY | 2 | Section 3.2.2 | +-----------------------+------+---------------+ 10. References 10.1. Normative References [I-D.ietf-quic-http] Bishop, M., "Hypertext Transfer Protocol Version 3 (HTTP/3)", draft-ietf-quic-http-23 (work in progress), September 2019. [I-D.ietf-quic-transport] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed and Secure Transport", draft-ietf-quic-transport-23 (work in progress), September 2019. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", RFC 5226, DOI 10.17487/RFC5226, May 2008, . [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, DOI 10.17487/RFC7230, June 2014, . Oku & Pardue Expires May 8, 2020 [Page 17] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext Transfer Protocol Version 2 (HTTP/2)", RFC 7540, DOI 10.17487/RFC7540, May 2015, . [STRUCTURED-HEADERS] Nottingham, M. and P. Kamp, "Structured Headers for HTTP", draft-ietf-httpbis-header-structure-14 (work in progress), October 2019. 10.2. Informative References [I-D.lassey-priority-setting] Lassey, B. and L. Pardue, "Declaring Support for HTTP/2 Priorities", draft-lassey-priority-setting-00 (work in progress), July 2019. [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration Procedures for Message Header Fields", BCP 90, RFC 3864, DOI 10.17487/RFC3864, September 2004, . [RFC7239] Petersson, A. and M. Nilsson, "Forwarded HTTP Extension", RFC 7239, DOI 10.17487/RFC7239, June 2014, . [RFC8081] Lilley, C., "The "font" Top-Level Media Type", RFC 8081, DOI 10.17487/RFC8081, February 2017, . [RFC8586] Ludin, S., Nottingham, M., and N. Sullivan, "Loop Detection in Content Delivery Networks (CDNs)", RFC 8586, DOI 10.17487/RFC8586, April 2019, . 10.3. URIs [1] http://tools.ietf.org/agenda/83/slides/slides-83-httpbis-5.pdf [2] https://github.com/pmeenan/http3-prioritization-proposal Appendix A. Acknowledgements Roy Fielding presented the idea of using a header field for representing priorities in http://tools.ietf.org/agenda/83/slides/ slides-83-httpbis-5.pdf [1]. In https://github.com/pmeenan/http3- prioritization-proposal [2], Patrick Meenan advocates for representing the priorities using a tuple of urgency and concurrency. Oku & Pardue Expires May 8, 2020 [Page 18] Internet-Draft Extensible Prioritization Scheme for HTTP November 2019 The negotiation scheme described in this document is based on [I-D.lassey-priority-setting], authored by Brad Lassey and Lucas Pardue. The motivation for defining an alternative to HTTP/2 priorities is drawn from discussion within the broad HTTP community. Special thanks to Roberto Peon, Martin Thomson and Netflix for text that was incorporated explicitly in this document. In addition to the people above, this document owes a lot to the extensive discussion in the HTTP priority design team, consisting of Alan Frindell, Andrew Galloni, Craig Taylor, Ian Swett, Kazuho Oku, Lucas Pardue, Matthew Cox, Mike Bishop, Roberto Peon, Robin Marx, Roy Fielding. Appendix B. Change Log B.1. Since draft-kazuho-httpbis-priority-02 o Consolidation of the problem statement (#61, #73) o Define SETTINGS_PRIORITIES for negotiation (#58, #69) o Define PRIORITY_UPDATE frame for HTTP/2 and HTTP/3 (#51) o Explain fairness issue and mitigations (#56) B.2. Since draft-kazuho-httpbis-priority-01 o Explain how reprioritization might be supported. B.3. Since draft-kazuho-httpbis-priority-00 o Expand urgency levels from 3 to 8. Authors' Addresses Kazuho Oku Fastly Email: kazuhooku@gmail.com Lucas Pardue Cloudflare Email: lucaspardue.24.7@gmail.com Oku & Pardue Expires May 8, 2020 [Page 19]