| Internet-Draft | WebTransport-WS | January 2024 |
| Richter | Expires 6 July 2024 | [Page] |
WebTransport [OVERVIEW], a protocol framework within the Web security model, empowers Web clients to initiate secure multiplexed transport for low-level client-server interactions with remote servers. This document outlines a protocol, based on WebSocket [WEBSOCKET], offering WebTransport capabilities similar to the HTTP/2 variant [WEBTRANSPORT-H2]. It serves as an alternative when UDP-based protocols are inaccessible, and the client environment exclusively supports WebSocket [WEBSOCKET].¶
This note is to be removed before publishing as an RFC.¶
Source for this draft and an issue tracker can be found at https://github.com/martenrichter/draft-ietf-webtransport-websocket.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 6 July 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
WebTransport [OVERVIEW] is designed to facilitate communication for Web clients over HTTP/3 [HTTP3], leveraging QUIC [QUIC] semantics with streams or datagrams [DATAGRAM]. In cases where UDP-based traffic is restricted, HTTP/2 protocol [WEBTRANSPORT-H2] serves as an alternative built solely on HTTP semantics.¶
Both [WEBTRANSPORT-H2] and [WEBTRANSPORT-H3] variants require a native WebClient implementation due to the usual unavailability of plain UDP and TCP/IP socket access for scripts within WebClients¶
This document defines a protocol implementable on the WebClient using available scripting languages, without altering the WebClient's native code. It uses the widespread WebSocket protocol as the base without modification. However, a direct implementation in a WebClient is possible.¶
The protocol utilizes capsule semantics derived from [WEBTRANSPORT-H2] and translates them into WebSocket frames. By relying on WebSockets, also intermediates such as proxies unaware of WebTransports can apply application layer processing.¶
An implementation should support both WebSocket over http/1 and http/2. The server should incorporate WebTransport flow control constraints and capsule processing into its WebSocket parser code. Therefore, using unmodified existing WebSocket code is not recommended.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The document follows the terminology defined in Section 1.2 of [OVERVIEW].¶
WebTransport servers are identified by an HTTPS URI per Section 4.2.2 of [HTTP].¶
The protocol uses [WEBTRANSPORT-H2] semantics with the following modifications.¶
The WebSocket connection is established according to Section 4 of [WEBSOCKET] or [WEBSOCKET-H2].¶
When a WebSocket connection is established, both the client and server select the WebTransport-Websocket protocol by setting |Sec-WebSocket-Protocol| Section 1.9 of [WEBSOCKET] to the supported versions. The protocol names follow the scheme "webtransport_VERSIONAME", where VERSIONNAME identifies the particular protocol version. For this protocol VERSIONAME would be "kDraft1" and the |Sec-WebSocket-Protocol| field would include "webtransport_kDraft1". The protocol negotiation follows the procedures as described in Section 4.1 of [WEBSOCKET] and Section 4.2.2 of [WEBSOCKET]. No protocol extensions MUST BE negotiated.¶
The protocol uses the data frames as defined in Section 5 of [WEBSOCKET]. PING and PONG frame handling is not changed Section 5.5 of [WEBSOCKET].¶
The CLOSE frame Section 5.5.1 of [WEBSOCKET] replaces the mechanism invoked after CONNECT stream closure in Section 2 of [WEBTRANSPORT-H2]. The body MUST include a UTF-8 encoded reason string when transmitted by a protocol-aware client or server. The reason string has the form "CODE:REASONSTRING", where CODE is a text representation of an unsigned 32-bit decimal integer in the range of between 0x00000000 and 0xffffffff Section 4.3 of [WEBTRANSPORT-H3]. REASONSTRING is the actual reason transmitted through WebTransport. A close FRAME without a reason may be sent by protocol-unaware WebClients or proxies. In such instances, the CODE and REASONSTRING are reconstructed using the WebSocket Close Code Number as specified in the WebSocketCloseCode Registry outlined in Section 11.7 of [WEBSOCKET].¶
Data Frames containing Text are reserved for future use and MUST NOT be sent. Binary Data Frames transport CAPSULE content defined in [WEBTRANSPORT-H2] and [DATAGRAM]. For details, refer to the next section Section 3.3. Their length is limited by WebTransport flow control, and a violation SHOULD lead to connection termination. CONTINUATION frames are processed per [WEBSOCKET] specifications. Given the streaming nature of the content, partial DATA frames or CONTINUATION frames should be promptly forwarded to corresponding streams reducing latency.¶
This protocol adopts the mechanisms and intrinsic elements outlined in [WEBTRANSPORT-H2], which itself is constructed upon the CAPSULE protocol originating from [DATAGRAM].¶
A CAPSULE has the form in [DATAGRAM]:¶
Capsule {
Capsule Type (i),
Capsule Length (i),
Capsule Value (..),
}
¶
where Capsule Type and Length are variable-length integers. The Capsule Value represents the payload of the capsule, and its semantics are determined by the payload type¶
In the context of WebTransport over WebSockets, CAPSULEs are substituted by binary DATA FRAMES of WebSockets, following the format:¶
WebSocketDataFrameCapsule {
FrameHeader (..),
PayloadData (..)
}
¶
FrameHeader contains the first two bytes of the FRAME, and if present the extended payload length and masking key as defined in Section 5.2 of [WEBSOCKET]. PayloadData is defined as:¶
PayloadData {
Capsule Type (i),
Capsule Value (..)
}
¶
with the variable length integer Capsule Type and Capsule Value as in the CAPSULE protocol.¶
Capsule length can be calculated from the Payload Length as set in Section 5.2 of [WEBSOCKET]:¶
Capsule Length = Payload Length - sizeof(Capsule Type),¶
as no Extension Data is allowed.¶
Section 3.1 of [WEBTRANSPORT-H2] requires sending an SETTINGS_WEBTRANSPORT_MAX_SESSIONS settings parameter. This is not required here, as the protocol type is negotiated using the subprotocol mechanism of WebSockets and SETTINGS_WEBTRANSPORT_MAX_SESSIONS equal to 1 is assumed per WebSocket connection(HTTP1)/stream(HTTP2). Subsections of Section 3.4 of [WEBTRANSPORT-H2] require sending initial SETTINGS for flow control. As SETTINGS are not accessible for the WebSocket protocol using the existing WebSocket interfaces, a replacement is required.¶
Therefore client and server MUST send the initial flow control values using CAPSULES immediately before ANY other capsules such as WT_STREAM or DATAGRAM capsules have been sent.¶
The protocol is implemented in a node.js package.¶
The security considerations of Section 10 of [WEBSOCKET] also apply here. The last paragraph of Section 8 of [WEBTRANSPORT-H2] is equally applicable to this protocol.¶
All possible subprotocol names following the format "webtransport_VERSION," where VERSION is an alphanumeric string denoting the subprotocol version of this protocol, are added to the registry as domains for this protocol and its successors.¶
This specification establishes a new IANA registry for WebTransort Protocol Version names, intended for use with the WebSocket WebTransport Protocol, in alignment with the principles outlined in [RFC5226].¶
As part of this registry, IANA manages the following information (similar to [WEBSOCKET] versions):¶
Version String The version string name as part of the subprotocol defined in Section 6.1 and Section 3.1. The value must only include alphanumeric characters.¶
Reference The RFC requesting a new version number or a draft name with version number (see below).¶
Status Either "Interim" or "Standard". See below for a description.¶
A version string can be either "Interim" or "Standard".¶
A "Standard" version string is part of an RFC and identifies a major, stable version of the WebTransport-WebSocket protocol. The "IETF Review" IANA registration policy [RFC5226] applies to "Standard" version string.¶
An Internet-Draft documents an "Interim" version string. Internet-Drafts helps implementors to identify and interoperate with the WebTransport-WebSocket protocol, as this current draft. The "Expert Review" IANA registration policy [RFC5226] applies to the "Interim" version names. The initial Designated Experts need to be determined.¶
Parts of the text were rephrased using ChatGPT. Portions of this document are based upon a modification of text parts from the underlying standards.¶