Network Working GroupM. Nottingham
Internet-DraftNovember 5, 2018
Updates: 3864, 7231 (if approved)
Intended status: Standards Track
Expires: May 9, 2019

A Registry for HTTP Header Fields

draft-nottingham-httpbis-header-registry-00

Abstract

This document defines a separate IANA registry for HTTP header fields, and establishes the procedures for its operation.

Note to Readers

The issues list for this draft can be found at https://github.com/mnot/I-D/labels/httpbis-header-registry.

The most recent (often, unpublished) draft is at https://mnot.github.io/I-D/httpbis-header-registry/.

Status of this Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress”.

This Internet-Draft will expire on May 9, 2019.

Copyright Notice

Copyright © 2018 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

1. Introduction

[RFC3864] established common IANA registries for header fields from a variety of protocols. Experience has shown that having a combined registry has few benefits, and creates a number of issues, including:

  • Difficulty in evolving the registration process (without coordination with other protocols),
  • Registry user confusion, due to the large number of header fields registered,
  • Using one expert to review all header field registrations is onerous to that individual,
  • Lack of HTTP community involvement / oversight in reviews.

While these issues could be mitigated by a RFC3864bis, it is more straightforward to separate the HTTP registrations out into a separate registry; since there is only slight syntactic similarity between header fields between protocols (and often, the mismatches create confusion), and little semantic overlap, this seems like the best path forward.

Therefore, this document establishes a new HTTP Header Field Registry, defines its procedures, and guides the transition of existing values to it. Doing so effectively removes HTTP header fields from the scope of [RFC3864] and the registries it defines, and updates [RFC7231] Section 8.3 with a new process for managing them.

1.1. Notational Conventions

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [RFC2119].

2. The HTTP Header Field Registry

The “Hypertext Transfer Protocol (HTTP) Header Field Registry” defines the namespace for HTTP header fields (as per [RFC7230], Section 3.2).

2.1. Requesting Registration

Any party can request registration of a HTTP header field. See [RFC7231] Section 8.3.1 for considerations to take into account when creating a new HTTP header field.

The “HTTP Header Field Name” registry is located at “https://www.iana.org/assignments/http-headers/”. Registration requests can be made by following the instructions located there or by sending an email to the “ietf-http-wg@ietf.org” mailing list.

Header field names are registered on the advice of a Designated Expert (appointed by the IESG or their delegate). Header fields with the status ‘permanent’ are Specification Required (using terminology from [RFC8126]).

Registration requests consist of at least the following information:

  • Header field name: The requested field name. It MUST conform to the field-name syntax defined in [RFC7230], Section 3.2, and SHOULD be restricted to just letters, digits, hyphen (‘-‘) and underscore (‘_’) characters, with the first character being a letter.
  • Status: “permanent” or “provisional”
  • Author/Change controller: For a standards-track RFC, state “IETF”. For other open standards, give the name of the publishing body (e.g., “W3C”). For other specifications, give the name and/or organisation name and e-mail address of the primary specification author.
  • Specification document(s): Reference to the document that specifies the header field, preferably including a URI that can be used to retrieve a copy of the document. An indication of the relevant section(s) can also be included, but is not required.

The Expert(s) can define additional fields to be collected in the registry, in consultation with the community.

Standards-defined names have a status of “permanent”. Other names can also be registered as permanent, if the Expert(s) find that they are in use, in consultation with the community. Other names should be registered as “provisional”.

Provisional entries can be removed by the Expert(s) if – in consultation with the community – the Expert(s) find that they are not in use. The Experts can change a provisional entry’s status to permanent at any time.

Note that names can be registered by third parties (including the Expert(s)), if the Expert(s) determines that an unregistered name is widely deployed and not likely to be registered in a timely manner otherwise.

3. IANA Considerations

3.1. Registry Creation

IANA will create a new registry as outlined in Section 2.

After creating the registry, all entries in the Permanent and Provisional Message Header Registries with the protocol ‘http’ are to be moved to it, with the following changes applied:

  1. The ‘Applicable Protocol’ field is to be omitted.
  2. Entries with a status of ‘standard’, ‘experimental’, or ‘informational’ are to have a status of ‘permanent’.
  3. Entries with a status of ‘deprecated’ are to have a status of ‘obsoleted’.
  4. Provisional entries without a status are to have a status of ‘provisional’.
  5. Permanent entries without a status (after confirmation that the registration document did not define one) will have a status of ‘provisional’. The Expert(s) can choose to update their status if there is evidence that another is more appropriate.

The Permanent and Provisional Message Header registries will be annotated to indicate that HTTP header field registrations have moved, with an appropriate link.

4. Security Considerations

No security considerations are introduced by this specification beyond those already inherent in the use of HTTP header fields.

5. References

5.1. Normative References

[RFC2119]
Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels”, BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>.
[RFC7230]
Fielding, R., Ed. and J. Reschke, Ed., “Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing”, RFC 7230, DOI 10.17487/RFC7230, June 2014, <https://www.rfc-editor.org/info/rfc7230>.
[RFC8126]
Cotton, M., Leiba, B., and T. Narten, “Guidelines for Writing an IANA Considerations Section in RFCs”, BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, <https://www.rfc-editor.org/info/rfc8126>.

5.2. Informative References

[RFC3864]
Klyne, G., Nottingham, M., and J. Mogul, “Registration Procedures for Message Header Fields”, BCP 90, RFC 3864, DOI 10.17487/RFC3864, September 2004, <https://www.rfc-editor.org/info/rfc3864>.
[RFC7231]
Fielding, R., Ed. and J. Reschke, Ed., “Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content”, RFC 7231, DOI 10.17487/RFC7231, June 2014, <https://www.rfc-editor.org/info/rfc7231>.

Author's Address

Mark Nottingham
EMail: mnot@mnot.net
URI: https://www.mnot.net/