Internet-Draft Capsule Translation November 2024
Schwartz & Oku Expires 8 May 2025 [Page]
Workgroup:
Network Working Group
Internet-Draft:
draft-kb-capsule-conversion-00
Published:
Intended Status:
Standards Track
Expires:
Authors:
B. M. Schwartz
Meta Platforms, Inc.
奥 一穂 (K. Oku)
Fastly

HTTP Version Translation of the Capsule Protocol

Abstract

This draft specifies how HTTP intermediaries can translate the Capsule Protocol between HTTP versions.

About This Document

This note is to be removed before publishing as an RFC.

Status information for this document may be found at https://datatracker.ietf.org/doc/draft-kb-capsule-conversion/.

Source for this draft and an issue tracker can be found at https://github.com/bemasc/capsule-conversion.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 8 May 2025.

Table of Contents

1. Introduction

The Capsule Protocol [RFC9297] defines a framing layer that can be used for protocols running over HTTP. The Capsule Protocol consists of a linear stream of capsules, each with a specified type and size. Endpoints can establish a Capsule Protocol connection using HTTP Extended CONNECT or the HTTP/1.1 Upgrade process.

Intermediaries such as HTTP Gateways can play an active role in the Capsule Protocol. To inform intermediaries that this protocol is in use, endpoints can include a "Capsule-Protocol: ?1" header in their request or response. Intermediaries are obligated to pass unrecognized capsule types unmodified, but some capsule types do permit intermediaries to modify them.

The Capsule Protocol is defined for HTTP/1.1, HTTP/2, and HTTP/3, and intermediaries can translate Capsule Protocol streams between different versions of HTTP. For example, an HTTP Gateway receiving a request using the "connect-tcp-capsule" Upgrade Token [I-D.ietf-httpbis-connect-tcp] over HTTP/3 might forward it to a backend server using HTTP/1.1 for further processing. However, this translation currently requires the intermediary to recognize the specified Upgrade Token. Unrecognized Upgrade Tokens cannot be translated between HTTP versions.

Client HTTP/2 Gateway HTTP/1.1 Server :protocol=foo Upgrade: foo capsule-protocol=?1 Capsule-Protocol: ?1
Figure 1: HTTP version translation of an Upgrade Token. The gateway can only perform this translation if it recognizes the "foo" Upgrade Token.

As a result of this limitation, HTTP intermediaries cannot forward unrecognized Capsule Protocol Upgrade Tokens (CPUTs) unless the backend supports the HTTP version used by the client. In practice, such HTTP version mismatches are common, so intermediaries have preferred not to support unrecognized tokens at all. As a result, each new CPUT requires the cooperation of any HTTP intermediaries. This increases the maintenance burden on intermediaries and impedes the deployment of novel CPUTs.

This draft specifies general rules for translating Capsule Protocol requests across HTTP versions, allowing intermediaries to perform such translations for unrecognized CPUTs.

2. Conventions and Definitions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. Requirements

This section describes requirements on HTTP intermediaries that change the HTTP version of a Capsule Protocol request.

3.1. Converting an HTTP/1.1 Upgrade request to Extended CONNECT

A Convertible Upgrade Request is a request that meets these criteria:

  • The HTTP version is "1.1".

  • The method is "GET".

  • The Upgrade header is present and specifies exactly one Upgrade Token.

  • A "Capsule-Protocol" header is present with an item value of "?1" (with or without parameters).

  • The request is otherwise well-formed for use with the Capsule Protocol.

Upon receiving a Convertible Upgrade Request, an HTTP intermediary MAY convert it into an Extended CONNECT request ([RFC9220][RFC8441]) using ordinary HTTP version translation with the following modifications:

  • Change the method to "CONNECT".

  • Add a ":protocol" pseudo-header containing the specified Upgrade Token.

(Note that ordinary HTTP version translation removes the "Connection" and "Upgrade" headers.)

If the intermediary receives a "200 (OK)" response, it MUST convert it to an HTTP/1.1 Upgrade response as follows:

  • Change the response code to "101 (Switching Protocols)".

  • Add an "Upgrade" header containing the specified Upgrade Token.

  • Add a "Connection: Upgrade" header.

After sending this response, the intermediary MUST process all data to and from the client in accordance with the Capsule Protocol.

If the intermediary receives any other valid response, it MUST NOT convert it to an HTTP/1.1 Upgrade response, and MUST forward it using ordinary HTTP version translation. If the response status was not 1xx (Informational), the intermediary MAY accept additional HTTP/1.1 requests on this connection to the client.

3.2. Converting an Extended CONNECT request to HTTP/1.1 Upgrade

A Convertible Extended CONNECT request is a request that meets these criteria:

  • The method is "CONNECT".

  • A "capsule-protocol" header is present with an item value of "?1" (with or without parameters).

  • The request is otherwise well-formed for use with the Capsule Protocol.

Upon receiving a Convertible Extended CONNECT Request, an HTTP intermediary MAY convert it into an HTTP/1.1 Upgrade request according to ordinary HTTP version translation, with the following modifications:

  • Change the method to "GET".

  • Add an "Upgrade" header containing the specified Upgrade Token.

  • Add a "Connection: Upgrade" header.

If the intermediary receives a correctly formed "101 (Switching Protocols)" response, it MUST change the response code to "200 (OK)". If it receives a 2xx (Successful) response, it SHOULD return a "501 (Not Implemented)" status code, to indicate that the ":protocol" value was not accepted ([RFC9220], Section 3). Otherwise, it MUST forward any valid responses unmodified. After sending a "200" response, the intermediary MUST process all further data to and from the server in accordance with the Capsule Protocol.

3.3. Converting an Extended CONNECT request to Extended CONNECT for a different HTTP version

An HTTP intermediary MAY translate a Convertible Extended CONNECT Request between different HTTP versions using ordinary HTTP version translation.

4. Implications

Translation of unrecognized CPUTs across HTTP versions carries some implications for future specifications related to the Capsule Protocol:

All existing CPUTs and Capsule Types already conform to these rules.

5. Security Considerations

When implemented incorrectly, HTTP/1.1 Upgrade carries a risk of request smuggling. (See [I-D.ietf-httpbis-optimistic-upgrade].)

Intermediary implementors should take care to avoid excessive resource consumption by malicious clients. For example, a client might be able to send many short requests over a single HTTP/2 or HTTP/3 connection, each of which requires opening a new, long-lived TCP connection to the backend.

6. IANA Considerations

This document has no IANA actions.

7. References

7.1. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/rfc/rfc8174>.
[RFC8441]
McManus, P., "Bootstrapping WebSockets with HTTP/2", RFC 8441, DOI 10.17487/RFC8441, , <https://www.rfc-editor.org/rfc/rfc8441>.
[RFC9220]
Hamilton, R., "Bootstrapping WebSockets with HTTP/3", RFC 9220, DOI 10.17487/RFC9220, , <https://www.rfc-editor.org/rfc/rfc9220>.
[RFC9297]
Schinazi, D. and L. Pardue, "HTTP Datagrams and the Capsule Protocol", RFC 9297, DOI 10.17487/RFC9297, , <https://www.rfc-editor.org/rfc/rfc9297>.

7.2. Informative References

[I-D.ietf-httpbis-connect-tcp]
Schwartz, B. M., "Template-Driven HTTP CONNECT Proxying for TCP", Work in Progress, Internet-Draft, draft-ietf-httpbis-connect-tcp-06, , <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-connect-tcp-06>.
[I-D.ietf-httpbis-optimistic-upgrade]
Schwartz, B. M., "Security Considerations for Optimistic Protocol Transitions in HTTP/1.1", Work in Progress, Internet-Draft, draft-ietf-httpbis-optimistic-upgrade-01, , <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-optimistic-upgrade-01>.

Acknowledgments

TODO acknowledge.

Authors' Addresses

Benjamin M. Schwartz
Meta Platforms, Inc.
Kazuho Oku
Fastly
Additional contact information:
奥 一穂
Fastly