draft-ietf-httpbis-client-hints-11.txt   draft-ietf-httpbis-client-hints-12.txt 
HTTP Working Group I. Grigorik HTTP Working Group I. Grigorik
Internet-Draft Y. Weiss Internet-Draft Y. Weiss
Intended status: Experimental Google Intended status: Experimental Google
Expires: September 12, 2020 March 11, 2020 Expires: September 12, 2020 March 11, 2020
HTTP Client Hints HTTP Client Hints
draft-ietf-httpbis-client-hints-11 draft-ietf-httpbis-client-hints-12
Abstract Abstract
HTTP defines proactive content negotiation to allow servers to select HTTP defines proactive content negotiation to allow servers to select
the appropriate response for a given request, based upon the user the appropriate response for a given request, based upon the user
agent's characteristics, as expressed in request headers. In agent's characteristics, as expressed in request headers. In
practice, clients are often unwilling to send those request headers, practice, clients are often unwilling to send those request headers,
because it is not clear whether they will be used, and sending them because it is not clear whether they will be used, and sending them
impacts both performance and privacy. impacts both performance and privacy.
skipping to change at page 2, line 38 skipping to change at page 2, line 38
3. Advertising Server Support . . . . . . . . . . . . . . . . . 5 3. Advertising Server Support . . . . . . . . . . . . . . . . . 5
3.1. The Accept-CH Response Header Field . . . . . . . . . . . 5 3.1. The Accept-CH Response Header Field . . . . . . . . . . . 5
3.2. Interaction with Caches . . . . . . . . . . . . . . . . . 6 3.2. Interaction with Caches . . . . . . . . . . . . . . . . . 6
4. Security Considerations . . . . . . . . . . . . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . 6
4.1. Information Exposure . . . . . . . . . . . . . . . . . . 6 4.1. Information Exposure . . . . . . . . . . . . . . . . . . 6
4.2. Deployment and Security Risks . . . . . . . . . . . . . . 8 4.2. Deployment and Security Risks . . . . . . . . . . . . . . 8
4.3. Abuse Detection . . . . . . . . . . . . . . . . . . . . . 8 4.3. Abuse Detection . . . . . . . . . . . . . . . . . . . . . 8
5. Cost of Sending Hints . . . . . . . . . . . . . . . . . . . . 8 5. Cost of Sending Hints . . . . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
6.1. Accept-CH . . . . . . . . . . . . . . . . . . . . . . . . 9 6.1. Accept-CH . . . . . . . . . . . . . . . . . . . . . . . . 9
7. Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
7.1. Since -00 . . . . . . . . . . . . . . . . . . . . . . . . 9 7.1. Normative References . . . . . . . . . . . . . . . . . . 9
7.2. Since -01 . . . . . . . . . . . . . . . . . . . . . . . . 9 7.2. Informative References . . . . . . . . . . . . . . . . . 10
7.3. Since -02 . . . . . . . . . . . . . . . . . . . . . . . . 9 7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 10
7.4. Since -03 . . . . . . . . . . . . . . . . . . . . . . . . 9 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 10
7.5. Since -04 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.1. Since -00 . . . . . . . . . . . . . . . . . . . . . . . . 10
7.6. Since -05 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.2. Since -01 . . . . . . . . . . . . . . . . . . . . . . . . 10
7.7. Since -06 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.3. Since -02 . . . . . . . . . . . . . . . . . . . . . . . . 10
7.8. Since -07 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.4. Since -03 . . . . . . . . . . . . . . . . . . . . . . . . 11
7.9. Since -08 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.5. Since -04 . . . . . . . . . . . . . . . . . . . . . . . . 11
7.10. Since -09 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.6. Since -05 . . . . . . . . . . . . . . . . . . . . . . . . 11
7.11. Since -10 . . . . . . . . . . . . . . . . . . . . . . . . 10 A.7. Since -06 . . . . . . . . . . . . . . . . . . . . . . . . 11
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 10 A.8. Since -07 . . . . . . . . . . . . . . . . . . . . . . . . 11
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 A.9. Since -08 . . . . . . . . . . . . . . . . . . . . . . . . 11
9.1. Normative References . . . . . . . . . . . . . . . . . . 11 A.10. Since -09 . . . . . . . . . . . . . . . . . . . . . . . . 11
9.2. Informative References . . . . . . . . . . . . . . . . . 11 A.11. Since -10 . . . . . . . . . . . . . . . . . . . . . . . . 11
9.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 12 A.12. Since -11 . . . . . . . . . . . . . . . . . . . . . . . . 12
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
There are thousands of different devices accessing the web, each with There are thousands of different devices accessing the web, each with
different device capabilities and preference information. These different device capabilities and preference information. These
device capabilities include hardware and software characteristics, as device capabilities include hardware and software characteristics, as
well as dynamic user and client preferences. Historically, well as dynamic user and client preferences. Historically,
applications that wanted to allow the server to optimize content applications that wanted to allow the server to optimize content
delivery and user experience based on such capabilities had to rely delivery and user experience based on such capabilities had to rely
skipping to change at page 9, line 24 skipping to change at page 9, line 24
6.1. Accept-CH 6.1. Accept-CH
o Header field name: Accept-CH o Header field name: Accept-CH
o Applicable protocol: HTTP o Applicable protocol: HTTP
o Status: standard o Status: standard
o Author/Change controller: IETF o Author/Change controller: IETF
o Specification document(s): Section 3.1 of this document o Specification document(s): Section 3.1 of this document
o Related information: for Client Hints o Related information: for Client Hints
7. Changes 7. References
7.1. Since -00 7.1. Normative References
[FETCH] van Kesteren, A., "Fetch", n.d.,
<https://fetch.spec.whatwg.org/>.
[I-D.ietf-httpbis-header-structure]
Nottingham, M. and P. Kamp, "Structured Field Values for
HTTP", draft-ietf-httpbis-header-structure-16 (work in
progress), March 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234,
DOI 10.17487/RFC5234, January 2008,
<https://www.rfc-editor.org/info/rfc5234>.
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
DOI 10.17487/RFC7231, June 2014,
<https://www.rfc-editor.org/info/rfc7231>.
[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
RFC 7234, DOI 10.17487/RFC7234, June 2014,
<https://www.rfc-editor.org/info/rfc7234>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
7.2. Informative References
[RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265,
DOI 10.17487/RFC6265, April 2011,
<https://www.rfc-editor.org/info/rfc6265>.
[UA-CH] West, M. and Y. Weiss, "User Agent Client Hints", n.d.,
<https://wicg.github.io/ua-client-hints/>.
7.3. URIs
[1] https://lists.w3.org/Archives/Public/ietf-http-wg/
[2] http://httpwg.github.io/
[3] https://github.com/httpwg/http-extensions/labels/client-hints
Appendix A. Changes
A.1. Since -00
o Issue 168 (make Save-Data extensible) updated ABNF. o Issue 168 (make Save-Data extensible) updated ABNF.
o Issue 163 (CH review feedback) editorial feedback from httpwg o Issue 163 (CH review feedback) editorial feedback from httpwg
list. list.
o Issue 153 (NetInfo API citation) added normative reference. o Issue 153 (NetInfo API citation) added normative reference.
7.2. Since -01 A.2. Since -01
o Issue 200: Moved Key reference to informative. o Issue 200: Moved Key reference to informative.
o Issue 215: Extended passive fingerprinting and mitigation o Issue 215: Extended passive fingerprinting and mitigation
considerations. considerations.
o Changed document status to experimental. o Changed document status to experimental.
7.3. Since -02 A.3. Since -02
o Issue 239: Updated reference to CR-css-values-3 o Issue 239: Updated reference to CR-css-values-3
o Issue 240: Updated reference for Network Information API o Issue 240: Updated reference for Network Information API
o Issue 241: Consistency in IANA considerations o Issue 241: Consistency in IANA considerations
o Issue 250: Clarified Accept-CH o Issue 250: Clarified Accept-CH
7.4. Since -03 A.4. Since -03
o Issue 284: Extended guidance for Accept-CH o Issue 284: Extended guidance for Accept-CH
o Issue 308: Editorial cleanup o Issue 308: Editorial cleanup
o Issue 306: Define Accept-CH-Lifetime o Issue 306: Define Accept-CH-Lifetime
7.5. Since -04 A.5. Since -04
o Issue 361: Removed Downlink o Issue 361: Removed Downlink
o Issue 361: Moved Key to appendix, plus other editorial feedback o Issue 361: Moved Key to appendix, plus other editorial feedback
7.6. Since -05 A.6. Since -05
o Issue 372: Scoped CH opt-in and delivery to secure transports o Issue 372: Scoped CH opt-in and delivery to secure transports
o Issue 373: Bind CH opt-in to origin o Issue 373: Bind CH opt-in to origin
7.7. Since -06 A.7. Since -06
o Issue 524: Save-Data is now defined by NetInfo spec, dropping o Issue 524: Save-Data is now defined by NetInfo spec, dropping
o PR 775: Removed specific features to be defined in other o PR 775: Removed specific features to be defined in other
specifications specifications
7.8. Since -07 A.8. Since -07
o Issue 761: Clarified that the defined headers are response o Issue 761: Clarified that the defined headers are response
headers. headers.
o Issue 730: Replaced Key reference with Variants. o Issue 730: Replaced Key reference with Variants.
o Issue 700: Replaced ABNF with structured headers. o Issue 700: Replaced ABNF with structured headers.
o PR 878: Removed Accept-CH-Lifetime based on feedback at IETF 105 o PR 878: Removed Accept-CH-Lifetime based on feedback at IETF 105
7.9. Since -08 A.9. Since -08
o PR 985: Describe the bytesize cost of hints. o PR 985: Describe the bytesize cost of hints.
o PR 776: Add Sec- and CH- prefix considerations. o PR 776: Add Sec- and CH- prefix considerations.
o PR 1001: Clear CH persistence when cookies are cleared. o PR 1001: Clear CH persistence when cookies are cleared.
7.10. Since -09 A.10. Since -09
o PR 1064: Fix merge issues with "cost of sending hints". o PR 1064: Fix merge issues with "cost of sending hints".
7.11. Since -10 A.11. Since -10
o PR 1072: LC feedback from Julian Reschke. o PR 1072: LC feedback from Julian Reschke.
o PR 1080: Improve list style. o PR 1080: Improve list style.
o PR 1082: Remove section mentioning Variants. o PR 1082: Remove section mentioning Variants.
o PR 1097: Editorial feedback from mnot. o PR 1097: Editorial feedback from mnot.
o PR 1131: Remove unused references. o PR 1131: Remove unused references.
o PR 1132: Remove nested list. o PR 1132: Remove nested list.
A.12. Since -11
o PR 1134: Re-insert back section.
Acknowledgements Acknowledgements
Thanks to Mark Nottingham, Julian Reschke, Chris Bentzel, Ben Thanks to Mark Nottingham, Julian Reschke, Chris Bentzel, Ben
Greenstein, Tarun Bansal, Roy Fielding, Vasiliy Faronov, Ted Hardie, Greenstein, Tarun Bansal, Roy Fielding, Vasiliy Faronov, Ted Hardie,
Jonas Sicking, Martin Thomson, and numerous other members of the IETF Jonas Sicking, Martin Thomson, and numerous other members of the IETF
HTTP Working Group for invaluable help and feedback. HTTP Working Group for invaluable help and feedback.
9. References
9.1. Normative References
[FETCH] van Kesteren, A., "Fetch", n.d.,
<https://fetch.spec.whatwg.org/>.
[I-D.ietf-httpbis-header-structure]
Nottingham, M. and P. Kamp, "Structured Field Values for
HTTP", draft-ietf-httpbis-header-structure-16 (work in
progress), March 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234,
DOI 10.17487/RFC5234, January 2008,
<https://www.rfc-editor.org/info/rfc5234>.
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
DOI 10.17487/RFC7231, June 2014,
<https://www.rfc-editor.org/info/rfc7231>.
[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
RFC 7234, DOI 10.17487/RFC7234, June 2014,
<https://www.rfc-editor.org/info/rfc7234>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
9.2. Informative References
[RFC6265] Barth, A., "HTTP State Management Mechanism", RFC 6265,
DOI 10.17487/RFC6265, April 2011,
<https://www.rfc-editor.org/info/rfc6265>.
[UA-CH] West, M. and Y. Weiss, "User Agent Client Hints", n.d.,
<https://wicg.github.io/ua-client-hints/>.
9.3. URIs
[1] https://lists.w3.org/Archives/Public/ietf-http-wg/
[2] http://httpwg.github.io/
[3] https://github.com/httpwg/http-extensions/labels/client-hints
Authors' Addresses Authors' Addresses
Ilya Grigorik Ilya Grigorik
Google Google
Email: ilya@igvita.com Email: ilya@igvita.com
URI: https://www.igvita.com/ URI: https://www.igvita.com/
Yoav Weiss Yoav Weiss
Google Google
 End of changes. 16 change blocks. 
83 lines changed or deleted 88 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/