]> Advertising the WebSockets support in the HTTPS resource record Microsoft
dragana.damjano@gmail.com
ART HTTP Internet-Draft This specification introduces a mechanism to advertise the support for WebSockets over different HTTP versions using HTTPS resource records. This mechanism allows clients to avoid delays in establishing WebSocket connections using HTTP-based advertisement for WebSocket support.
Introduction The mechanisms for running the WebSocket Protocol over a single stream of an HTTP/2 and HTTP/3 connection are defined in and . For bootstrapping WebSockets from HTTP/2 and HTTP/3 the extended CONNECT is used. The support for the extended CONNECT is advertised using HTTP/2 and HTTP/3 settings (see and ). A client needs to establish an HTTP/2 or HTTP/3 connection and wait for the setting frames to be exchanged to discover whether it can try to use WebSockets over HTTP/2 or HTTP/3. The request still may be rejected because the settings advertise the support for the extended CONNECT but not explicitly the support for the WebSockets Protocol. The clients may choose to attempt HTTP/2 or HTTP/3 first and fall back to HTTP/1.1 or HTTP/2 if the WebSocket Protocol is not supported. This may add a delay. The other option is to try to use WebSockets over HTTP/2 or HTTP/3 only on connections that are already established and where it is known the extended CONNECT is supported. This approach leads to WebSockets over HTTP/2 or HTTP/3 being used less frequently. This specification adds a way to advertise the support for WebSockets over HTTP versions using HTTPS resource record . The client may choose to try using an HTTP/2 or HTTP/3 connection only if the support for the protocol is advertised. This will eliminate the delay in most cases and increase usage of WebSockets over HTTP/2 and HTTP/3.
Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.
Extending HTTPS DNS resource record This specification introduces the "wss" SvcParamKey (see ) that indicates a set of HTTP versions that support the WebSocket Protocol on the particular service endpoint. The HTTP versions are identified using alpn-id specified in . The presentation value SHALL be a comma-separated list of one or more alpn-ids. The wire format values for the "wss" SvcParamKey consists of at least one alpn-id prefixed by its length as a single octet, and these length-value pairs are concatenated to form the SvcParamValue. These pairs MUST exactly fill the SvcParamValue; otherwise, the SvcParamValue is malformed. All alpn-ids listed in the "wss" MUST also be present in the "alpn" key.
The Client Behavior Upon receiving an HTTPS RR, a client should use the "wss" SvcParamKey as an indication of whether a particular service endpoint supports the WebSocket Protocol over HTTP /2 or HTTP/3. If the key is present, that is a strong indication that the service endpoint supports WebSockets over HTTP/2 or HTTP/3 protocol and the client can attempt using WebSockets over HTTP/2 or HTTP/3 protocol. Due to difficulties of deployments, the client may discover that the feature, although advertised, is not supported and in this case, the client should fall back to using HTTP/1.1. If the "no-default-alpn" key is present, the WebSocket Protocol over HTTP/1.1 is not supported by the endpoint. Otherwise, it might be supported whether the "wss" key is present or not. If the "wss" key is not present, the client should not try using WebSockets over HTTP/2 and HTTP/3, and should directly use HTTP/1.1.
Security Considerations This specification only adds a new SvcParamKey that is a hint of whether the WebSockets over HTTP/2 and HTTP/3 are supported. Therefore, it does not introduce additional security considerations beyond one described in , and .
IANA Considerations This specification adds the following entry to the Service Parameter Keys (SvcParamKeys) registry:
Number Name Meaning Format Reference
XX wss Support for WebSockets over HTTP/2 and HTTP/3 (This document) Section 3
Normative References Service binding and parameter specification via the DNS (DNS SVCB and HTTPS RRs) Google Akamai Technologies Akamai Technologies This document specifies the "SVCB" and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration and keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP [HTTP]. By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy. TO BE REMOVED: This document is being collaborated on in Github at: https://github.com/MikeBishop/dns-alt-svc (https://github.com/MikeBishop/dns-alt-svc). The most recent working version of the document, open issues, etc. should all be available there. The authors (gratefully) accept pull requests. Bootstrapping WebSockets with HTTP/2 This document defines a mechanism for running the WebSocket Protocol (RFC 6455) over a single stream of an HTTP/2 connection. Bootstrapping WebSockets with HTTP/3 The mechanism for running the WebSocket Protocol over a single stream of an HTTP/2 connection is equally applicable to HTTP/3, but the HTTP-version-specific details need to be specified. This document describes how the mechanism is adapted for HTTP/3. HTTP/2 This specification describes an optimized expression of the semantics of the Hypertext Transfer Protocol (HTTP), referred to as HTTP version 2 (HTTP/2). HTTP/2 enables a more efficient use of network resources and a reduced latency by introducing field compression and allowing multiple concurrent exchanges on the same connection. This document obsoletes RFCs 7540 and 8740. HTTP/3 The QUIC transport protocol has several features that are desirable in a transport for HTTP, such as stream multiplexing, per-stream flow control, and low-latency connection establishment. This document describes a mapping of HTTP semantics over QUIC. This document also identifies HTTP/2 features that are subsumed by QUIC and describes how HTTP/2 extensions can be ported to HTTP/3. Key words for use in RFCs to Indicate Requirement Levels In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.
Acknowledgments