source: draft-ietf-httpbis/orig/rfc2145.xml @ 2496

<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<!DOCTYPE rfc [
  <!ENTITY MAY "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MAY</bcp14>">
  <!ENTITY MUST "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MUST</bcp14>">
  <!ENTITY MUST-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MUST NOT</bcp14>">
  <!ENTITY OPTIONAL "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>OPTIONAL</bcp14>">
  <!ENTITY RECOMMENDED "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>RECOMMENDED</bcp14>">
  <!ENTITY REQUIRED "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>REQUIRED</bcp14>">
  <!ENTITY SHALL "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHALL</bcp14>">
  <!ENTITY SHALL-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHALL NOT</bcp14>">
  <!ENTITY SHOULD "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHOULD</bcp14>">
  <!ENTITY SHOULD-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHOULD NOT</bcp14>">
]>
<?rfc toc="yes"?>
<?rfc symrefs="no"?>

<rfc number="2145" category="info"
     xmlns:x='http://purl.org/net/xml2rfc/ext'>

<x:assign-section-number number="5" builtin-target="authors"/>

<front>
<title abbrev="HTTP Version Numbers">Use and Interpretation of HTTP Version Numbers</title>

<author initials="J. C." surname="Mogul" fullname="Jeffrey C. Mogul">
  <organization abbrev="DEC">Western Research Laboratory</organization>
  <address>
    <postal>
      <street>Digital Equipment Corporation</street>
      <street>250 University Avenue</street>
      <city>Palo Alto</city>
      <region>California</region>
      <code>94305</code>
      <country>USA</country>
    </postal>
    <email>mogul@wrl.dec.com</email>
  </address>
</author>

<author initials="R. T." surname="Fielding" fullname="Roy T. Fielding">
  <organization abbrev="UC Irvine">Department of Information and Computer Science</organization>
  <address>
    <postal>
      <street>University of California</street>
      <city>Irvine</city>
      <region>CA</region>
      <code>92717-3425</code>
      <country>USA</country>
    </postal>
    <facsimile>+1 (714) 824-4056</facsimile>
    <email>fielding@ics.uci.edu</email>
  </address>
</author>

<author initials="J." surname="Gettys" fullname="Jim Gettys">
  <organization abbrev="DEC">MIT Laboratory for Computer Science</organization>
  <address>
    <postal>
      <street>545 Technology Square</street>
      <city>Cambridge</city>
      <region>MA</region>
      <code>02139</code>
      <country>USA</country>
    </postal>
    <facsimile>+1 (617) 258 8682</facsimile>
    <email>jg@w3.org</email>
  </address>
</author>

<author initials="H." surname="Frystyk" fullname="Henrik Frystyk Nielsen">
  <organization abbrev="MIT/LCS">W3 Consortium</organization>
  <address>
  <postal>
    <street>MIT Laboratory for Computer Science</street>
    <street>545 Technology Square</street>
    <city>Cambridge</city>
    <region>MA</region>
    <code>02139</code>
    <country>USA</country>
  </postal>
  <facsimile>+1 (617) 258 8682</facsimile>
  <email>frystyk@w3.org</email>
  </address>
</author>

<date month="May" year="1997"/>
<area>Applications</area>
<keyword>HTTP</keyword>
<keyword>hypertext transfer protocol</keyword>

<abstract>
<t>
   HTTP request and response messages include an HTTP protocol version
   number.  Some confusion exists concerning the proper use and
   interpretation of HTTP version numbers, and concerning
   interoperability of HTTP implementations of different protocol
   versions.  This document is an attempt to clarify the situation.  It
   is not a modification of the intended meaning of the existing
   HTTP/1.0 and HTTP/1.1 documents, but it does describe the intention
   of the authors of those documents, and can be considered definitive
   when there is any ambiguity in those documents concerning HTTP
   version numbers, for all versions of HTTP.
</t>
</abstract>

<note title="Editorial Note">
<t>
   Distribution of this document is unlimited.  Please send comments to
   the HTTP working group at &lt;http-wg@cuckoo.hpl.hp.com>.  Discussions
   of the working group are archived at
   &lt;URL:http://www.ics.uci.edu/pub/ietf/http/>.  General discussions
   about HTTP and the applications which use HTTP should take place on
   the &lt;www-talk@w3.org> mailing list.
</t>
</note>

</front>
<middle>
<section title="Introduction">
<t>
   HTTP request and response messages include an HTTP protocol version
   number.  According to section <xref target="RFC2068" x:fmt="number" x:sec="3.1"/> of the HTTP/1.1 specification <xref target="RFC2068"/>,
</t>
<x:blockquote cite="http://tools.ietf.org/html/rfc2068#section-3.1">
  <t>
      HTTP uses a &quot;&lt;major&gt;.&lt;minor&gt;&quot; numbering scheme to indicate
      versions of the protocol. The protocol versioning policy is
      intended to allow the sender to indicate the format of a message
      and its capacity for understanding further HTTP communication,
      rather than the features obtained via that communication.  No
      change is made to the version number for the addition of message
      components which do not affect communication behavior or which
      only add to extensible field values.  The &lt;minor&gt; number is
      incremented when the changes made to the protocol add features
      which do not change the general message parsing algorithm, but
      which may add to the message semantics and imply additional
      capabilities of the sender. The &lt;major&gt; number is incremented when
      the format of a message within the protocol is changed.
  </t>
</x:blockquote>
<t>
   The same language appears in the description of HTTP/1.0 <xref target="RFC1945"/>.
</t>
<t>
   Many readers of these documents have expressed some confusion about
   the intended meaning of this policy.  Also, some people who wrote
   HTTP implementations before RFC1945 <xref target="RFC1945"/> was issued were not aware of
   the intentions behind the introduction of version numbers in
   HTTP/1.0.  This has led to debate and inconsistency regarding the use
   and interpretation of HTTP version numbers, and has led to
   interoperability problems in certain cases.
</t>
<t>
   This document is an attempt to clarify the situation.  It is not a
   modification of the intended meaning of the existing HTTP/1.0 and
   HTTP/1.1 documents, but it does describe the intention of the authors
   of those documents.  In any case where either of those two documents
   is ambiguous regarding the use and interpretation of HTTP version
   numbers, this document should be considered the definitive as to the
   intentions of the designers of HTTP.
</t>
<t>
   The specification described in this document is not part of the
   specification of any individual version of HTTP, such as HTTP/1.0 or
   HTTP/1.1.  Rather, this document describes the use of HTTP version
   numbers in any version of HTTP (except for HTTP/0.9, which did not
   include version numbers).
</t>
<t>
   No vendor or other provider of an HTTP implementation should claim
   any compliance with any IETF HTTP specification unless the
   implementation conditionally complies with the rules in this
   document.
</t>
<section title="Robustness Principle">
<t>
   RFC791 <xref target="RFC0791"/> defines the &quot;robustness principle&quot; in section <xref target="RFC0791" x:sec="3.2" x:fmt="number"/>:
</t>
<x:blockquote cite="http://tools.ietf.org/html/rfc791#section-3.2">
  <t>
          an implementation must be conservative in its sending
       behavior, and liberal in its receiving behavior.
  </t>
</x:blockquote>
<t>
   This principle applies to HTTP, as well.  It is the fundamental basis
   for interpreting any part of the HTTP specification that might still
   be ambiguous.  In particular, implementations of HTTP &SHOULD-NOT;
   reject messages or generate errors unnecessarily.
</t>
</section>
</section>
<section title="HTTP version numbers">
<t>
   We start by restating the language quoted above from section <xref target="RFC2068" x:fmt="number" x:sec="3.1"/> of
   the HTTP/1.1 specification <xref target="RFC2068"/>:
<list>
<t>
      It is, and has always been, the explicit intent of the
      HTTP specification that the interpretation of an HTTP message
      header does not change between minor versions of the same major
      version.
</t>
<t>
      It is, and has always been, the explicit intent of the
      HTTP specification that an implementation receiving a message
      header that it does not understand &MUST; ignore that header.  (The
      word &quot;ignore&quot; has a special meaning for proxies; see section <xref target="proxy.behavior" format="counter"/>
      below.)
</t></list>
</t>
<t>
   To make this as clear as possible:  The major version sent in a
   message &MAY; indicate the interpretation of other header fields.  The
   minor version sent in a message &MUST-NOT; indicate the interpretation
   of other header fields.  This reflects the principle that the minor
   version labels the capability of the sender, not the interpretation
   of the message.
</t>
<x:note>
  <t>
      Note: In a future version of HTTP, we may introduce a mechanism
      that explicitly requires a receiving implementation to reject a
      message if it does not understand certain headers.  For example,
      this might be implemented by means of a header that lists a set of
      other message headers that must be understood by the recipient.
      Any implementation claiming at least conditional compliance with
      this future version of HTTP would have to implement this
      mechanism.  However, no implementation claiming compliance with a
      lower HTTP version (in particular, HTTP/1.1) will have to
      implement this mechanism.
  </t>
  <t>
      This future change may be required to support the Protocol
      Extension Protocol (PEP) <xref target="Kha"/>.
  </t>
</x:note>
<t>
   One consequence of these rules is that an HTTP/1.1 message sent to an
   HTTP/1.0 recipient (or a recipient whose version is unknown) &MUST; be
   constructed so that it remains a valid HTTP/1.0 message when all
   headers not defined in the HTTP/1.0 specification <xref target="RFC1945"/> are removed.
</t>
<section title="Proxy behavior" anchor="proxy.behavior">
<t>
   A proxy &MUST; forward an unknown header, unless it is protected by a
   Connection header.  A proxy implementing an HTTP version &gt;= 1.1 &MUST-NOT;
   forward unknown headers that are protected by a Connection
   header, as described in section <xref target="RFC2068" x:fmt="number" x:sec="14.10"/> of the HTTP/1.1 specification
   <xref target="RFC2068"/>.
</t>
<t>
   We remind the reader that that HTTP version numbers are hop-by-hop
   components of HTTP messages, and are not end-to-end.  That is, an
   HTTP proxy never &quot;forwards&quot; an HTTP version number in either a
   request or response.
</t>
</section>
<section title="Compatibility between minor versions of the same major version">
<t>
   An implementation of HTTP/x.b sending a message to a recipient whose
   version is known to be HTTP/x.a, a &lt; b, &MAY; send a header that is not
   defined in the specification for HTTP/x.a.  For example, an HTTP/1.1
   server may send a &quot;Cache-control&quot; header to an HTTP/1.0 client; this
   may be useful if the immediate recipient is an HTTP/1.0 proxy, but
   the ultimate recipient is an HTTP/1.1 client.
</t>
<t>
   An implementation of HTTP/x.b sending a message to a recipient whose
   version is known to be HTTP/x.a, a &lt; b, &MUST-NOT; depend on the
   recipient understanding a header not defined in the specification for
   HTTP/x.a.  For example, HTTP/1.0 clients cannot be expected to
   understand chunked encodings, and so an HTTP/1.1 server must never
   send &quot;Transfer-Encoding: chunked&quot; in response to an HTTP/1.0 request.
</t>
</section>
<section title="Which version number to send in a message">
<t>
   The most strenuous debate over the use of HTTP version numbers has
   centered on the problem of implementations that do not follow the
   robustness principle, and which fail to produce useful results when
   they receive a message with an HTTP minor version higher than the
   minor version they implement.  We consider these implementations
   buggy, but we recognize that the robustness principle also implies
   that message senders should make concessions to buggy implementations
   when this is truly necessary for interoperation.
</t>
<t>
   An HTTP client &SHOULD; send a request version equal to the highest
   version for which the client is at least conditionally compliant, and
   whose major version is no higher than the highest version supported
   by the server, if this is known.  An HTTP client &MUST-NOT; send a
   version for which it is not at least conditionally compliant.
</t>
<t>
   An HTTP client &MAY; send a lower request version, if it is known that
   the server incorrectly implements the HTTP specification, but only
   after the client has determined that the server is actually buggy.
</t>
<t>
   An HTTP server &SHOULD; send a response version equal to the highest
   version for which the server is at least conditionally compliant, and
   whose major version is less than or equal to the one received in the
   request.  An HTTP server &MUST-NOT; send a version for which it is not
   at least conditionally compliant.  A server &MAY; send a 505 (HTTP
   Version Not Supported) response if cannot send a response using the
   major version used in the client&apos;s request.
</t>
<t>
   An HTTP server &MAY; send a lower response version, if it is known or
   suspected that the client incorrectly implements the HTTP
   specification, but this should not be the default, and this &SHOULD;
   NOT be done if the request version is HTTP/1.1 or greater.
</t>
</section>
</section>
<section title="Security Considerations">
<t>
   None, except to the extent that security mechanisms introduced in one
   version of HTTP might depend on the proper interpretation of HTTP
   version numbers in older implementations.
</t>
</section>
</middle>
<back>

<references>

  <reference anchor='RFC1945'>
    <front>
      <title abbrev='HTTP/1.0'>Hypertext Transfer Protocol -- HTTP/1.0</title>
      <author initials='T.' surname='Berners-Lee' fullname='Tim Berners-Lee'>
        <organization>MIT, Laboratory for Computer Science</organization>
        <address><email>timbl@w3.org</email></address>
      </author>
      <author initials='R.T.' surname='Fielding' fullname='Roy T. Fielding'>
        <organization>University of California, Irvine, Department of Information and Computer Science</organization>
        <address><email>fielding@ics.uci.edu</email></address>
      </author>
      <author initials='H.F.' surname='Nielsen' fullname='Henrik Frystyk Nielsen'>
        <organization>W3 Consortium, MIT Laboratory for Computer Science</organization>
        <address><email>frystyk@w3.org</email></address>
      </author>
      <date year='1996' month='May' />
    </front>
    <seriesInfo name='RFC' value='1945' />
  </reference>

  <reference anchor="RFC2068">
    <front>
      <title abbrev="HTTP/1.1">Hypertext Transfer Protocol -- HTTP/1.1</title>
      <author initials="R." surname="Fielding" fullname="Roy T. Fielding">
        <organization>University of California, Irvine, Department of Information and Computer Science</organization>
        <address><email>fielding@ics.uci.edu</email></address>
      </author>
      <author initials="J." surname="Gettys" fullname="Jim Gettys">
        <organization>MIT Laboratory for Computer Science</organization>
        <address><email>jg@w3.org</email></address>
      </author>
      <author initials="J." surname="Mogul" fullname="Jeffrey C. Mogul">
        <organization>Digital Equipment Corporation, Western Research Laboratory</organization>
        <address><email>mogul@wrl.dec.com</email></address>
      </author>
      <author initials="H." surname="Nielsen" fullname="Henrik Frystyk Nielsen">
        <organization>MIT Laboratory for Computer Science</organization>
        <address><email>frystyk@w3.org</email></address>
      </author>
      <author initials="T." surname="Berners-Lee" fullname="Tim Berners-Lee">
        <organization>MIT Laboratory for Computer Science</organization>
        <address><email>timbl@w3.org</email></address>
      </author>
      <date month="January" year="1997"/>
    </front>
    <seriesInfo name="RFC" value="2068"/>
  </reference>
  
  <reference anchor="Kha">
    <front>
      <title>HTTP/1.2 Extension Protocol (PEP)</title>
      <author initials="R." surname="Khare" fullname="Rohit Khare">
        <organization>MIT Laboratory for Computer Science</organization>
      </author>
      <date/>
    </front>
    <annotation>HTTP Working Group, Work in Progress.</annotation>
  </reference>

  <reference anchor='RFC0791'>
    <front>
      <title abbrev='Internet Protocol'>Internet Protocol</title>
      <author initials='J.' surname='Postel' fullname='Jon Postel'>
        <organization>University of Southern California (USC)/Information Sciences Institute</organization>
      </author>
      <date year='1981' day='1' month='September' />
    </front>
<!--    <seriesInfo name='STD' value='5' />-->
    <seriesInfo name='RFC' value='791' />
  </reference>

</references>

</back>
</rfc>