Protocol Action: 'HTTP Alternative Services' to Proposed Standard (draft-ietf-httpbis-alt-svc-13.txt) from The IESG on 2016-03-08 (ietf-http-wg@w3.org from January to March 2016)

From: The IESG <iesg-secretary@ietf.org>
Date: Tue, 08 Mar 2016 05:58:52 -0800
To: "IETF-Announce" <ietf-announce@ietf.org>
Cc: httpbis-chairs@ietf.org, michael.bishop@microsoft.com, draft-ietf-httpbis-alt-svc@ietf.org, "Mike Bishop" <michael.bishop@microsoft.com>, ietf-http-wg@w3.org, barryleiba@gmail.com, "The IESG" <iesg@ietf.org>, rfc-editor@rfc-editor.org
Message-ID: <20160308135852.3645.86995.idtracker@ietfa.amsl.com>

The IESG has approved the following document:
- 'HTTP Alternative Services'
  (draft-ietf-httpbis-alt-svc-13.txt) as Proposed Standard

This document is the product of the Hypertext Transfer Protocol Working
Group.

The IESG contact persons are Ben Campbell, Barry Leiba and Alissa Cooper.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-alt-svc/




Technical Summary

This document specifies a method to provide clients authoritative access 
to HTTP origins at a different network location and/or using a different 
protocol stack.   The requested publication type is Proposed Standard. 

Review and Consensus 

The document started as an individual draft which provided a potential 
solution to several related problems in the HTTP space, helping clients 
become aware of multiple network or protocol endpoints for an origin 
that could serve the same content in different ways. It drew inspiration 
from an existing proprietary solution, Alternate-Protocol, used by 
Chromium during SPDY development. 

During the HTTP/2 standardization process, the Alt-Svc document was 
discussed and worked on in parallel; HTTP/2-specific pieces were 
originally added to the HTTP/2 specification at the time of adoption, 
but were moved into this document after HTTP/2's extension story was 
agreed upon. 

Technical discussions involved a broad section of the working group, 
with the most focus from a few client and proxy implementers. There has 
been some back and forth about the right balance between utility and 
security, but the document now reflects general consensus. This is 
reflected by a thoroughly-discussed Security Considerations section, 
which covers ways in which Alt-Svc could be used to track clients or 
persist attacks, and gives guidance to implementations on ways to 
minimize the potential impacts.

Personnel

Mike Bishop is the document shepherd; Barry Leiba is the responsible 
Area Director.

Received on Tuesday, 8 March 2016 13:59:20 UTC