Draft OODA-HTTP — Behavioral Extension to HTTP (with TLS Runtime Coordination)

Hello HTTP WG,

I'd like to propose OODA‑HTTP as a candidate for new work.

OODA‑HTTP is a behavioral extension to HTTP/HTTPS and HTTP/3, adding 
dynamic runtime decisions communicated via the X‑OODA‑Action header, 
coordinated with TLS context (quantum resistance, key rotation, etc.).

Key points:
- Problem: current HTTP/TLS lacks mechanisms for real‑time adaptive 
defense.
- Motivation: bot mitigation, behavioral anomaly response, TLS adaptive 
policies.
- Deliverables: HTTP spec extensions + integration guidance with TLS 
environment.
- Interest already received from experts (Rich Salz, Eric Rescorla).
- OODA‑HTTP draft is available: 
https://datatracker.ietf.org/doc/draft-secroot-ooda-http/

Could this be considered for the HTTP WG agenda or alternatively routed 
via Dispatch?

Thanks in advance,
Rachid Bouziane
Founder — SecRoot.io
contact@secroot.io
https://secroot.io/ooda-http.html

Received on Friday, 18 July 2025 14:46:51 UTC