draft-ietf-quic-qpack-16.txt   draft-ietf-quic-qpack-17.txt 
QUIC C. Krasic QUIC C. Krasic
Internet-Draft Netflix Internet-Draft Netflix
Intended status: Standards Track M. Bishop Intended status: Standards Track M. Bishop
Expires: 11 December 2020 Akamai Technologies Expires: March 14, 2021 Akamai Technologies
A. Frindell, Ed. A. Frindell, Ed.
Facebook Facebook
9 June 2020 September 10, 2020
QPACK: Header Compression for HTTP/3 QPACK: Header Compression for HTTP/3
draft-ietf-quic-qpack-16 draft-ietf-quic-qpack-17
Abstract Abstract
This specification defines QPACK, a compression format for This specification defines QPACK, a compression format for
efficiently representing HTTP fields, to be used in HTTP/3. This is efficiently representing HTTP fields, to be used in HTTP/3. This is
a variation of HPACK compression that seeks to reduce head-of-line a variation of HPACK compression that seeks to reduce head-of-line
blocking. blocking.
Note to Readers Note to Readers
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 11 December 2020. This Internet-Draft will expire on March 14, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 50 skipping to change at page 2, line 50
3.2.4. Absolute Indexing . . . . . . . . . . . . . . . . . . 13 3.2.4. Absolute Indexing . . . . . . . . . . . . . . . . . . 13
3.2.5. Relative Indexing . . . . . . . . . . . . . . . . . . 14 3.2.5. Relative Indexing . . . . . . . . . . . . . . . . . . 14
3.2.6. Post-Base Indexing . . . . . . . . . . . . . . . . . 15 3.2.6. Post-Base Indexing . . . . . . . . . . . . . . . . . 15
4. Wire Format . . . . . . . . . . . . . . . . . . . . . . . . . 15 4. Wire Format . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1. Primitives . . . . . . . . . . . . . . . . . . . . . . . 15 4.1. Primitives . . . . . . . . . . . . . . . . . . . . . . . 15
4.1.1. Prefixed Integers . . . . . . . . . . . . . . . . . . 15 4.1.1. Prefixed Integers . . . . . . . . . . . . . . . . . . 15
4.1.2. String Literals . . . . . . . . . . . . . . . . . . . 15 4.1.2. String Literals . . . . . . . . . . . . . . . . . . . 15
4.2. Encoder and Decoder Streams . . . . . . . . . . . . . . . 16 4.2. Encoder and Decoder Streams . . . . . . . . . . . . . . . 16
4.3. Encoder Instructions . . . . . . . . . . . . . . . . . . 17 4.3. Encoder Instructions . . . . . . . . . . . . . . . . . . 17
4.3.1. Set Dynamic Table Capacity . . . . . . . . . . . . . 17 4.3.1. Set Dynamic Table Capacity . . . . . . . . . . . . . 17
4.3.2. Insert With Name Reference . . . . . . . . . . . . . 17 4.3.2. Insert With Name Reference . . . . . . . . . . . . . 18
4.3.3. Insert Without Name Reference . . . . . . . . . . . . 18 4.3.3. Insert Without Name Reference . . . . . . . . . . . . 18
4.3.4. Duplicate . . . . . . . . . . . . . . . . . . . . . . 18 4.3.4. Duplicate . . . . . . . . . . . . . . . . . . . . . . 19
4.4. Decoder Instructions . . . . . . . . . . . . . . . . . . 19 4.4. Decoder Instructions . . . . . . . . . . . . . . . . . . 19
4.4.1. Section Acknowledgement . . . . . . . . . . . . . . . 19 4.4.1. Section Acknowledgement . . . . . . . . . . . . . . . 19
4.4.2. Stream Cancellation . . . . . . . . . . . . . . . . . 20 4.4.2. Stream Cancellation . . . . . . . . . . . . . . . . . 20
4.4.3. Insert Count Increment . . . . . . . . . . . . . . . 20 4.4.3. Insert Count Increment . . . . . . . . . . . . . . . 20
4.5. Field Line Representations . . . . . . . . . . . . . . . 20 4.5. Field Line Representations . . . . . . . . . . . . . . . 20
4.5.1. Encoded Field Section Prefix . . . . . . . . . . . . 21 4.5.1. Encoded Field Section Prefix . . . . . . . . . . . . 21
4.5.2. Indexed Field Line . . . . . . . . . . . . . . . . . 23 4.5.2. Indexed Field Line . . . . . . . . . . . . . . . . . 23
4.5.3. Indexed Field Line With Post-Base Index . . . . . . . 24 4.5.3. Indexed Field Line With Post-Base Index . . . . . . . 24
4.5.4. Literal Field Line With Name Reference . . . . . . . 24 4.5.4. Literal Field Line With Name Reference . . . . . . . 24
4.5.5. Literal Field Line With Post-Base Name Reference . . 25 4.5.5. Literal Field Line With Post-Base Name Reference . . 25
4.5.6. Literal Field Line Without Name Reference . . . . . . 25 4.5.6. Literal Field Line Without Name Reference . . . . . . 25
5. Configuration . . . . . . . . . . . . . . . . . . . . . . . . 26 5. Configuration . . . . . . . . . . . . . . . . . . . . . . . . 26
6. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 26 6. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 26
7. Security Considerations . . . . . . . . . . . . . . . . . . . 27 7. Security Considerations . . . . . . . . . . . . . . . . . . . 27
7.1. Probing Dynamic Table State . . . . . . . . . . . . . . . 27 7.1. Probing Dynamic Table State . . . . . . . . . . . . . . . 27
7.2. Applicability to QPACK and HTTP . . . . . . . . . . . . . 28 7.2. Applicability to QPACK and HTTP . . . . . . . . . . . . . 28
7.3. Mitigation . . . . . . . . . . . . . . . . . . . . . . . 28 7.3. Mitigation . . . . . . . . . . . . . . . . . . . . . . . 28
7.4. Never Indexed Literals . . . . . . . . . . . . . . . . . 29 7.4. Never-Indexed Literals . . . . . . . . . . . . . . . . . 29
7.5. Static Huffman Encoding . . . . . . . . . . . . . . . . . 30 7.5. Static Huffman Encoding . . . . . . . . . . . . . . . . . 30
7.6. Memory Consumption . . . . . . . . . . . . . . . . . . . 30 7.6. Memory Consumption . . . . . . . . . . . . . . . . . . . 30
7.7. Implementation Limits . . . . . . . . . . . . . . . . . . 31 7.7. Implementation Limits . . . . . . . . . . . . . . . . . . 31
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32
8.1. Settings Registration . . . . . . . . . . . . . . . . . . 31 8.1. Settings Registration . . . . . . . . . . . . . . . . . . 32
8.2. Stream Type Registration . . . . . . . . . . . . . . . . 32 8.2. Stream Type Registration . . . . . . . . . . . . . . . . 32
8.3. Error Code Registration . . . . . . . . . . . . . . . . . 32 8.3. Error Code Registration . . . . . . . . . . . . . . . . . 32
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 33
9.1. Normative References . . . . . . . . . . . . . . . . . . 33 9.1. Normative References . . . . . . . . . . . . . . . . . . 33
9.2. Informative References . . . . . . . . . . . . . . . . . 34 9.2. Informative References . . . . . . . . . . . . . . . . . 34
Appendix A. Static Table . . . . . . . . . . . . . . . . . . . . 34 Appendix A. Static Table . . . . . . . . . . . . . . . . . . . . 34
Appendix B. Sample One Pass Encoding Algorithm . . . . . . . . . 39 Appendix B. Sample One Pass Encoding Algorithm . . . . . . . . . 39
Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 40 Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 40
C.1. Since draft-ietf-quic-qpack-15 . . . . . . . . . . . . . 40 C.1. Since draft-ietf-quic-qpack-16 . . . . . . . . . . . . . 40
C.2. Since draft-ietf-quic-qpack-14 . . . . . . . . . . . . . 41 C.2. Since draft-ietf-quic-qpack-15 . . . . . . . . . . . . . 41
C.3. Since draft-ietf-quic-qpack-13 . . . . . . . . . . . . . 41 C.3. Since draft-ietf-quic-qpack-14 . . . . . . . . . . . . . 41
C.4. Since draft-ietf-quic-qpack-12 . . . . . . . . . . . . . 41 C.4. Since draft-ietf-quic-qpack-13 . . . . . . . . . . . . . 41
C.5. Since draft-ietf-quic-qpack-11 . . . . . . . . . . . . . 41 C.5. Since draft-ietf-quic-qpack-12 . . . . . . . . . . . . . 41
C.6. Since draft-ietf-quic-qpack-10 . . . . . . . . . . . . . 41 C.6. Since draft-ietf-quic-qpack-11 . . . . . . . . . . . . . 41
C.7. Since draft-ietf-quic-qpack-09 . . . . . . . . . . . . . 41 C.7. Since draft-ietf-quic-qpack-10 . . . . . . . . . . . . . 41
C.8. Since draft-ietf-quic-qpack-08 . . . . . . . . . . . . . 41 C.8. Since draft-ietf-quic-qpack-09 . . . . . . . . . . . . . 41
C.9. Since draft-ietf-quic-qpack-06 . . . . . . . . . . . . . 41 C.9. Since draft-ietf-quic-qpack-08 . . . . . . . . . . . . . 41
C.10. Since draft-ietf-quic-qpack-05 . . . . . . . . . . . . . 41 C.10. Since draft-ietf-quic-qpack-06 . . . . . . . . . . . . . 41
C.11. Since draft-ietf-quic-qpack-04 . . . . . . . . . . . . . 42 C.11. Since draft-ietf-quic-qpack-05 . . . . . . . . . . . . . 41
C.12. Since draft-ietf-quic-qpack-03 . . . . . . . . . . . . . 42 C.12. Since draft-ietf-quic-qpack-04 . . . . . . . . . . . . . 42
C.13. Since draft-ietf-quic-qpack-02 . . . . . . . . . . . . . 42 C.13. Since draft-ietf-quic-qpack-03 . . . . . . . . . . . . . 42
C.14. Since draft-ietf-quic-qpack-01 . . . . . . . . . . . . . 42 C.14. Since draft-ietf-quic-qpack-02 . . . . . . . . . . . . . 42
C.15. Since draft-ietf-quic-qpack-00 . . . . . . . . . . . . . 42 C.15. Since draft-ietf-quic-qpack-01 . . . . . . . . . . . . . 42
C.16. Since draft-ietf-quic-qcram-00 . . . . . . . . . . . . . 43 C.16. Since draft-ietf-quic-qpack-00 . . . . . . . . . . . . . 42
C.17. Since draft-ietf-quic-qcram-00 . . . . . . . . . . . . . 43
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 43 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 43
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44
1. Introduction 1. Introduction
The QUIC transport protocol [QUIC-TRANSPORT] is designed to support The QUIC transport protocol ([QUIC-TRANSPORT]) is designed to support
HTTP semantics, and its design subsumes many of the features of HTTP semantics, and its design subsumes many of the features of
HTTP/2 [RFC7540]. HTTP/2 uses HPACK [RFC7541] for compression of the HTTP/2 ([RFC7540]). HTTP/2 uses HPACK ([RFC7541]) for compression of
header and trailer sections. If HPACK were used for HTTP/3 [HTTP3], the header and trailer sections. If HPACK were used for HTTP/3
it would induce head-of-line blocking for field sections due to ([HTTP3]), it would induce head-of-line blocking for field sections
built-in assumptions of a total ordering across frames on all due to built-in assumptions of a total ordering across frames on all
streams. streams.
QPACK reuses core concepts from HPACK, but is redesigned to allow QPACK reuses core concepts from HPACK, but is redesigned to allow
correctness in the presence of out-of-order delivery, with correctness in the presence of out-of-order delivery, with
flexibility for implementations to balance between resilience against flexibility for implementations to balance between resilience against
head-of-line blocking and optimal compression ratio. The design head-of-line blocking and optimal compression ratio. The design
goals are to closely approach the compression ratio of HPACK with goals are to closely approach the compression ratio of HPACK with
substantially less head-of-line blocking under the same loss substantially less head-of-line blocking under the same loss
conditions. conditions.
skipping to change at page 4, line 40 skipping to change at page 4, line 42
capitals, as shown here. capitals, as shown here.
Definitions of terms that are used in this document: Definitions of terms that are used in this document:
HTTP fields: Metadata sent as part of an HTTP message. The term HTTP fields: Metadata sent as part of an HTTP message. The term
encompasses both header and trailer fields. Colloquially, the encompasses both header and trailer fields. Colloquially, the
term "headers" has often been used to refer to HTTP header fields term "headers" has often been used to refer to HTTP header fields
and trailer fields; this document uses "fields" for generality. and trailer fields; this document uses "fields" for generality.
HTTP field line: A name-value pair sent as part of an HTTP field HTTP field line: A name-value pair sent as part of an HTTP field
section. See Section 4 of [SEMANTICS]. section. See Section 5 of [SEMANTICS].
HTTP field value: Data associated with a field name, composed from HTTP field value: Data associated with a field name, composed from
all field line values with that field name in that section, all field line values with that field name in that section,
concatenated together and separated with commas. concatenated together and separated with commas.
Field section: An ordered collection of HTTP field lines associated Field section: An ordered collection of HTTP field lines associated
with an HTTP message. A field section can contain multiple field with an HTTP message. A field section can contain multiple field
lines with the same name. It can also contain duplicate field lines with the same name. It can also contain duplicate field
lines. An HTTP message can include both header field and trailer lines. An HTTP message can include both header field and trailer
field sections. field sections.
Representation: An instruction which represents a field line, Representation: An instruction that represents a field line,
possibly by reference to the dynamic and static tables. possibly by reference to the dynamic and static tables.
Encoder: An implementation which encodes field sections. Encoder: An implementation that encodes field sections.
Decoder: An implementation which decodes encoded field sections. Decoder: An implementation that decodes encoded field sections.
Absolute Index: A unique index for each entry in the dynamic table. Absolute Index: A unique index for each entry in the dynamic table.
Base: A reference point for relative and post-base indices. Base: A reference point for relative and post-base indices.
Representations which reference dynamic table entries are relative Representations that reference dynamic table entries are relative
to a Base. to a Base.
Insert Count: The total number of entries inserted in the dynamic Insert Count: The total number of entries inserted in the dynamic
table. table.
QPACK is a name, not an acronym. QPACK is a name, not an acronym.
1.2. Notational Conventions 1.2. Notational Conventions
Diagrams use the format described in Section 3.1 of [RFC2360], with Diagrams use the format described in Section 3.1 of [RFC2360], with
skipping to change at page 6, line 31 skipping to change at page 6, line 31
QPACK preserves the ordering of field lines within each field QPACK preserves the ordering of field lines within each field
section. An encoder MUST emit field representations in the order section. An encoder MUST emit field representations in the order
they appear in the input field section. they appear in the input field section.
QPACK is designed to contain the more complex state tracking to the QPACK is designed to contain the more complex state tracking to the
encoder, while the decoder is relatively simple. encoder, while the decoder is relatively simple.
2.1.1. Limits on Dynamic Table Insertions 2.1.1. Limits on Dynamic Table Insertions
Inserting entries into the dynamic table might not be possible if the Inserting entries into the dynamic table might not be possible if the
table contains entries which cannot be evicted. table contains entries that cannot be evicted.
A dynamic table entry cannot be evicted immediately after insertion, A dynamic table entry cannot be evicted immediately after insertion,
even if it has never been referenced. Once the insertion of a even if it has never been referenced. Once the insertion of a
dynamic table entry has been acknowledged and there are no dynamic table entry has been acknowledged and there are no
outstanding references to the entry in unacknowledged outstanding references to the entry in unacknowledged
representations, the entry becomes evictable. Note that references representations, the entry becomes evictable. Note that references
on the encoder stream never preclude the eviction of an entry, on the encoder stream never preclude the eviction of an entry,
because those references are guaranteed to be processed before the because those references are guaranteed to be processed before the
instruction evicting the entry. instruction evicting the entry.
If the dynamic table does not contain enough room for a new entry If the dynamic table does not contain enough room for a new entry
without evicting other entries, and the entries which would be without evicting other entries, and the entries that would be evicted
evicted are not evictable, the encoder MUST NOT insert that entry are not evictable, the encoder MUST NOT insert that entry into the
into the dynamic table (including duplicates of existing entries). dynamic table (including duplicates of existing entries). In order
In order to avoid this, an encoder that uses the dynamic table has to to avoid this, an encoder that uses the dynamic table has to keep
keep track of each dynamic table entry referenced by each field track of each dynamic table entry referenced by each field section
section until those representations are acknowledged by the decoder; until those representations are acknowledged by the decoder; see
see Section 4.4.1. Section 4.4.1.
2.1.1.1. Avoiding Prohibited Insertions 2.1.1.1. Avoiding Prohibited Insertions
To ensure that the encoder is not prevented from adding new entries, To ensure that the encoder is not prevented from adding new entries,
the encoder can avoid referencing entries that are close to eviction. the encoder can avoid referencing entries that are close to eviction.
Rather than reference such an entry, the encoder can emit a Duplicate Rather than reference such an entry, the encoder can emit a Duplicate
instruction (Section 4.3.4), and reference the duplicate instead. instruction (Section 4.3.4), and reference the duplicate instead.
Determining which entries are too close to eviction to reference is Determining which entries are too close to eviction to reference is
an encoder preference. One heuristic is to target a fixed amount of an encoder preference. One heuristic is to target a fixed amount of
skipping to change at page 8, line 10 skipping to change at page 8, line 10
using references to the dynamic table, the Required Insert Count is using references to the dynamic table, the Required Insert Count is
one larger than the largest absolute index of all referenced dynamic one larger than the largest absolute index of all referenced dynamic
table entries. For a field section encoded with no references to the table entries. For a field section encoded with no references to the
dynamic table, the Required Insert Count is zero. dynamic table, the Required Insert Count is zero.
When the decoder receives an encoded field section with a Required When the decoder receives an encoded field section with a Required
Insert Count greater than its own Insert Count, the stream cannot be Insert Count greater than its own Insert Count, the stream cannot be
processed immediately, and is considered "blocked"; see processed immediately, and is considered "blocked"; see
Section 2.2.1. Section 2.2.1.
The decoder specifies an upper bound on the number of streams which The decoder specifies an upper bound on the number of streams that
can be blocked using the SETTINGS_QPACK_BLOCKED_STREAMS setting; see can be blocked using the SETTINGS_QPACK_BLOCKED_STREAMS setting; see
Section 5. An encoder MUST limit the number of streams which could Section 5. An encoder MUST limit the number of streams that could
become blocked to the value of SETTINGS_QPACK_BLOCKED_STREAMS at all become blocked to the value of SETTINGS_QPACK_BLOCKED_STREAMS at all
times. If a decoder encounters more blocked streams than it promised times. If a decoder encounters more blocked streams than it promised
to support, it MUST treat this as a connection error of type to support, it MUST treat this as a connection error of type
QPACK_DECOMPRESSION_FAILED. QPACK_DECOMPRESSION_FAILED.
Note that the decoder might not become blocked on every stream which Note that the decoder might not become blocked on every stream that
risks becoming blocked. risks becoming blocked.
An encoder can decide whether to risk having a stream become blocked. An encoder can decide whether to risk having a stream become blocked.
If permitted by the value of SETTINGS_QPACK_BLOCKED_STREAMS, If permitted by the value of SETTINGS_QPACK_BLOCKED_STREAMS,
compression efficiency can often be improved by referencing dynamic compression efficiency can often be improved by referencing dynamic
table entries that are still in transit, but if there is loss or table entries that are still in transit, but if there is loss or
reordering the stream can become blocked at the decoder. An encoder reordering the stream can become blocked at the decoder. An encoder
can avoid the risk of blocking by only referencing dynamic table can avoid the risk of blocking by only referencing dynamic table
entries which have been acknowledged, but this could mean using entries that have been acknowledged, but this could mean using
literals. Since literals make the encoded field section larger, this literals. Since literals make the encoded field section larger, this
can result in the encoder becoming blocked on congestion or flow can result in the encoder becoming blocked on congestion or flow
control limits. control limits.
2.1.3. Avoiding Flow Control Deadlocks 2.1.3. Avoiding Flow Control Deadlocks
Writing instructions on streams that are limited by flow control can Writing instructions on streams that are limited by flow control can
produce deadlocks. produce deadlocks.
A decoder might stop issuing flow control credit on the stream that A decoder might stop issuing flow control credit on the stream that
skipping to change at page 9, line 20 skipping to change at page 9, line 20
table entries can be referenced without potentially blocking a table entries can be referenced without potentially blocking a
stream. The decoder tracks the Known Received Count in order to be stream. The decoder tracks the Known Received Count in order to be
able to send Insert Count Increment instructions. able to send Insert Count Increment instructions.
A Section Acknowledgement instruction (Section 4.4.1) implies that A Section Acknowledgement instruction (Section 4.4.1) implies that
the decoder has received all dynamic table state necessary to decode the decoder has received all dynamic table state necessary to decode
the field section. If the Required Insert Count of the acknowledged the field section. If the Required Insert Count of the acknowledged
field section is greater than the current Known Received Count, Known field section is greater than the current Known Received Count, Known
Received Count is updated to the value of the Required Insert Count. Received Count is updated to the value of the Required Insert Count.
An Insert Count Increment instruction Section 4.4.3 increases the An Insert Count Increment instruction (Section 4.4.3) increases the
Known Received Count by its Increment parameter. See Section 2.2.2.3 Known Received Count by its Increment parameter. See Section 2.2.2.3
for guidance. for guidance.
2.2. Decoder 2.2. Decoder
As in HPACK, the decoder processes a series of representations and As in HPACK, the decoder processes a series of representations and
emits the corresponding field sections. It also processes emits the corresponding field sections. It also processes
instructions received on the encoder stream that modify the dynamic instructions received on the encoder stream that modify the dynamic
table. Note that encoded field sections and encoder stream table. Note that encoded field sections and encoder stream
instructions arrive on separate streams. This is unlike HPACK, where instructions arrive on separate streams. This is unlike HPACK, where
skipping to change at page 11, line 22 skipping to change at page 11, line 22
delaying an Insert Count Increment instruction, the decoder might be delaying an Insert Count Increment instruction, the decoder might be
able to coalesce multiple Insert Count Increment instructions, or able to coalesce multiple Insert Count Increment instructions, or
replace them entirely with Section Acknowledgements; see replace them entirely with Section Acknowledgements; see
Section 4.4.1. However, delaying too long may lead to compression Section 4.4.1. However, delaying too long may lead to compression
inefficiencies if the encoder waits for an entry to be acknowledged inefficiencies if the encoder waits for an entry to be acknowledged
before using it. before using it.
2.2.3. Invalid References 2.2.3. Invalid References
If the decoder encounters a reference in a field line representation If the decoder encounters a reference in a field line representation
to a dynamic table entry which has already been evicted or which has to a dynamic table entry that has already been evicted or that has an
an absolute index greater than or equal to the declared Required absolute index greater than or equal to the declared Required Insert
Insert Count (Section 4.5.1), it MUST treat this as a connection Count (Section 4.5.1), it MUST treat this as a connection error of
error of type QPACK_DECOMPRESSION_FAILED. type QPACK_DECOMPRESSION_FAILED.
If the decoder encounters a reference in an encoder instruction to a If the decoder encounters a reference in an encoder instruction to a
dynamic table entry which has already been evicted, it MUST treat dynamic table entry that has already been evicted, it MUST treat this
this as a connection error of type QPACK_ENCODER_STREAM_ERROR. as a connection error of type QPACK_ENCODER_STREAM_ERROR.
3. Reference Tables 3. Reference Tables
Unlike in HPACK, entries in the QPACK static and dynamic tables are Unlike in HPACK, entries in the QPACK static and dynamic tables are
addressed separately. The following sections describe how entries in addressed separately. The following sections describe how entries in
each table are addressed. each table are addressed.
3.1. Static Table 3.1. Static Table
The static table consists of a predefined static list of field lines, The static table consists of a predefined list of field lines, each
each of which has a fixed index over time. Its entries are defined of which has a fixed index over time. Its entries are defined in
in Appendix A. Appendix A.
All entries in the static table have a name and a value. However, All entries in the static table have a name and a value. However,
values can be empty (that is, have a length of 0). Each entry is values can be empty (that is, have a length of 0). Each entry is
identified by a unique index. identified by a unique index.
Note that the QPACK static table is indexed from 0, whereas the HPACK Note that the QPACK static table is indexed from 0, whereas the HPACK
static table is indexed from 1. static table is indexed from 1.
When the decoder encounters an invalid static table index in a field When the decoder encounters an invalid static table index in a field
line representation it MUST treat this as a connection error of type line representation it MUST treat this as a connection error of type
skipping to change at page 13, line 24 skipping to change at page 13, line 24
the new table capacity. This mechanism can be used to completely the new table capacity. This mechanism can be used to completely
clear entries from the dynamic table by setting a capacity of 0, clear entries from the dynamic table by setting a capacity of 0,
which can subsequently be restored. which can subsequently be restored.
3.2.3. Maximum Dynamic Table Capacity 3.2.3. Maximum Dynamic Table Capacity
To bound the memory requirements of the decoder, the decoder limits To bound the memory requirements of the decoder, the decoder limits
the maximum value the encoder is permitted to set for the dynamic the maximum value the encoder is permitted to set for the dynamic
table capacity. In HTTP/3, this limit is determined by the value of table capacity. In HTTP/3, this limit is determined by the value of
SETTINGS_QPACK_MAX_TABLE_CAPACITY sent by the decoder; see Section 5. SETTINGS_QPACK_MAX_TABLE_CAPACITY sent by the decoder; see Section 5.
The encoder MUST not set a dynamic table capacity that exceeds this The encoder MUST NOT set a dynamic table capacity that exceeds this
maximum, but it can choose to use a lower dynamic table capacity; see maximum, but it can choose to use a lower dynamic table capacity; see
Section 4.3.1. Section 4.3.1.
For clients using 0-RTT data in HTTP/3, the server's maximum table For clients using 0-RTT data in HTTP/3, the server's maximum table
capacity is the remembered value of the setting, or zero if the value capacity is the remembered value of the setting, or zero if the value
was not previously sent. When the client's 0-RTT value of the was not previously sent. When the client's 0-RTT value of the
SETTING is zero, the server MAY set it to a non-zero value in its SETTING is zero, the server MAY set it to a non-zero value in its
SETTINGS frame. If the remembered value is non-zero, the server MUST SETTINGS frame. If the remembered value is non-zero, the server MUST
send the same non-zero value in its SETTINGS frame. If it specifies send the same non-zero value in its SETTINGS frame. If it specifies
any other value, or omits SETTINGS_QPACK_MAX_TABLE_CAPACITY from any other value, or omits SETTINGS_QPACK_MAX_TABLE_CAPACITY from
skipping to change at page 13, line 49 skipping to change at page 13, line 49
is rejected, the maximum table capacity is 0 until the encoder is rejected, the maximum table capacity is 0 until the encoder
processes a SETTINGS frame with a non-zero value of processes a SETTINGS frame with a non-zero value of
SETTINGS_QPACK_MAX_TABLE_CAPACITY. SETTINGS_QPACK_MAX_TABLE_CAPACITY.
When the maximum table capacity is zero, the encoder MUST NOT insert When the maximum table capacity is zero, the encoder MUST NOT insert
entries into the dynamic table, and MUST NOT send any encoder entries into the dynamic table, and MUST NOT send any encoder
instructions on the encoder stream. instructions on the encoder stream.
3.2.4. Absolute Indexing 3.2.4. Absolute Indexing
Each entry possesses an absolute index which is fixed for the Each entry possesses an absolute index that is fixed for the lifetime
lifetime of that entry. The first entry inserted has an absolute of that entry. The first entry inserted has an absolute index of
index of "0"; indices increase by one with each insertion. "0"; indices increase by one with each insertion.
3.2.5. Relative Indexing 3.2.5. Relative Indexing
Relative indices begin at zero and increase in the opposite direction Relative indices begin at zero and increase in the opposite direction
from the absolute index. Determining which entry has a relative from the absolute index. Determining which entry has a relative
index of "0" depends on the context of the reference. index of "0" depends on the context of the reference.
In encoder instructions (Section 4.3), a relative index of "0" refers In encoder instructions (Section 4.3), a relative index of "0" refers
to the most recently inserted value in the dynamic table. Note that to the most recently inserted value in the dynamic table. Note that
this means the entry referenced by a given relative index will change this means the entry referenced by a given relative index will change
skipping to change at page 16, line 12 skipping to change at page 16, line 12
The string literal defined by Section 5.2 of [RFC7541] is also used The string literal defined by Section 5.2 of [RFC7541] is also used
throughout. This string format includes optional Huffman encoding. throughout. This string format includes optional Huffman encoding.
HPACK defines string literals to begin on a byte boundary. They HPACK defines string literals to begin on a byte boundary. They
begin with a single bit flag, denoted as 'H' in this document begin with a single bit flag, denoted as 'H' in this document
(indicating whether the string is Huffman-coded), followed by the (indicating whether the string is Huffman-coded), followed by the
Length encoded as a 7-bit prefix integer, and finally Length bytes of Length encoded as a 7-bit prefix integer, and finally Length bytes of
data. When Huffman encoding is enabled, the Huffman table from data. When Huffman encoding is enabled, the Huffman table from
Appendix B of [RFC7541] is used without modification. Appendix B of [RFC7541] is used without modification.
This document expands the definition of string literals and permits This document expands the definition of string literals by permitting
them to begin other than on a byte boundary. An "N-bit prefix string them to begin other than on a byte boundary. An "N-bit prefix string
literal" begins with the same Huffman flag, followed by the length literal" begins with the same Huffman flag, followed by the length
encoded as an (N-1)-bit prefix integer. The prefix size, N, can have encoded as an (N-1)-bit prefix integer. The prefix size, N, can have
a value between 2 and 8 inclusive. The remainder of the string a value between 2 and 8 inclusive. The remainder of the string
literal is unmodified. literal is unmodified.
A string literal without a prefix length noted is an 8-bit prefix A string literal without a prefix length noted is an 8-bit prefix
string literal and follows the definitions in [RFC7541] without string literal and follows the definitions in [RFC7541] without
modification. modification.
skipping to change at page 16, line 43 skipping to change at page 16, line 43
to encoder. to encoder.
HTTP/3 endpoints contain a QPACK encoder and decoder. Each endpoint HTTP/3 endpoints contain a QPACK encoder and decoder. Each endpoint
MUST initiate at most one encoder stream and at most one decoder MUST initiate at most one encoder stream and at most one decoder
stream. Receipt of a second instance of either stream type MUST be stream. Receipt of a second instance of either stream type MUST be
treated as a connection error of type H3_STREAM_CREATION_ERROR. treated as a connection error of type H3_STREAM_CREATION_ERROR.
These streams MUST NOT be closed. Closure of either unidirectional These streams MUST NOT be closed. Closure of either unidirectional
stream type MUST be treated as a connection error of type stream type MUST be treated as a connection error of type
H3_CLOSED_CRITICAL_STREAM. H3_CLOSED_CRITICAL_STREAM.
An endpoint MAY avoid creating an encoder stream if it's not going to An endpoint MAY avoid creating an encoder stream if it will not be
be used (for example if its encoder doesn't wish to use the dynamic used (for example if its encoder does not wish to use the dynamic
table, or if the maximum size of the dynamic table permitted by the table, or if the maximum size of the dynamic table permitted by the
peer is zero). peer is zero).
An endpoint MAY avoid creating a decoder stream if its decoder sets An endpoint MAY avoid creating a decoder stream if its decoder sets
the maximum capacity of the dynamic table to zero. the maximum capacity of the dynamic table to zero.
An endpoint MUST allow its peer to create an encoder stream and a An endpoint MUST allow its peer to create an encoder stream and a
decoder stream even if the connection's settings prevent their use. decoder stream even if the connection's settings prevent their use.
4.3. Encoder Instructions 4.3. Encoder Instructions
An encoder sends encoder instructions on the encoder stream to set An encoder sends encoder instructions on the encoder stream to set
the capacity of the dynamic table and add dynamic table entries. the capacity of the dynamic table and add dynamic table entries.
Instructions adding table entries can use existing entries to avoid Instructions adding table entries can use existing entries to avoid
transmitting redundant information. The name can be transmitted as a transmitting redundant information. The name can be transmitted as a
reference to an existing entry in the static or the dynamic table or reference to an existing entry in the static or the dynamic table or
as a string literal. For entries which already exist in the dynamic as a string literal. For entries that already exist in the dynamic
table, the full entry can also be used by reference, creating a table, the full entry can also be used by reference, creating a
duplicate entry. duplicate entry.
This section specifies the following encoder instructions.
4.3.1. Set Dynamic Table Capacity 4.3.1. Set Dynamic Table Capacity
An encoder informs the decoder of a change to the dynamic table An encoder informs the decoder of a change to the dynamic table
capacity using an instruction which begins with the '001' three-bit capacity using an instruction that begins with the '001' three-bit
pattern. This is followed by the new dynamic table capacity pattern. This is followed by the new dynamic table capacity
represented as an integer with a 5-bit prefix; see Section 4.1.1. represented as an integer with a 5-bit prefix; see Section 4.1.1.
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| 0 | 0 | 1 | Capacity (5+) | | 0 | 0 | 1 | Capacity (5+) |
+---+---+---+-------------------+ +---+---+---+-------------------+
Figure 5: Set Dynamic Table Capacity Figure 5: Set Dynamic Table Capacity
The new capacity MUST be lower than or equal to the limit described The new capacity MUST be lower than or equal to the limit described
in Section 3.2.3. In HTTP/3, this limit is the value of the in Section 3.2.3. In HTTP/3, this limit is the value of the
SETTINGS_QPACK_MAX_TABLE_CAPACITY parameter (Section 5) received from SETTINGS_QPACK_MAX_TABLE_CAPACITY parameter (Section 5) received from
the decoder. The decoder MUST treat a new dynamic table capacity the decoder. The decoder MUST treat a new dynamic table capacity
value that exceeds this limit as a connection error of type value that exceeds this limit as a connection error of type
QPACK_ENCODER_STREAM_ERROR. QPACK_ENCODER_STREAM_ERROR.
Reducing the dynamic table capacity can cause entries to be evicted; Reducing the dynamic table capacity can cause entries to be evicted;
see Section 3.2.2. This MUST NOT cause the eviction of entries which see Section 3.2.2. This MUST NOT cause the eviction of entries that
are not evictable; see Section 2.1.1. Changing the capacity of the are not evictable; see Section 2.1.1. Changing the capacity of the
dynamic table is not acknowledged as this instruction does not insert dynamic table is not acknowledged as this instruction does not insert
an entry. an entry.
4.3.2. Insert With Name Reference 4.3.2. Insert With Name Reference
An encoder adds an entry to the dynamic table where the field name An encoder adds an entry to the dynamic table where the field name
matches the field name of an entry stored in the static or the matches the field name of an entry stored in the static or the
dynamic table using an instruction that starts with the '1' one-bit dynamic table using an instruction that starts with the '1' one-bit
pattern. The second ('T') bit indicates whether the reference is to pattern. The second ('T') bit indicates whether the reference is to
skipping to change at page 19, line 23 skipping to change at page 19, line 30
resending either the name or the value. This is useful to avoid resending either the name or the value. This is useful to avoid
adding a reference to an older entry, which might block inserting new adding a reference to an older entry, which might block inserting new
entries. entries.
4.4. Decoder Instructions 4.4. Decoder Instructions
A decoder sends decoder instructions on the decoder stream to inform A decoder sends decoder instructions on the decoder stream to inform
the encoder about the processing of field sections and table updates the encoder about the processing of field sections and table updates
to ensure consistency of the dynamic table. to ensure consistency of the dynamic table.
This section specifies the following decoder instructions.
4.4.1. Section Acknowledgement 4.4.1. Section Acknowledgement
After processing an encoded field section whose declared Required After processing an encoded field section whose declared Required
Insert Count is not zero, the decoder emits a Section Acknowledgement Insert Count is not zero, the decoder emits a Section Acknowledgement
instruction. The instruction begins with the '1' one-bit pattern instruction. The instruction begins with the '1' one-bit pattern,
which is followed by the field section's associated stream ID encoded followed by the field section's associated stream ID encoded as a
as a 7-bit prefix integer; see Section 4.1.1. 7-bit prefix integer; see Section 4.1.1.
This instruction is used as described in Section 2.1.4 and in This instruction is used as described in Section 2.1.4 and in
Section 2.2.2. Section 2.2.2.
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| 1 | Stream ID (7+) | | 1 | Stream ID (7+) |
+---+---------------------------+ +---+---------------------------+
Figure 9: Section Acknowledgement Figure 9: Section Acknowledgement
If an encoder receives a Section Acknowledgement instruction If an encoder receives a Section Acknowledgement instruction
referring to a stream on which every encoded field section with a referring to a stream on which every encoded field section with a
non-zero Required Insert Count has already been acknowledged, that non-zero Required Insert Count has already been acknowledged, this
MUST be treated as a connection error of type MUST be treated as a connection error of type
QPACK_DECODER_STREAM_ERROR. QPACK_DECODER_STREAM_ERROR.
The Section Acknowledgement instruction might increase the Known The Section Acknowledgement instruction might increase the Known
Received Count; see Section 2.1.4. Received Count; see Section 2.1.4.
4.4.2. Stream Cancellation 4.4.2. Stream Cancellation
When a stream is reset or reading is abandoned, the decoder emits a When a stream is reset or reading is abandoned, the decoder emits a
Stream Cancellation instruction. The instruction begins with the Stream Cancellation instruction. The instruction begins with the
'01' two-bit pattern, which is followed by the stream ID of the '01' two-bit pattern, followed by the stream ID of the affected
affected stream encoded as a 6-bit prefix integer. stream encoded as a 6-bit prefix integer.
This instruction is used as described in Section 2.2.2. This instruction is used as described in Section 2.2.2.
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| 0 | 1 | Stream ID (6+) | | 0 | 1 | Stream ID (6+) |
+---+---+-----------------------+ +---+---+-----------------------+
Figure 10: Stream Cancellation Figure 10: Stream Cancellation
skipping to change at page 21, line 9 skipping to change at page 21, line 12
representations reference the static table or the dynamic table in a representations reference the static table or the dynamic table in a
particular state, but do not modify that state. particular state, but do not modify that state.
Encoded field sections are carried in frames on streams defined by Encoded field sections are carried in frames on streams defined by
the enclosing protocol. the enclosing protocol.
4.5.1. Encoded Field Section Prefix 4.5.1. Encoded Field Section Prefix
Each encoded field section is prefixed with two integers. The Each encoded field section is prefixed with two integers. The
Required Insert Count is encoded as an integer with an 8-bit prefix Required Insert Count is encoded as an integer with an 8-bit prefix
after the encoding described in Section 4.5.1.1). The Base is using the encoding described in Section 4.5.1.1. The Base is encoded
encoded as a sign bit ('S') and a Delta Base value with a 7-bit as a sign bit ('S') and a Delta Base value with a 7-bit prefix; see
prefix; see Section 4.5.1.2. Section 4.5.1.2.
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| Required Insert Count (8+) | | Required Insert Count (8+) |
+---+---------------------------+ +---+---------------------------+
| S | Delta Base (7+) | | S | Delta Base (7+) |
+---+---------------------------+ +---+---------------------------+
| Encoded Field Lines ... | Encoded Field Lines ...
+-------------------------------+ +-------------------------------+
skipping to change at page 23, line 16 skipping to change at page 23, line 16
from the Required Insert Count and also subtracts one to determine from the Required Insert Count and also subtracts one to determine
the value of the Base. That is: the value of the Base. That is:
if S == 0: if S == 0:
Base = ReqInsertCount + DeltaBase Base = ReqInsertCount + DeltaBase
else: else:
Base = ReqInsertCount - DeltaBase - 1 Base = ReqInsertCount - DeltaBase - 1
A single-pass encoder determines the Base before encoding a field A single-pass encoder determines the Base before encoding a field
section. If the encoder inserted entries in the dynamic table while section. If the encoder inserted entries in the dynamic table while
encoding the field section, Required Insert Count will be greater encoding the field section and is referencing them, Required Insert
than the Base, so the encoded difference is negative and the sign bit Count will be greater than the Base, so the encoded difference is
is set to 1. If the field section was not encoded using negative and the sign bit is set to 1. If the field section was not
representations which reference the most recent entry in the table encoded using representations that reference the most recent entry in
and did not insert any new entries, the Base will be greater than the the table and did not insert any new entries, the Base will be
Required Insert Count, so the delta will be positive and the sign bit greater than the Required Insert Count, so the delta will be positive
is set to 0. and the sign bit is set to 0.
An encoder that produces table updates before encoding a field An encoder that produces table updates before encoding a field
section might set Base to the value of Required Insert Count. In section might set Base to the value of Required Insert Count. In
such case, both the sign bit and the Delta Base will be set to zero. such case, both the sign bit and the Delta Base will be set to zero.
A field section that was encoded without references to the dynamic A field section that was encoded without references to the dynamic
table can use any value for the Base; setting Delta Base to zero is table can use any value for the Base; setting Delta Base to zero is
one of the most efficient encodings. one of the most efficient encodings.
For example, with a Required Insert Count of 9, a decoder receives an For example, with a Required Insert Count of 9, a decoder receives an
skipping to change at page 26, line 26 skipping to change at page 26, line 26
Figure 17: Literal Field Line Without Name Reference Figure 17: Literal Field Line Without Name Reference
This representation begins with the '001' three-bit pattern. The This representation begins with the '001' three-bit pattern. The
fourth bit is the 'N' bit as described in Section 4.5.4. The name fourth bit is the 'N' bit as described in Section 4.5.4. The name
follows, represented as a 4-bit prefix string literal, then the follows, represented as a 4-bit prefix string literal, then the
value, represented as an 8-bit prefix string literal; see value, represented as an 8-bit prefix string literal; see
Section 4.1.2. Section 4.1.2.
5. Configuration 5. Configuration
QPACK defines two settings which are included in the HTTP/3 SETTINGS QPACK defines two settings for the HTTP/3 SETTINGS frame:
frame.
SETTINGS_QPACK_MAX_TABLE_CAPACITY (0x1): The default value is zero. SETTINGS_QPACK_MAX_TABLE_CAPACITY (0x1): The default value is zero.
See Section 3.2 for usage. This is the equivalent of the See Section 3.2 for usage. This is the equivalent of the
SETTINGS_HEADER_TABLE_SIZE from HTTP/2. SETTINGS_HEADER_TABLE_SIZE from HTTP/2.
SETTINGS_QPACK_BLOCKED_STREAMS (0x7): The default value is zero. SETTINGS_QPACK_BLOCKED_STREAMS (0x7): The default value is zero.
See Section 2.1.2. See Section 2.1.2.
6. Error Handling 6. Error Handling
The following error codes are defined for HTTP/3 to indicate failures The following error codes are defined for HTTP/3 to indicate failures
of QPACK which prevent the connection from continuing: of QPACK that prevent the stream or connection from continuing:
QPACK_DECOMPRESSION_FAILED (0x200): The decoder failed to interpret QPACK_DECOMPRESSION_FAILED (0x200): The decoder failed to interpret
an encoded field section and is not able to continue decoding that an encoded field section and is not able to continue decoding that
field section. field section.
QPACK_ENCODER_STREAM_ERROR (0x201): The decoder failed to interpret QPACK_ENCODER_STREAM_ERROR (0x201): The decoder failed to interpret
an encoder instruction received on the encoder stream. an encoder instruction received on the encoder stream.
QPACK_DECODER_STREAM_ERROR (0x202): The encoder failed to interpret QPACK_DECODER_STREAM_ERROR (0x202): The encoder failed to interpret
a decoder instruction received on the decoder stream. a decoder instruction received on the decoder stream.
skipping to change at page 27, line 19 skipping to change at page 27, line 19
* Use of compression as a length-based oracle for verifying guesses * Use of compression as a length-based oracle for verifying guesses
about secrets that are compressed into a shared compression about secrets that are compressed into a shared compression
context. context.
* Denial of service resulting from exhausting processing or memory * Denial of service resulting from exhausting processing or memory
capacity at a decoder. capacity at a decoder.
7.1. Probing Dynamic Table State 7.1. Probing Dynamic Table State
QPACK reduces the length of header field encodings by exploiting the QPACK reduces the encoded size of field sections by exploiting the
redundancy inherent in protocols like HTTP. The ultimate goal of redundancy inherent in protocols like HTTP. The ultimate goal of
this is to reduce the amount of data that is required to send HTTP this is to reduce the amount of data that is required to send HTTP
requests or responses. requests or responses.
The compression context used to encode header fields can be probed by The compression context used to encode header and trailer fields can
an attacker who can both define header fields to be encoded and be probed by an attacker who can both define fields to be encoded and
transmitted and observe the length of those fields once they are transmitted and observe the length of those fields once they are
encoded. When an attacker can do both, they can adaptively modify encoded. When an attacker can do both, they can adaptively modify
requests in order to confirm guesses about the dynamic table state. requests in order to confirm guesses about the dynamic table state.
If a guess is compressed into a shorter length, the attacker can If a guess is compressed into a shorter length, the attacker can
observe the encoded length and infer that the guess was correct. observe the encoded length and infer that the guess was correct.
This is possible even over the Transport Layer Security Protocol This is possible even over the Transport Layer Security Protocol
(TLS, see [RFC5246]), because while TLS provides confidentiality (TLS, see [RFC5246]), because while TLS provides confidentiality
protection for content, it only provides a limited amount of protection for content, it only provides a limited amount of
protection for the length of that content. protection for the length of that content.
Note: Padding schemes only provide limited protection against an Note: Padding schemes only provide limited protection against an
attacker with these capabilities, potentially only forcing an attacker with these capabilities, potentially only forcing an
increased number of guesses to learn the length associated with a increased number of guesses to learn the length associated with a
given guess. Padding schemes also work directly against given guess. Padding schemes also work directly against
compression by increasing the number of bits that are transmitted. compression by increasing the number of bits that are transmitted.
Attacks like CRIME [CRIME] demonstrated the existence of these Attacks like CRIME ([CRIME]) demonstrated the existence of these
general attacker capabilities. The specific attack exploited the general attacker capabilities. The specific attack exploited the
fact that DEFLATE [RFC1951] removes redundancy based on prefix fact that DEFLATE ([RFC1951]) removes redundancy based on prefix
matching. This permitted the attacker to confirm guesses a character matching. This permitted the attacker to confirm guesses a character
at a time, reducing an exponential-time attack into a linear-time at a time, reducing an exponential-time attack into a linear-time
attack. attack.
7.2. Applicability to QPACK and HTTP 7.2. Applicability to QPACK and HTTP
QPACK mitigates but does not completely prevent attacks modeled on QPACK mitigates but does not completely prevent attacks modeled on
CRIME [CRIME] by forcing a guess to match an entire header field CRIME ([CRIME]) by forcing a guess to match an entire field line,
value, rather than individual characters. An attacker can only learn rather than individual characters. An attacker can only learn
whether a guess is correct or not, so is reduced to a brute force whether a guess is correct or not, so is reduced to a brute force
guess for the header field values. guess for the field values associated with a given field name.
The viability of recovering specific header field values therefore The viability of recovering specific field values therefore depends
depends on the entropy of values. As a result, values with high on the entropy of values. As a result, values with high entropy are
entropy are unlikely to be recovered successfully. However, values unlikely to be recovered successfully. However, values with low
with low entropy remain vulnerable. entropy remain vulnerable.
Attacks of this nature are possible any time that two mutually Attacks of this nature are possible any time that two mutually
distrustful entities control requests or responses that are placed distrustful entities control requests or responses that are placed
onto a single HTTP/3 connection. If the shared QPACK compressor onto a single HTTP/3 connection. If the shared QPACK compressor
permits one entity to add entries to the dynamic table, and the other permits one entity to add entries to the dynamic table, and the other
to access those entries, then the state of the table can be learned. to access those entries, then the state of the table can be learned.
Having requests or responses from mutually distrustful entities Having requests or responses from mutually distrustful entities
occurs when an intermediary either: occurs when an intermediary either:
* sends requests from multiple clients on a single connection toward * sends requests from multiple clients on a single connection toward
an origin server, or an origin server, or
* takes responses from multiple origin servers and places them on a * takes responses from multiple origin servers and places them on a
shared connection toward a client. shared connection toward a client.
Web browsers also need to assume that requests made on the same Web browsers also need to assume that requests made on the same
connection by different web origins [RFC6454] are made by mutually connection by different web origins ([RFC6454]) are made by mutually
distrustful entities. distrustful entities.
7.3. Mitigation 7.3. Mitigation
Users of HTTP that require confidentiality for header fields can use Users of HTTP that require confidentiality for header or trailer
values with entropy sufficient to make guessing infeasible. However, fields can use values with entropy sufficient to make guessing
this is impractical as a general solution because it forces all users infeasible. However, this is impractical as a general solution
of HTTP to take steps to mitigate attacks. It would impose new because it forces all users of HTTP to take steps to mitigate
constraints on how HTTP is used. attacks. It would impose new constraints on how HTTP is used.
Rather than impose constraints on users of HTTP, an implementation of Rather than impose constraints on users of HTTP, an implementation of
QPACK can instead constrain how compression is applied in order to QPACK can instead constrain how compression is applied in order to
limit the potential for dynamic table probing. limit the potential for dynamic table probing.
An ideal solution segregates access to the dynamic table based on the An ideal solution segregates access to the dynamic table based on the
entity that is constructing header fields. Header field values that entity that is constructing the message. Field values that are added
are added to the table are attributed to an entity, and only the to the table are attributed to an entity, and only the entity that
entity that created a particular value can extract that value. created a particular value can extract that value.
To improve compression performance of this option, certain entries To improve compression performance of this option, certain entries
might be tagged as being public. For example, a web browser might might be tagged as being public. For example, a web browser might
make the values of the Accept-Encoding header field available in all make the values of the Accept-Encoding header field available in all
requests. requests.
An encoder without good knowledge of the provenance of header fields An encoder without good knowledge of the provenance of field values
might instead introduce a penalty for a header field with many might instead introduce a penalty for many field lines with the same
different values, such that a large number of attempts to guess a field name and different values. This penalty could cause a large
header field value results in the header field not being compared to number of attempts to guess a field value to result in the field not
the dynamic table entries in future messages, effectively preventing being compared to the dynamic table entries in future messages,
further guesses. effectively preventing further guesses.
Note: Simply removing entries corresponding to the header field from Note: Simply removing entries corresponding to the field from the
the dynamic table can be ineffectual if the attacker has a dynamic table can be ineffectual if the attacker has a reliable
reliable way of causing values to be reinstalled. For example, a way of causing values to be reinstalled. For example, a request
request to load an image in a web browser typically includes the to load an image in a web browser typically includes the Cookie
Cookie header field (a potentially highly valued target for this header field (a potentially highly valued target for this sort of
sort of attack), and web sites can easily force an image to be attack), and web sites can easily force an image to be loaded,
loaded, thereby refreshing the entry in the dynamic table. thereby refreshing the entry in the dynamic table.
This response might be made inversely proportional to the length of This response might be made inversely proportional to the length of
the header field value. Disabling access to the dynamic table for a the field value. Disabling access to the dynamic table for a given
header field might occur for shorter values more quickly or with field name might occur for shorter values more quickly or with higher
higher probability than for longer values. probability than for longer values.
7.4. Never Indexed Literals 7.4. Never-Indexed Literals
Implementations can also choose to protect sensitive header fields by Implementations can also choose to protect sensitive fields by not
not compressing them and instead encoding their value as literals. compressing them and instead encoding their value as literals.
Refusing to insert a header field into the dynamic table is only Refusing to insert a field line into the dynamic table is only
effective if doing so is avoided on all hops. The never indexed effective if doing so is avoided on all hops. The never-indexed
literal bit (see Section 4.5.4) can be used to signal to literal bit (see Section 4.5.4) can be used to signal to
intermediaries that a particular value was intentionally sent as a intermediaries that a particular value was intentionally sent as a
literal. literal.
An intermediary MUST NOT re-encode a value that uses a literal An intermediary MUST NOT re-encode a value that uses a literal
representation with the 'N' bit set with another representation that representation with the 'N' bit set with another representation that
would index it. If QPACK is used for re-encoding, a literal would index it. If QPACK is used for re-encoding, a literal
representation with the 'N' bit set MUST be used. If HPACK is used representation with the 'N' bit set MUST be used. If HPACK is used
for re-encoding, the never indexed literal representation (see for re-encoding, the never-indexed literal representation (see
Section 6.2.3 of [RFC7541]) MUST be used. Section 6.2.3 of [RFC7541]) MUST be used.
The choice to mark that a header field should never be indexed The choice to mark that a field value should never be indexed depends
depends on several factors. Since QPACK doesn't protect against on several factors. Since QPACK does not protect against guessing an
guessing an entire header field value, short or low-entropy values entire field value, short or low-entropy values are more readily
are more readily recovered by an adversary. Therefore, an encoder recovered by an adversary. Therefore, an encoder might choose not to
might choose not to index values with low entropy. index values with low entropy.
An encoder might also choose not to index values for header fields An encoder might also choose not to index values for fields that are
that are considered to be highly valuable or sensitive to recovery, considered to be highly valuable or sensitive to recovery, such as
such as the Cookie or Authorization header fields. the Cookie or Authorization header fields.
On the contrary, an encoder might prefer indexing values for header On the contrary, an encoder might prefer indexing values for fields
fields that have little or no value if they were exposed. For that have little or no value if they were exposed. For instance, a
instance, a User-Agent header field does not commonly vary between User-Agent header field does not commonly vary between requests and
requests and is sent to any server. In that case, confirmation that is sent to any server. In that case, confirmation that a particular
a particular User-Agent value has been used provides little value. User-Agent value has been used provides little value.
Note that these criteria for deciding to use a never indexed literal Note that these criteria for deciding to use a never-indexed literal
representation will evolve over time as new attacks are discovered. representation will evolve over time as new attacks are discovered.
7.5. Static Huffman Encoding 7.5. Static Huffman Encoding
There is no currently known attack against a static Huffman encoding. There is no currently known attack against a static Huffman encoding.
A study has shown that using a static Huffman encoding table created A study has shown that using a static Huffman encoding table created
an information leakage, however this same study concluded that an an information leakage, however this same study concluded that an
attacker could not take advantage of this information leakage to attacker could not take advantage of this information leakage to
recover any meaningful amount of information (see [PETAL]). recover any meaningful amount of information (see [PETAL]).
skipping to change at page 31, line 8 skipping to change at page 31, line 8
A decoder can limit the amount of state memory used for the dynamic A decoder can limit the amount of state memory used for the dynamic
table by setting an appropriate value for the maximum size of the table by setting an appropriate value for the maximum size of the
dynamic table. In HTTP/3, this is realized by setting an appropriate dynamic table. In HTTP/3, this is realized by setting an appropriate
value for the SETTINGS_QPACK_MAX_TABLE_CAPACITY parameter. An value for the SETTINGS_QPACK_MAX_TABLE_CAPACITY parameter. An
encoder can limit the amount of state memory it uses by signaling a encoder can limit the amount of state memory it uses by signaling a
lower dynamic table size than the decoder allows (see Section 3.2.2). lower dynamic table size than the decoder allows (see Section 3.2.2).
A decoder can limit the amount of state memory used for blocked A decoder can limit the amount of state memory used for blocked
streams by setting an appropriate value for the maximum number of streams by setting an appropriate value for the maximum number of
blocked streams. In HTTP/3, this is realized by setting an blocked streams. In HTTP/3, this is realized by setting an
appropriate value for the QPACK_BLOCKED_STREAMS parameter. An appropriate value for the QPACK_BLOCKED_STREAMS parameter. Streams
encoder can limit the amount of state memory by only using as many which risk becoming blocked consume no additional state memory on the
blocked streams as it wishes to support; no signaling to the decoder encoder.
is required.
An encoder allocates memory to track all dynamic table references in
unacknowledged field sections. An implementation can directly limit
the amount of state memory by only using as many references to the
dynamic table as it wishes to track; no signaling to the decoder is
required. However, limiting references to the dynamic table will
reduce compression effectiveness.
The amount of temporary memory consumed by an encoder or decoder can The amount of temporary memory consumed by an encoder or decoder can
be limited by processing header fields sequentially. A decoder be limited by processing field lines sequentially. A decoder
implementation does not need to retain a complete list of header implementation does not need to retain a complete list of field lines
fields while decoding a header block. An encoder implementation does while decoding a field section. An encoder implementation does not
not need to retain a complete list of header fields while encoding a need to retain a complete list of field lines while encoding a field
header block if it is using a single-pass algorithm. Note that it section if it is using a single-pass algorithm. Note that it might
might be necessary for an application to retain a complete header be necessary for an application to retain a complete list of field
list for other reasons; even if QPACK does not force this to occur, lines for other reasons; even if QPACK does not force this to occur,
application constraints might make this necessary. application constraints might make this necessary.
While the negotiated limit on the dynamic table size accounts for While the negotiated limit on the dynamic table size accounts for
much of the memory that can be consumed by a QPACK implementation, much of the memory that can be consumed by a QPACK implementation,
data which cannot be immediately sent due to flow control is not data that cannot be immediately sent due to flow control is not
affected by this limit. Implementations should limit the size of affected by this limit. Implementations should limit the size of
unsent data, especially on the decoder stream where flexibility to unsent data, especially on the decoder stream where flexibility to
choose what to send is limited. Possible responses to an excess of choose what to send is limited. Possible responses to an excess of
unsent data might include limiting the ability of the peer to open unsent data might include limiting the ability of the peer to open
new streams, reading only from the encoder stream, or closing the new streams, reading only from the encoder stream, or closing the
connection. connection.
7.7. Implementation Limits 7.7. Implementation Limits
An implementation of QPACK needs to ensure that large values for An implementation of QPACK needs to ensure that large values for
integers, long encoding for integers, or long string literals do not integers, long encoding for integers, or long string literals do not
create security weaknesses. create security weaknesses.
An implementation has to set a limit for the values it accepts for An implementation has to set a limit for the values it accepts for
integers, as well as for the encoded length (see Section 4.1.1). In integers, as well as for the encoded length; see Section 4.1.1. In
the same way, it has to set a limit to the length it accepts for the same way, it has to set a limit to the length it accepts for
string literals (see Section 4.1.2). string literals; see Section 4.1.2.
8. IANA Considerations 8. IANA Considerations
8.1. Settings Registration 8.1. Settings Registration
This document specifies two settings. The entries in the following This document specifies two settings. The entries in the following
table are registered in the "HTTP/3 Settings" registry established in table are registered in the "HTTP/3 Settings" registry established in
[HTTP3]. [HTTP3].
+--------------------------+------+---------------+---------+ +==========================+======+===============+=========+
| Setting Name | Code | Specification | Default | | Setting Name | Code | Specification | Default |
+==========================+======+===============+=========+ +==========================+======+===============+=========+
| QPACK_MAX_TABLE_CAPACITY | 0x1 | Section 5 | 0 | | QPACK_MAX_TABLE_CAPACITY | 0x1 | Section 5 | 0 |
+--------------------------+------+---------------+---------+ +--------------------------+------+---------------+---------+
| QPACK_BLOCKED_STREAMS | 0x7 | Section 5 | 0 | | QPACK_BLOCKED_STREAMS | 0x7 | Section 5 | 0 |
+--------------------------+------+---------------+---------+ +--------------------------+------+---------------+---------+
Table 1 Table 1
8.2. Stream Type Registration 8.2. Stream Type Registration
This document specifies two stream types. The entries in the This document specifies two stream types. The entries in the
following table are registered in the "HTTP/3 Stream Type" registry following table are registered in the "HTTP/3 Stream Type" registry
established in [HTTP3]. established in [HTTP3].
+----------------------+------+---------------+--------+ +======================+======+===============+========+
| Stream Type | Code | Specification | Sender | | Stream Type | Code | Specification | Sender |
+======================+======+===============+========+ +======================+======+===============+========+
| QPACK Encoder Stream | 0x02 | Section 4.2 | Both | | QPACK Encoder Stream | 0x02 | Section 4.2 | Both |
+----------------------+------+---------------+--------+ +----------------------+------+---------------+--------+
| QPACK Decoder Stream | 0x03 | Section 4.2 | Both | | QPACK Decoder Stream | 0x03 | Section 4.2 | Both |
+----------------------+------+---------------+--------+ +----------------------+------+---------------+--------+
Table 2 Table 2
8.3. Error Code Registration 8.3. Error Code Registration
This document specifies three error codes. The entries in the This document specifies three error codes. The entries in the
following table are registered in the "HTTP/3 Error Code" registry following table are registered in the "HTTP/3 Error Code" registry
established in [HTTP3]. established in [HTTP3].
+----------------------------+-------+-------------+---------------+ +============================+=======+=============+===============+
| Name | Code | Description | Specification | | Name | Code | Description | Specification |
+============================+=======+=============+===============+ +============================+=======+=============+===============+
| QPACK_DECOMPRESSION_FAILED | 0x200 | Decoding of | Section 6 | | QPACK_DECOMPRESSION_FAILED | 0x200 | Decoding of | Section 6 |
| | | a field | | | | | a field | |
| | | section | | | | | section | |
| | | failed | | | | | failed | |
+----------------------------+-------+-------------+---------------+ +----------------------------+-------+-------------+---------------+
| QPACK_ENCODER_STREAM_ERROR | 0x201 | Error on | Section 6 | | QPACK_ENCODER_STREAM_ERROR | 0x201 | Error on | Section 6 |
| | | the encoder | | | | | the encoder | |
| | | stream | | | | | stream | |
skipping to change at page 33, line 30 skipping to change at page 33, line 30
+----------------------------+-------+-------------+---------------+ +----------------------------+-------+-------------+---------------+
Table 3 Table 3
9. References 9. References
9.1. Normative References 9.1. Normative References
[HTTP3] Bishop, M., Ed., "Hypertext Transfer Protocol Version 3 [HTTP3] Bishop, M., Ed., "Hypertext Transfer Protocol Version 3
(HTTP/3)", Work in Progress, Internet-Draft, draft-ietf- (HTTP/3)", Work in Progress, Internet-Draft, draft-ietf-
quic-http-29, 9 June 2020, quic-http-30, September 10, 2020,
<https://tools.ietf.org/html/draft-ietf-quic-http-29>. <https://tools.ietf.org/html/draft-ietf-quic-http-30>.
[QUIC-TRANSPORT] [QUIC-TRANSPORT]
Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", Work in Progress, Multiplexed and Secure Transport", Work in Progress,
Internet-Draft, draft-ietf-quic-transport-29, 9 June 2020, Internet-Draft, draft-ietf-quic-transport-30, September
<https://tools.ietf.org/html/draft-ietf-quic-transport- 10, 2020, <https://tools.ietf.org/html/draft-ietf-quic-
29>. transport-30>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC7541] Peon, R. and H. Ruellan, "HPACK: Header Compression for [RFC7541] Peon, R. and H. Ruellan, "HPACK: Header Compression for
HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015, HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015,
<https://www.rfc-editor.org/info/rfc7541>. <https://www.rfc-editor.org/info/rfc7541>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[SEMANTICS] [SEMANTICS]
Fielding, R., Nottingham, M., and J. Reschke, "HTTP Fielding, R., Nottingham, M., and J. Reschke, "HTTP
Semantics", Work in Progress, Internet-Draft, draft-ietf- Semantics", Work in Progress, Internet-Draft, draft-ietf-
httpbis-semantics-08, 26 May 2020, <http://www.ietf.org/ httpbis-semantics-11, August 27, 2020,
internet-drafts/draft-ietf-httpbis-semantics-08.txt>. <http://www.ietf.org/internet-drafts/draft-ietf-httpbis-
semantics-11.txt>.
9.2. Informative References 9.2. Informative References
[CRIME] Wikipedia, "CRIME", May 2015, <http://en.wikipedia.org/w/ [CRIME] Wikipedia, "CRIME", May 2015, <http://en.wikipedia.org/w/
index.php?title=CRIME&oldid=660948120>. index.php?title=CRIME&oldid=660948120>.
[PETAL] Tan, J. and J. Nahata, "PETAL: Preset Encoding [PETAL] Tan, J. and J. Nahata, "PETAL: Preset Encoding
Table Information Leakage", April 2013, Table Information Leakage", April 2013,
<http://www.pdl.cmu.edu/PDL-FTP/associated/CMU-PDL- <http://www.pdl.cmu.edu/PDL-FTP/associated/CMU-PDL-
13-106.pdf>. 13-106.pdf>.
skipping to change at page 34, line 45 skipping to change at page 34, line 46
DOI 10.17487/RFC6454, December 2011, DOI 10.17487/RFC6454, December 2011,
<https://www.rfc-editor.org/info/rfc6454>. <https://www.rfc-editor.org/info/rfc6454>.
[RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext
Transfer Protocol Version 2 (HTTP/2)", RFC 7540, Transfer Protocol Version 2 (HTTP/2)", RFC 7540,
DOI 10.17487/RFC7540, May 2015, DOI 10.17487/RFC7540, May 2015,
<https://www.rfc-editor.org/info/rfc7540>. <https://www.rfc-editor.org/info/rfc7540>.
Appendix A. Static Table Appendix A. Static Table
This table was generated by analyzing actual internet traffic in 2018 This table was generated by analyzing actual Internet traffic in 2018
and including the most common headers, after filtering out some and including the most common header fields, after filtering out some
unsupported and non-standard values. Due to this methodology, some unsupported and non-standard values. Due to this methodology, some
of the entries may be inconsistent or appear multiple times with of the entries may be inconsistent or appear multiple times with
similar but not identical values. The order of the entries is similar but not identical values. The order of the entries is
optimized to encode the most common headers with the smallest number optimized to encode the most common header fields with the smallest
of bytes. number of bytes.
+-------+----------------------------------+-----------------------+ +=======+==================================+=======================+
| Index | Name | Value | | Index | Name | Value |
+=======+==================================+=======================+ +=======+==================================+=======================+
| 0 | :authority | | | 0 | :authority | |
+-------+----------------------------------+-----------------------+ +-------+----------------------------------+-----------------------+
| 1 | :path | / | | 1 | :path | / |
+-------+----------------------------------+-----------------------+ +-------+----------------------------------+-----------------------+
| 2 | age | 0 | | 2 | age | 0 |
+-------+----------------------------------+-----------------------+ +-------+----------------------------------+-----------------------+
| 3 | content-disposition | | | 3 | content-disposition | |
+-------+----------------------------------+-----------------------+ +-------+----------------------------------+-----------------------+
skipping to change at page 40, line 8 skipping to change at page 40, line 8
if staticNameIndex is None: if staticNameIndex is None:
dynamicNameIndex = dynamicTable.findName(line.name) dynamicNameIndex = dynamicTable.findName(line.name)
if shouldIndex(line) and dynamicTable.canIndex(line): if shouldIndex(line) and dynamicTable.canIndex(line):
encodeInsert(encoderBuffer, staticNameIndex, encodeInsert(encoderBuffer, staticNameIndex,
dynamicNameIndex, line) dynamicNameIndex, line)
dynamicIndex = dynamicTable.add(line) dynamicIndex = dynamicTable.add(line)
if dynamicIndex is None: if dynamicIndex is None:
# Couldn't index it, literal # Could not index it, literal
if nameIndex is None or isStaticName: if dynamicNameIndex is not None:
# Encodes a literal with a static name or literal name # Encode literal with dynamic name, possibly above base
encodeLiteral(streamBuffer, nameIndex, line) encodeDynamicLiteral(streamBuffer, dynamicNameIndex,
base, line)
requiredInsertCount = max(requiredInsertCount,
dynamicNameIndex)
else: else:
# encode literal with dynamic name, possibly above base # Encodes a literal with a static name or literal name
encodeDynamicLiteral(streamBuffer, nameIndex, base, line) encodeLiteral(streamBuffer, staticNameIndex, line)
requiredInsertCount = max(requiredInsertCount, nameIndex)
else: else:
# Dynamic index reference # Dynamic index reference
assert(dynamicIndex is not None) assert(dynamicIndex is not None)
requiredInsertCount = max(requiredInsertCount, dynamicIndex) requiredInsertCount = max(requiredInsertCount, dynamicIndex)
# Encode dynamicIndex, possibly above base # Encode dynamicIndex, possibly above base
encodeDynamicIndexReference(streamBuffer, dynamicIndex, base) encodeDynamicIndexReference(streamBuffer, dynamicIndex, base)
# encode the prefix # encode the prefix
if requiredInsertCount == 0: if requiredInsertCount == 0:
encodeIndexReference(prefixBuffer, 0, 0, 8) encodeIndexReference(prefixBuffer, 0, 0, 8)
skipping to change at page 40, line 46 skipping to change at page 40, line 48
encodeInteger(prefixBuffer, 0x80, encodeInteger(prefixBuffer, 0x80,
requiredInsertCount - base - 1, 7) requiredInsertCount - base - 1, 7)
return encoderBuffer, prefixBuffer + streamBuffer return encoderBuffer, prefixBuffer + streamBuffer
Appendix C. Change Log Appendix C. Change Log
*RFC Editor's Note:* Please remove this section prior to *RFC Editor's Note:* Please remove this section prior to
publication of a final version of this document. publication of a final version of this document.
C.1. Since draft-ietf-quic-qpack-15 C.1. Since draft-ietf-quic-qpack-16
Editorial changes only
C.2. Since draft-ietf-quic-qpack-15
No changes No changes
C.2. Since draft-ietf-quic-qpack-14 C.3. Since draft-ietf-quic-qpack-14
Added security considerations Added security considerations
C.3. Since draft-ietf-quic-qpack-13 C.4. Since draft-ietf-quic-qpack-13
No changes No changes
C.4. Since draft-ietf-quic-qpack-12 C.5. Since draft-ietf-quic-qpack-12
Editorial changes only Editorial changes only
C.5. Since draft-ietf-quic-qpack-11 C.6. Since draft-ietf-quic-qpack-11
Editorial changes only Editorial changes only
C.6. Since draft-ietf-quic-qpack-10 C.7. Since draft-ietf-quic-qpack-10
Editorial changes only Editorial changes only
C.7. Since draft-ietf-quic-qpack-09 C.8. Since draft-ietf-quic-qpack-09
* Decoders MUST emit Header Acknowledgements (#2939) * Decoders MUST emit Header Acknowledgements (#2939)
* Updated error code for multiple encoder or decoder streams (#2970) * Updated error code for multiple encoder or decoder streams (#2970)
* Added explicit defaults for new SETTINGS (#2974) * Added explicit defaults for new SETTINGS (#2974)
C.8. Since draft-ietf-quic-qpack-08 C.9. Since draft-ietf-quic-qpack-08
* Endpoints are permitted to create encoder and decoder streams even * Endpoints are permitted to create encoder and decoder streams even
if they can't use them (#2100, #2529) if they can't use them (#2100, #2529)
* Maximum values for settings removed (#2766, #2767) * Maximum values for settings removed (#2766, #2767)
C.9. Since draft-ietf-quic-qpack-06 C.10. Since draft-ietf-quic-qpack-06
* Clarify initial dynamic table capacity maximums (#2276, #2330, * Clarify initial dynamic table capacity maximums (#2276, #2330,
#2330) #2330)
C.10. Since draft-ietf-quic-qpack-05 C.11. Since draft-ietf-quic-qpack-05
* Introduced the terms dynamic table capacity and maximum dynamic * Introduced the terms dynamic table capacity and maximum dynamic
table capacity. table capacity.
* Renamed SETTINGS_HEADER_TABLE_SIZE to * Renamed SETTINGS_HEADER_TABLE_SIZE to
SETTINGS_QPACK_MAX_TABLE_CAPACITY. SETTINGS_QPACK_MAX_TABLE_CAPACITY.
C.11. Since draft-ietf-quic-qpack-04 C.12. Since draft-ietf-quic-qpack-04
* Changed calculation of Delta Base Index to avoid an illegal value * Changed calculation of Delta Base Index to avoid an illegal value
(#2002, #2005) (#2002, #2005)
C.12. Since draft-ietf-quic-qpack-03 C.13. Since draft-ietf-quic-qpack-03
* Change HTTP settings defaults (#2038) * Change HTTP settings defaults (#2038)
* Substantial editorial reorganization * Substantial editorial reorganization
C.13. Since draft-ietf-quic-qpack-02 C.14. Since draft-ietf-quic-qpack-02
* Largest Reference encoded modulo MaxEntries (#1763) * Largest Reference encoded modulo MaxEntries (#1763)
* New Static Table (#1355) * New Static Table (#1355)
* Table Size Update with Insert Count=0 is a connection error * Table Size Update with Insert Count=0 is a connection error
(#1762) (#1762)
* Stream Cancellations are optional when * Stream Cancellations are optional when
SETTINGS_HEADER_TABLE_SIZE=0 (#1761) SETTINGS_HEADER_TABLE_SIZE=0 (#1761)
skipping to change at page 42, line 38 skipping to change at page 42, line 41
* Implementations must handle 62 bit integers (#1760) * Implementations must handle 62 bit integers (#1760)
* Different error types for each QPACK stream, other changes to * Different error types for each QPACK stream, other changes to
error handling (#1726) error handling (#1726)
* Preserve header field order (#1725) * Preserve header field order (#1725)
* Initial table size is the maximum permitted when table is first * Initial table size is the maximum permitted when table is first
usable (#1642) usable (#1642)
C.14. Since draft-ietf-quic-qpack-01 C.15. Since draft-ietf-quic-qpack-01
* Only header blocks that reference the dynamic table are * Only header blocks that reference the dynamic table are
acknowledged (#1603, #1605) acknowledged (#1603, #1605)
C.15. Since draft-ietf-quic-qpack-00 C.16. Since draft-ietf-quic-qpack-00
* Renumbered instructions for consistency (#1471, #1472) * Renumbered instructions for consistency (#1471, #1472)
* Decoder is allowed to validate largest reference (#1404, #1469) * Decoder is allowed to validate largest reference (#1404, #1469)
* Header block acknowledgments also acknowledge the associated * Header block acknowledgments also acknowledge the associated
largest reference (#1370, #1400) largest reference (#1370, #1400)
* Added an acknowledgment for unread streams (#1371, #1400) * Added an acknowledgment for unread streams (#1371, #1400)
* Removed framing from encoder stream (#1361,#1467) * Removed framing from encoder stream (#1361,#1467)
* Control streams use typed unidirectional streams rather than fixed * Control streams use typed unidirectional streams rather than fixed
stream IDs (#910,#1359) stream IDs (#910,#1359)
C.16. Since draft-ietf-quic-qcram-00 C.17. Since draft-ietf-quic-qcram-00
* Separate instruction sets for table updates and header blocks * Separate instruction sets for table updates and header blocks
(#1235, #1142, #1141) (#1235, #1142, #1141)
* Reworked indexing scheme (#1176, #1145, #1136, #1130, #1125, * Reworked indexing scheme (#1176, #1145, #1136, #1130, #1125,
#1314) #1314)
* Added mechanisms that support one-pass encoding (#1138, #1320) * Added mechanisms that support one-pass encoding (#1138, #1320)
* Added a setting to control the number of blocked decoders (#238, * Added a setting to control the number of blocked decoders (#238,
 End of changes. 97 change blocks. 
200 lines changed or deleted 210 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/