Changeset 2726 for draft-ietf-httpbis-http2/00

Timestamp:

14/06/14 11:20:37 (9 years ago)

Author:

julian.reschke@…

Message:

update to latest version of rfc2629.xslt, regen all HTML

File:

• draft-ietf-httpbis-http2/00/draft-ietf-httpbis-http2.html (modified) (46 diffs)

draft-ietf-httpbis-http2/00/draft-ietf-httpbis-http2.html

@@ -2 +2 @@
   PUBLIC "-//W3C//DTD HTML 4.01//EN">
 <html lang="en">
-   <head profile="http://www.w3.org/2006/03/hcard http://dublincore.org/documents/2008/08/04/dc-html/">
+   <head profile="http://dublincore.org/documents/2008/08/04/dc-html/">
       <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
       <title>SPDY Protocol</title><script>
 var buttonsAdded = false;
 
-function init() {
+function initFeedback() {
   var fb = document.createElement("div");
   fb.className = "feedback noprint";
@@ -22 +22 @@
   toggleButtonsToElementsByName("h3");
   toggleButtonsToElementsByName("h4");
-  
+
   buttonsAdded = !buttonsAdded;
 }
@@ -35 +35 @@
 function toggleButton(node) {
   if (! buttonsAdded) {
-  
+
     // docname
     var template = "mailto:ietf-http-wg@w3.org?subject={docname},%20%22{section}%22&body=<{ref}>:";
@@ -58 +58 @@
       ref += "#" + id;
     }
-    
+
     // docname
     var docname = "draft-ietf-httpbis-http2-00";
@@ -65 +65 @@
     var section = node.textContent;
     section = section.replace("\u00a0", " ");
-    
+
     // build URI from template
     var uri = template.replace("{docname}", encodeURIComponent(docname));
     uri = uri.replace("{section}", encodeURIComponent(section));
     uri = uri.replace("{ref}", encodeURIComponent(ref));
-  
+
     var button = document.createElement("a");
     button.className = "fbbutton noprint";
@@ -106 +106 @@
 body {
   color: black;
-  font-family: verdana, helvetica, arial, sans-serif;
-  font-size: 10pt;
+  font-family: cambria, helvetica, arial, sans-serif;
+  font-size: 11pt;
   margin-right: 2em;
 }
@@ -129 +129 @@
 }
 h1 {
-  font-size: 14pt;
+  font-size: 130%;
   line-height: 21pt;
   page-break-after: avoid;
@@ -136 +136 @@
   page-break-before: always;
 }
-h1 a {
-  color: #333333;
-}
 h2 {
-  font-size: 12pt;
+  font-size: 120%;
   line-height: 15pt;
   page-break-after: avoid;
 }
-h3, h4, h5, h6 {
-  font-size: 10pt;
+h3 {
+  font-size: 110%;
   page-break-after: avoid;
 }
-h2 a, h3 a, h4 a, h5 a, h6 a {
+h4, h5, h6 {
+  page-break-after: avoid;
+}
+h1 a, h2 a, h3 a, h4 a, h5 a, h6 a {
   color: black;
 }
@@ -178 +178 @@
   page-break-inside: avoid;
 }
-pre.ccmarker {
-  background-color: white;
-  color: gray;
-}
-pre.ccmarker > span {
-  font-size: small;
-}
-pre.cct {
-  margin-bottom: -1em;
-}
-pre.ccb {
-  margin-top: -1em;
-}
 pre.text2 {
   border-style: dotted;
@@ -219 +206 @@
   border-spacing: 1px;
   width: 95%;
-  font-size: 10pt;
+  font-size: 11pt;
   color: white;
 }
@@ -227 +214 @@
 td.topnowrap {
   vertical-align: top;
-  white-space: nowrap; 
+  white-space: nowrap;
 }
 table.header td {
@@ -249 +236 @@
   line-height: 150%;
   font-weight: bold;
-  font-size: 10pt;
   margin-left: 0em;
 }
@@ -255 +241 @@
   line-height: normal;
   font-weight: normal;
-  font-size: 9pt;
+  font-size: 10pt;
   margin-left: 0em;
 }
@@ -263 +249 @@
 ul p {
   margin-left: 0em;
+}
+.title, .filename, h1, h2, h3, h4 {
+  font-family: candara, helvetica, arial, sans-serif;
+}
+samp, tt, code, pre {
+  font: consolas, monospace;
 }
 ul.ind, ul.ind ul {
@@ -298 +290 @@
   font-weight: bold;
   text-align: center;
-  font-size: 9pt;
+  font-size: 10pt;
 }
 .filename {
   color: #333333;
+  font-size: 75%;
   font-weight: bold;
-  font-size: 12pt;
   line-height: 21pt;
   text-align: center;
@@ -310 +302 @@
   font-weight: bold;
 }
-.hidden {
-  display: none;
-}
 .left {
   text-align: left;
@@ -320 +309 @@
 }
 .title {
-  color: #990000;
-  font-size: 18pt;
+  color: green;
+  font-size: 150%;
   line-height: 18pt;
   font-weight: bold;
@@ -327 +316 @@
   margin-top: 36pt;
 }
-.vcardline {
-  display: block;
-}
 .warning {
-  font-size: 14pt;
+  font-size: 130%;
   background-color: yellow;
 }
@@ -359 +345 @@
     display: none;
   }
-  
+
   a {
     color: black;
@@ -374 +360 @@
     background-color: white;
     vertical-align: top;
-    font-size: 12pt;
+    font-size: 110%;
   }
 
@@ -380 +366 @@
     content: leader('.') target-counter(attr(href), page);
   }
-  
+
   ul.ind li li a {
     content: target-counter(attr(href), page);
   }
-  
+
   .print2col {
     column-count: 2;
@@ -394 +380 @@
 @page {
   @top-left {
-       content: "Internet-Draft"; 
-  } 
+       content: "Internet-Draft";
+  }
   @top-right {
-       content: "November 2012"; 
-  } 
+       content: "November 2012";
+  }
   @top-center {
-       content: "SPDY"; 
-  } 
+       content: "SPDY";
+  }
   @bottom-left {
-       content: "Belshe, et al."; 
-  } 
+       content: "Belshe, et al.";
+  }
   @bottom-center {
-       content: "Expires June 1, 2013"; 
-  } 
+       content: "Expires June 1, 2013";
+  }
   @bottom-right {
-       content: "[Page " counter(page) "]"; 
-  } 
-}
-
-@page:first { 
+       content: "[Page " counter(page) "]";
+  }
+}
+
+@page:first {
     @top-left {
       content: normal;
@@ -439 +425 @@
       <link rel="Chapter" href="#rfc.section.10" title="10 Normative References">
       <link rel="Appendix" title="A Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.A">
-      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.588, 2012-08-25 12:28:24, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
+      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.640, 2014/06/13 12:42:58, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
       <meta name="keywords" content="HTTP">
       <link rel="schema.dct" href="http://purl.org/dc/terms/">
@@ -451 +437 @@
       <meta name="description" content="This document describes SPDY, a protocol designed for low-latency transport of content over the World Wide Web. SPDY introduces two layers of protocol. The lower layer is a general purpose framing layer which can be used atop a reliable transport (likely TCP) for multiplexed, prioritized, and compressed data communication of many concurrent streams. The upper layer of the protocol provides HTTP-like RFC2616 semantics for compatibility with existing HTTP application servers.">
    </head>
-   <body onload="init();">
+   <body onload="initFeedback();">
       <table class="header">
          <tbody>
@@ -493 +479 @@
       </table>
       <p class="title">SPDY Protocol<br><span class="filename">draft-ietf-httpbis-http2-00</span></p>
-      <h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1> 
+      <h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1>
       <p>This document describes SPDY, a protocol designed for low-latency transport of content over the World Wide Web. SPDY introduces
          two layers of protocol. The lower layer is a general purpose framing layer which can be used atop a reliable transport (likely
          TCP) for multiplexed, prioritized, and compressed data communication of many concurrent streams. The upper layer of the protocol
          provides HTTP-like <a href="#RFC2616">RFC2616</a> <cite title="Hypertext Transfer Protocol -- HTTP/1.1" id="rfc.xref.RFC2616.1">[RFC2616]</cite> semantics for compatibility with existing HTTP application servers.
-      </p> 
-      <h1 id="rfc.note.1"><a href="#rfc.note.1">Editorial Note (To be removed by RFC Editor)</a></h1> 
-      <p>This draft is a work-in-progress, and does not yet reflect Working Group consensus.</p>  
+      </p>
+      <h1 id="rfc.note.1"><a href="#rfc.note.1">Editorial Note (To be removed by RFC Editor)</a></h1>
+      <p>This draft is a work-in-progress, and does not yet reflect Working Group consensus.</p>
       <p>This first draft uses the SPDY Protocol as a starting point, as per the Working Group's charter. Future drafts will add, remove
          and change text, based upon the Working Group's decisions.
-      </p>  
+      </p>
       <p>Discussion of this draft takes place on the HTTPBIS working group mailing list (ietf-http-wg@w3.org), which is archived at &lt;<a href="http://lists.w3.org/Archives/Public/ietf-http-wg/">http://lists.w3.org/Archives/Public/ietf-http-wg/</a>&gt;.
-      </p>  
+      </p>
       <p>The current issues list is at &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/report/21">http://tools.ietf.org/wg/httpbis/trac/report/21</a>&gt; and related documents (including fancy diffs) can be found at &lt;<a href="http://tools.ietf.org/wg/httpbis/">http://tools.ietf.org/wg/httpbis/</a>&gt;.
-      </p>  
+      </p>
       <p>The changes in this draft are summarized in <a href="#changes.since.draft-mbelshe-httpbis-spdy-00" title="Since draft-mbelshe-httpbis-spdy-00">Appendix&nbsp;A.1</a>.
-      </p> 
-      <h1><a id="rfc.status" href="#rfc.status">Status of This Memo</a></h1>
-      <p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
-      <p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
-         working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
       </p>
-      <p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
-         documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
-         in progress”.
-      </p>
-      <p>This Internet-Draft will expire on June 1, 2013.</p>
-      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
-      <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
-      <p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
-         and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
-         text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
-         BSD License.
-      </p>
+      <div id="rfc.status">
+         <h1><a href="#rfc.status">Status of This Memo</a></h1>
+         <p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
+         <p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
+            working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
+         </p>
+         <p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
+            documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
+            in progress”.
+         </p>
+         <p>This Internet-Draft will expire on June 1, 2013.</p>
+      </div>
+      <div id="rfc.copyrightnotice">
+         <h1><a href="#rfc.copyrightnotice">Copyright Notice</a></h1>
+         <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
+         <p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
+            and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
+            text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
+            BSD License.
+         </p>
+      </div>
       <hr class="noprint">
       <h1 class="np" id="rfc.toc"><a href="#rfc.toc">Table of Contents</a></h1>
@@ -544 +534 @@
                <li><a href="#rfc.section.2.3">2.3</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.2.3">Streams</a><ul>
                      <li><a href="#rfc.section.2.3.1">2.3.1</a>&nbsp;&nbsp;&nbsp;<a href="#StreamFrames">Stream frames</a></li>
-                     <li><a href="#rfc.section.2.3.2">2.3.2</a>&nbsp;&nbsp;&nbsp;<a href="#StreamCreation">Stream creation</a><ul>
-                           <li><a href="#rfc.section.2.3.2.1">2.3.2.1</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.2.3.2.1">Unidirectional streams</a></li>
-                           <li><a href="#rfc.section.2.3.2.2">2.3.2.2</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.2.3.2.2">Bidirectional streams</a></li>
-                        </ul>
-                     </li>
+                     <li><a href="#rfc.section.2.3.2">2.3.2</a>&nbsp;&nbsp;&nbsp;<a href="#StreamCreation">Stream creation</a></li>
                      <li><a href="#rfc.section.2.3.3">2.3.3</a>&nbsp;&nbsp;&nbsp;<a href="#StreamPriority">Stream priority</a></li>
                      <li><a href="#rfc.section.2.3.4">2.3.4</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.2.3.4">Stream headers</a></li>
@@ -572 +558 @@
                      <li><a href="#rfc.section.2.6.8">2.6.8</a>&nbsp;&nbsp;&nbsp;<a href="#WINDOW_UPDATE">WINDOW_UPDATE</a></li>
                      <li><a href="#rfc.section.2.6.9">2.6.9</a>&nbsp;&nbsp;&nbsp;<a href="#CREDENTIAL">CREDENTIAL</a></li>
-                     <li><a href="#rfc.section.2.6.10">2.6.10</a>&nbsp;&nbsp;&nbsp;<a href="#HeaderBlock">Name/Value Header Block</a><ul>
-                           <li><a href="#rfc.section.2.6.10.1">2.6.10.1</a>&nbsp;&nbsp;&nbsp;<a href="#Compression">Compression</a></li>
-                        </ul>
-                     </li>
+                     <li><a href="#rfc.section.2.6.10">2.6.10</a>&nbsp;&nbsp;&nbsp;<a href="#HeaderBlock">Name/Value Header Block</a></li>
                   </ul>
                </li>
@@ -588 +571 @@
                      <li><a href="#rfc.section.3.2.1">3.2.1</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.3.2.1">Request</a></li>
                      <li><a href="#rfc.section.3.2.2">3.2.2</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.3.2.2">Response</a></li>
-                     <li><a href="#rfc.section.3.2.3">3.2.3</a>&nbsp;&nbsp;&nbsp;<a href="#Authentication">Authentication</a><ul>
-                           <li><a href="#rfc.section.3.2.3.1">3.2.3.1</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.3.2.3.1">Stateless Authentication</a></li>
-                           <li><a href="#rfc.section.3.2.3.2">3.2.3.2</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.3.2.3.2">Stateful Authentication</a></li>
-                        </ul>
-                     </li>
+                     <li><a href="#rfc.section.3.2.3">3.2.3</a>&nbsp;&nbsp;&nbsp;<a href="#Authentication">Authentication</a></li>
                   </ul>
                </li>
@@ -629 +608 @@
          <li><a href="#rfc.section.9">9.</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.section.9">Acknowledgements</a></li>
          <li><a href="#rfc.section.10">10.</a>&nbsp;&nbsp;&nbsp;<a href="#rfc.references">Normative References</a></li>
-         <li><a href="#rfc.authors">Authors' Addresses</a></li>
          <li><a href="#rfc.section.A">A.</a>&nbsp;&nbsp;&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
                <li><a href="#rfc.section.A.1">A.1</a>&nbsp;&nbsp;&nbsp;<a href="#changes.since.draft-mbelshe-httpbis-spdy-00">Since draft-mbelshe-httpbis-spdy-00</a></li>
@@ -635 +613 @@
          </li>
          <li><a href="#rfc.index">Index</a></li>
+         <li><a href="#rfc.authors">Authors' Addresses</a></li>
       </ul>
-      <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a id="intro" href="#intro">Overview</a></h1>
-      <p id="rfc.section.1.p.1">One of the bottlenecks of HTTP implementations is that HTTP relies on multiple connections for concurrency. This causes several
-         problems, including additional round trips for connection setup, slow-start delays, and connection rationing by the client,
-         where it tries to avoid opening too many connections to any single server. HTTP pipelining helps some, but only achieves partial
-         multiplexing. In addition, pipelining has proven non-deployable in existing browsers due to intermediary interference.
-      </p>
-      <p id="rfc.section.1.p.2">SPDY adds a framing layer for multiplexing multiple, concurrent streams across a single TCP connection (or any reliable transport
-         stream). The framing layer is optimized for HTTP-like request-response streams, such that applications which run over HTTP
-         today can work over SPDY with little or no change on behalf of the web application writer.
-      </p>
-      <p id="rfc.section.1.p.3">The SPDY session offers four improvements over HTTP: </p>
-      <ul class="empty">
-         <li>Multiplexed requests: There is no limit to the number of requests that can be issued concurrently over a single SPDY connection.</li>
-         <li>Prioritized requests: Clients can request certain resources to be delivered first. This avoids the problem of congesting the
-            network channel with non-critical resources when a high-priority request is pending.
-         </li>
-         <li>Compressed headers: Clients today send a significant amount of redundant data in the form of HTTP headers. Because a single
-            web page may require 50 or 100 subrequests, this data is significant.
-         </li>
-         <li>Server pushed streams: Server Push enables content to be pushed from servers to clients without a request.</li>
-      </ul>
-      <p id="rfc.section.1.p.4">SPDY attempts to preserve the existing semantics of HTTP. All features such as cookies, ETags, Vary headers, Content-Encoding
-         negotiations, etc work as they do with HTTP; SPDY only replaces the way the data is written to the network.
-      </p>
-      <h2 id="rfc.section.1.1"><a href="#rfc.section.1.1">1.1</a>&nbsp;Document Organization
-      </h2>
-      <p id="rfc.section.1.1.p.1">The SPDY Specification is split into two parts: a framing layer (<a href="#FramingLayer" title="SPDY Framing Layer">Section&nbsp;2</a>), which multiplexes a TCP connection into independent, length-prefixed frames, and an HTTP layer (<a href="#HTTPLayer" title="HTTP Layering over SPDY">Section&nbsp;3</a>), which specifies the mechanism for overlaying HTTP request/response pairs on top of the framing layer. While some of the
-         framing layer concepts are isolated from the HTTP layer, building a generic framing layer has not been a goal. The framing
-         layer is tailored to the needs of the HTTP protocol and server push.
-      </p>
-      <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a>&nbsp;Definitions
-      </h2>
-      <p id="rfc.section.1.2.p.1"> </p>
-      <ul class="empty">
-         <li>client: The endpoint initiating the SPDY session.</li>
-         <li>connection: A transport-level connection between two endpoints.</li>
-         <li>endpoint: Either the client or server of a connection.</li>
-         <li>frame: A header-prefixed sequence of bytes sent over a SPDY session.</li>
-         <li>server: The endpoint which did not initiate the SPDY session.</li>
-         <li>session: A synonym for a connection.</li>
-         <li>session error: An error on the SPDY session.</li>
-         <li>stream: A bi-directional flow of bytes across a virtual channel within a SPDY session.</li>
-         <li>stream error: An error on an individual SPDY stream.</li>
-      </ul>
-      <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;<a id="FramingLayer" href="#FramingLayer">SPDY Framing Layer</a></h1>
-      <h2 id="rfc.section.2.1"><a href="#rfc.section.2.1">2.1</a>&nbsp;Session (Connections)
-      </h2>
-      <p id="rfc.section.2.1.p.1">The SPDY framing layer (or "session") runs atop a reliable transport layer such as <a href="#RFC0793">TCP</a> <cite title="Transmission Control Protocol" id="rfc.xref.RFC0793.1">[RFC0793]</cite>. The client is the TCP connection initiator. SPDY connections are persistent connections.
-      </p>
-      <p id="rfc.section.2.1.p.2">For best performance, it is expected that clients will not close open connections until the user navigates away from all web
-         pages referencing a connection, or until the server closes the connection. Servers are encouraged to leave connections open
-         for as long as possible, but can terminate idle connections if necessary. When either endpoint closes the transport-level
-         connection, it MUST first send a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame so that the endpoints can reliably determine if requests finished before the close.
-      </p>
-      <h2 id="rfc.section.2.2"><a href="#rfc.section.2.2">2.2</a>&nbsp;Framing
-      </h2>
-      <p id="rfc.section.2.2.p.1">Once the connection is established, clients and servers exchange framed messages. There are two types of frames: control frames (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>) and data frames (<a href="#DataFrames" title="Data frames">Section&nbsp;2.2.2</a>). Frames always have a common header which is 8 bytes in length.
-      </p>
-      <p id="rfc.section.2.2.p.2">The first bit is a control bit indicating whether a frame is a control frame or data frame. Control frames carry a version
-         number, a frame type, flags, and a length. Data frames contain the stream ID, flags, and the length for the payload carried
-         after the common header. The simple header is designed to make reading and writing of frames easy.
-      </p>
-      <p id="rfc.section.2.2.p.3">All integer values, including length, version, and type, are in network byte order. SPDY does not enforce alignment of types
-         in dynamically sized frames.
-      </p>
-      <h3 id="rfc.section.2.2.1"><a href="#rfc.section.2.2.1">2.2.1</a>&nbsp;<a id="ControlFrames" href="#ControlFrames">Control frames</a></h3>
-      <div id="rfc.figure.u.1"></div> <pre>+----------------------------------+
+      <div id="intro">
+         <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a href="#intro">Overview</a></h1>
+         <p id="rfc.section.1.p.1">One of the bottlenecks of HTTP implementations is that HTTP relies on multiple connections for concurrency. This causes several
+            problems, including additional round trips for connection setup, slow-start delays, and connection rationing by the client,
+            where it tries to avoid opening too many connections to any single server. HTTP pipelining helps some, but only achieves partial
+            multiplexing. In addition, pipelining has proven non-deployable in existing browsers due to intermediary interference.
+         </p>
+         <p id="rfc.section.1.p.2">SPDY adds a framing layer for multiplexing multiple, concurrent streams across a single TCP connection (or any reliable transport
+            stream). The framing layer is optimized for HTTP-like request-response streams, such that applications which run over HTTP
+            today can work over SPDY with little or no change on behalf of the web application writer.
+         </p>
+         <p id="rfc.section.1.p.3">The SPDY session offers four improvements over HTTP: </p>
+         <ul class="empty">
+            <li>Multiplexed requests: There is no limit to the number of requests that can be issued concurrently over a single SPDY connection.</li>
+            <li>Prioritized requests: Clients can request certain resources to be delivered first. This avoids the problem of congesting the
+               network channel with non-critical resources when a high-priority request is pending.
+            </li>
+            <li>Compressed headers: Clients today send a significant amount of redundant data in the form of HTTP headers. Because a single
+               web page may require 50 or 100 subrequests, this data is significant.
+            </li>
+            <li>Server pushed streams: Server Push enables content to be pushed from servers to clients without a request.</li>
+         </ul>
+         <p id="rfc.section.1.p.4">SPDY attempts to preserve the existing semantics of HTTP. All features such as cookies, ETags, Vary headers, Content-Encoding
+            negotiations, etc work as they do with HTTP; SPDY only replaces the way the data is written to the network.
+         </p>
+         <div>
+            <h2 id="rfc.section.1.1"><a href="#rfc.section.1.1">1.1</a>&nbsp;Document Organization
+            </h2>
+            <p id="rfc.section.1.1.p.1">The SPDY Specification is split into two parts: a framing layer (<a href="#FramingLayer" title="SPDY Framing Layer">Section&nbsp;2</a>), which multiplexes a TCP connection into independent, length-prefixed frames, and an HTTP layer (<a href="#HTTPLayer" title="HTTP Layering over SPDY">Section&nbsp;3</a>), which specifies the mechanism for overlaying HTTP request/response pairs on top of the framing layer. While some of the
+               framing layer concepts are isolated from the HTTP layer, building a generic framing layer has not been a goal. The framing
+               layer is tailored to the needs of the HTTP protocol and server push.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a>&nbsp;Definitions
+            </h2>
+            <p id="rfc.section.1.2.p.1"></p>
+            <ul class="empty">
+               <li>client: The endpoint initiating the SPDY session.</li>
+               <li>connection: A transport-level connection between two endpoints.</li>
+               <li>endpoint: Either the client or server of a connection.</li>
+               <li>frame: A header-prefixed sequence of bytes sent over a SPDY session.</li>
+               <li>server: The endpoint which did not initiate the SPDY session.</li>
+               <li>session: A synonym for a connection.</li>
+               <li>session error: An error on the SPDY session.</li>
+               <li>stream: A bi-directional flow of bytes across a virtual channel within a SPDY session.</li>
+               <li>stream error: An error on an individual SPDY stream.</li>
+            </ul>
+         </div>
+      </div>
+      <div id="FramingLayer">
+         <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;<a href="#FramingLayer">SPDY Framing Layer</a></h1>
+         <div>
+            <h2 id="rfc.section.2.1"><a href="#rfc.section.2.1">2.1</a>&nbsp;Session (Connections)
+            </h2>
+            <p id="rfc.section.2.1.p.1">The SPDY framing layer (or "session") runs atop a reliable transport layer such as <a href="#RFC0793">TCP</a> <cite title="Transmission Control Protocol" id="rfc.xref.RFC0793.1">[RFC0793]</cite>. The client is the TCP connection initiator. SPDY connections are persistent connections.
+            </p>
+            <p id="rfc.section.2.1.p.2">For best performance, it is expected that clients will not close open connections until the user navigates away from all web
+               pages referencing a connection, or until the server closes the connection. Servers are encouraged to leave connections open
+               for as long as possible, but can terminate idle connections if necessary. When either endpoint closes the transport-level
+               connection, it MUST first send a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame so that the endpoints can reliably determine if requests finished before the close.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.2.2"><a href="#rfc.section.2.2">2.2</a>&nbsp;Framing
+            </h2>
+            <p id="rfc.section.2.2.p.1">Once the connection is established, clients and servers exchange framed messages. There are two types of frames: control frames (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>) and data frames (<a href="#DataFrames" title="Data frames">Section&nbsp;2.2.2</a>). Frames always have a common header which is 8 bytes in length.
+            </p>
+            <p id="rfc.section.2.2.p.2">The first bit is a control bit indicating whether a frame is a control frame or data frame. Control frames carry a version
+               number, a frame type, flags, and a length. Data frames contain the stream ID, flags, and the length for the payload carried
+               after the common header. The simple header is designed to make reading and writing of frames easy.
+            </p>
+            <p id="rfc.section.2.2.p.3">All integer values, including length, version, and type, are in network byte order. SPDY does not enforce alignment of types
+               in dynamically sized frames.
+            </p>
+            <div id="ControlFrames">
+               <h3 id="rfc.section.2.2.1"><a href="#rfc.section.2.2.1">2.2.1</a>&nbsp;<a href="#ControlFrames">Control frames</a></h3>
+               <div id="rfc.figure.u.1"></div><pre>+----------------------------------+
 |C| Version(15bits) | Type(16bits) |
 +----------------------------------+
@@ -709 +699 @@
 |               Data               |
 +----------------------------------+
-  </pre> <p id="rfc.section.2.2.1.p.2">Control bit: The 'C' bit is a single bit indicating if this is a control message. For control frames this value is always
-         1.
-      </p>
-      <p id="rfc.section.2.2.1.p.3">Version: The version number of the SPDY protocol. This document describes SPDY version 3.</p>
-      <p id="rfc.section.2.2.1.p.4">Type: The type of control frame. See Control Frames for the complete list of control frames.</p>
-      <p id="rfc.section.2.2.1.p.5">Flags: Flags related to this frame. Flags for control frames and data frames are different.</p>
-      <p id="rfc.section.2.2.1.p.6">Length: An unsigned 24-bit value representing the number of bytes after the length field.</p>
-      <p id="rfc.section.2.2.1.p.7">Data: data associated with this control frame. The format and length of this data is controlled by the control frame type.</p>
-      <p id="rfc.section.2.2.1.p.8">Control frame processing requirements: </p>
-      <ul class="empty">
-         <li>Note that full length control frames (16MB) can be large for implementations running on resource-limited hardware. In such
-            cases, implementations MAY limit the maximum length frame supported. However, all implementations MUST be able to receive
-            control frames of at least 8192 octets in length.
-         </li>
-      </ul>
-      <h3 id="rfc.section.2.2.2"><a href="#rfc.section.2.2.2">2.2.2</a>&nbsp;<a id="DataFrames" href="#DataFrames">Data frames</a></h3>
-      <div id="rfc.figure.u.2"></div> <pre>+----------------------------------+
+  </pre><p id="rfc.section.2.2.1.p.2">Control bit: The 'C' bit is a single bit indicating if this is a control message. For control frames this value is always
+                  1.
+               </p>
+               <p id="rfc.section.2.2.1.p.3">Version: The version number of the SPDY protocol. This document describes SPDY version 3.</p>
+               <p id="rfc.section.2.2.1.p.4">Type: The type of control frame. See Control Frames for the complete list of control frames.</p>
+               <p id="rfc.section.2.2.1.p.5">Flags: Flags related to this frame. Flags for control frames and data frames are different.</p>
+               <p id="rfc.section.2.2.1.p.6">Length: An unsigned 24-bit value representing the number of bytes after the length field.</p>
+               <p id="rfc.section.2.2.1.p.7">Data: data associated with this control frame. The format and length of this data is controlled by the control frame type.</p>
+               <p id="rfc.section.2.2.1.p.8">Control frame processing requirements: </p>
+               <ul class="empty">
+                  <li>Note that full length control frames (16MB) can be large for implementations running on resource-limited hardware. In such
+                     cases, implementations MAY limit the maximum length frame supported. However, all implementations MUST be able to receive
+                     control frames of at least 8192 octets in length.
+                  </li>
+               </ul>
+            </div>
+            <div id="DataFrames">
+               <h3 id="rfc.section.2.2.2"><a href="#rfc.section.2.2.2">2.2.2</a>&nbsp;<a href="#DataFrames">Data frames</a></h3>
+               <div id="rfc.figure.u.2"></div><pre>+----------------------------------+
 |C|       Stream-ID (31bits)       |
 +----------------------------------+
@@ -732 +724 @@
 |               Data               |
 +----------------------------------+
-  </pre> <p id="rfc.section.2.2.2.p.2">Control bit: For data frames this value is always 0.</p>
-      <p id="rfc.section.2.2.2.p.3">Stream-ID: A 31-bit value identifying the stream.</p>
-      <p id="rfc.section.2.2.2.p.4">Flags: Flags related to this frame. Valid flags are: </p>
-      <ul class="empty">
-         <li>0x01 = FLAG_FIN - signifies that this frame represents the last frame to be transmitted on this stream. See Stream Close (<a href="#StreamClose" title="Stream close">Section&nbsp;2.3.7</a>) below.
-         </li>
-         <li>0x02 = FLAG_COMPRESS - indicates that the data in this frame has been compressed.</li>
-      </ul>
-      <p id="rfc.section.2.2.2.p.5">Length: An unsigned 24-bit value representing the number of bytes after the length field. The total size of a data frame is
-         8 bytes + length. It is valid to have a zero-length data frame.
-      </p>
-      <p id="rfc.section.2.2.2.p.6">Data: The variable-length data payload; the length was defined in the length field.</p>
-      <p id="rfc.section.2.2.2.p.7">Data frame processing requirements: </p>
-      <ul class="empty">
-         <li>If an endpoint receives a data frame for a stream-id which is not open and the endpoint has not sent a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame, it MUST send issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code INVALID_STREAM for the stream-id.
-         </li>
-         <li>If the endpoint which created the stream receives a data frame before receiving a SYN_REPLY on that stream, it is a protocol
-            error, and the recipient MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
-         </li>
-         <li>Implementors note: If an endpoint receives multiple data frames for invalid stream-ids, it MAY close the session.</li>
-         <li>All SPDY endpoints MUST accept compressed data frames. Compression of data frames is always done using zlib compression. Each
-            stream initializes and uses its own compression context dedicated to use within that stream. Endpoints are encouraged to use
-            application level compression rather than SPDY stream level compression.
-         </li>
-         <li>Each SPDY stream sending compressed frames creates its own zlib context for that stream, and these compression contexts MUST
-            be distinct from the compression contexts used with SYN_STREAM/SYN_REPLY/HEADER compression. (Thus, if both endpoints of a
-            stream are compressing data on the stream, there will be two zlib contexts, one for sending and one for receiving).
-         </li>
-      </ul>
-      <h2 id="rfc.section.2.3"><a href="#rfc.section.2.3">2.3</a>&nbsp;Streams
-      </h2>
-      <p id="rfc.section.2.3.p.1">Streams are independent sequences of bi-directional data divided into frames with several properties: </p>
-      <ul class="empty">
-         <li>Streams may be created by either the client or server.</li>
-         <li>Streams optionally carry a set of name/value header pairs.</li>
-         <li>Streams can concurrently send data interleaved with other streams.</li>
-         <li>Streams may be cancelled.</li>
-      </ul>
-      <h3 id="rfc.section.2.3.1"><a href="#rfc.section.2.3.1">2.3.1</a>&nbsp;<a id="StreamFrames" href="#StreamFrames">Stream frames</a></h3>
-      <p id="rfc.section.2.3.1.p.1">SPDY defines 3 control frames to manage the lifecycle of a stream: </p>
-      <ul class="empty">
-         <li>SYN_STREAM - Open a new stream</li>
-         <li>SYN_REPLY - Remote acknowledgement of a new, open stream</li>
-         <li>RST_STREAM - Close a stream</li>
-      </ul>
-      <h3 id="rfc.section.2.3.2"><a href="#rfc.section.2.3.2">2.3.2</a>&nbsp;<a id="StreamCreation" href="#StreamCreation">Stream creation</a></h3>
-      <p id="rfc.section.2.3.2.p.1">A stream is created by sending a control frame with the type set to SYN_STREAM (<a href="#SYN_STREAM" title="SYN_STREAM">Section&nbsp;2.6.1</a>). If the server is initiating the stream, the Stream-ID must be even. If the client is initiating the stream, the Stream-ID
-         must be odd. 0 is not a valid Stream-ID. Stream-IDs from each side of the connection must increase monotonically as new streams
-         are created. E.g. Stream 2 may be created after stream 3, but stream 7 must not be created after stream 9. Stream IDs do not
-         wrap: when a client or server cannot create a new stream id without exceeding a 31 bit value, it MUST NOT create a new stream.
-      </p>
-      <p id="rfc.section.2.3.2.p.2">The stream-id MUST increase with each new stream. If an endpoint receives a SYN_STREAM with a stream id which is less than
-         any previously received SYN_STREAM, it MUST issue a session error (<a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>) with the status PROTOCOL_ERROR.
-      </p>
-      <p id="rfc.section.2.3.2.p.3">It is a protocol error to send two SYN_STREAMs with the same stream-id. If a recipient receives a second SYN_STREAM for the
-         same stream, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR.
-      </p>
-      <p id="rfc.section.2.3.2.p.4">Upon receipt of a SYN_STREAM, the recipient can reject the stream by sending a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code REFUSED_STREAM. Note, however, that the creating endpoint may have already sent additional frames for
-         that stream which cannot be immediately stopped.
-      </p>
-      <p id="rfc.section.2.3.2.p.5">Once the stream is created, the creator may immediately send HEADERS or DATA frames for that stream, without needing to wait
-         for the recipient to acknowledge.
-      </p>
-      <h4 id="rfc.section.2.3.2.1"><a href="#rfc.section.2.3.2.1">2.3.2.1</a>&nbsp;Unidirectional streams
-      </h4>
-      <p id="rfc.section.2.3.2.1.p.1">When an endpoint creates a stream with the FLAG_UNIDIRECTIONAL flag set, it creates a unidirectional stream which the creating
-         endpoint can use to send frames, but the receiving endpoint cannot. The receiving endpoint is implicitly already in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
-      </p>
-      <h4 id="rfc.section.2.3.2.2"><a href="#rfc.section.2.3.2.2">2.3.2.2</a>&nbsp;Bidirectional streams
-      </h4>
-      <p id="rfc.section.2.3.2.2.p.1">SYN_STREAM frames which do not use the FLAG_UNIDIRECTIONAL flag are bidirectional streams. Both endpoints can send data on
-         a bi-directional stream.
-      </p>
-      <h3 id="rfc.section.2.3.3"><a href="#rfc.section.2.3.3">2.3.3</a>&nbsp;<a id="StreamPriority" href="#StreamPriority">Stream priority</a></h3>
-      <p id="rfc.section.2.3.3.p.1">The creator of a stream assigns a priority for that stream. Priority is represented as an integer from 0 to 7. 0 represents
-         the highest priority and 7 represents the lowest priority.
-      </p>
-      <p id="rfc.section.2.3.3.p.2">The sender and recipient SHOULD use best-effort to process streams in the order of highest priority to lowest priority.</p>
-      <h3 id="rfc.section.2.3.4"><a href="#rfc.section.2.3.4">2.3.4</a>&nbsp;Stream headers
-      </h3>
-      <p id="rfc.section.2.3.4.p.1">Streams carry optional sets of name/value pair headers which carry metadata about the stream. After the stream has been created,
-         and as long as the sender is not closed (<a href="#StreamClose" title="Stream close">Section&nbsp;2.3.7</a>) or half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>), each side may send HEADERS frame(s) containing the header data. Header data can be sent in multiple HEADERS frames, and
-         HEADERS frames may be interleaved with data frames.
-      </p>
-      <h3 id="rfc.section.2.3.5"><a href="#rfc.section.2.3.5">2.3.5</a>&nbsp;Stream data exchange
-      </h3>
-      <p id="rfc.section.2.3.5.p.1">Once a stream is created, it can be used to send arbitrary amounts of data. Generally this means that a series of data frames
-         will be sent on the stream until a frame containing the FLAG_FIN flag is set. The FLAG_FIN can be set on a SYN_STREAM (<a href="#SYN_STREAM" title="SYN_STREAM">Section&nbsp;2.6.1</a>), SYN_REPLY (<a href="#SYN_REPLY" title="SYN_REPLY">Section&nbsp;2.6.2</a>), HEADERS (<a href="#HEADERS" title="HEADERS">Section&nbsp;2.6.7</a>) or a DATA (<a href="#DataFrames" title="Data frames">Section&nbsp;2.2.2</a>) frame. Once the FLAG_FIN has been sent, the stream is considered to be half-closed.
-      </p>
-      <h3 id="rfc.section.2.3.6"><a href="#rfc.section.2.3.6">2.3.6</a>&nbsp;<a id="StreamHalfClose" href="#StreamHalfClose">Stream half-close</a></h3>
-      <p id="rfc.section.2.3.6.p.1">When one side of the stream sends a frame with the FLAG_FIN flag set, the stream is half-closed from that endpoint. The sender
-         of the FLAG_FIN MUST NOT send further frames on that stream. When both sides have half-closed, the stream is closed.
-      </p>
-      <p id="rfc.section.2.3.6.p.2">If an endpoint receives a data frame after the stream is half-closed from the sender (e.g. the endpoint has already received
-         a prior frame for the stream with the FIN flag set), it MUST send a RST_STREAM to the sender with the status STREAM_ALREADY_CLOSED.
-      </p>
-      <h3 id="rfc.section.2.3.7"><a href="#rfc.section.2.3.7">2.3.7</a>&nbsp;<a id="StreamClose" href="#StreamClose">Stream close</a></h3>
-      <p id="rfc.section.2.3.7.p.1">There are 3 ways that streams can be terminated: </p>
-      <ul class="empty">
-         <li>Normal termination: Normal stream termination occurs when both sender and recipient have half-closed the stream by sending
-            a FLAG_FIN.
-         </li>
-         <li>Abrupt termination: Either the client or server can send a RST_STREAM control frame at any time. A RST_STREAM contains an
-            error code to indicate the reason for failure. When a RST_STREAM is sent from the stream originator, it indicates a failure
-            to complete the stream and that no further data will be sent on the stream. When a RST_STREAM is sent from the stream recipient,
-            the sender, upon receipt, should stop sending any data on the stream. The stream recipient should be aware that there is a
-            race between data already in transit from the sender and the time the RST_STREAM is received. See Stream Error Handling (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>)
-         </li>
-         <li>TCP connection teardown: If the TCP connection is torn down while un-closed streams exist, then the endpoint must assume that
-            the stream was abnormally interrupted and may be incomplete.
-         </li>
-      </ul>
-      <p id="rfc.section.2.3.7.p.2">If an endpoint receives a data frame after the stream is closed, it must send a RST_STREAM to the sender with the status PROTOCOL_ERROR.</p>
-      <h2 id="rfc.section.2.4"><a href="#rfc.section.2.4">2.4</a>&nbsp;Error Handling
-      </h2>
-      <p id="rfc.section.2.4.p.1">The SPDY framing layer has only two types of errors, and they are always handled consistently. Any reference in this specification
-         to "issue a session error" refers to <a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>. Any reference to "issue a stream error" refers to <a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>.
-      </p>
-      <h3 id="rfc.section.2.4.1"><a href="#rfc.section.2.4.1">2.4.1</a>&nbsp;<a id="SessionErrorHandler" href="#SessionErrorHandler">Session Error Handling</a></h3>
-      <p id="rfc.section.2.4.1.p.1">A session error is any error which prevents further processing of the framing layer or which corrupts the session compression
-         state. When a session error occurs, the endpoint encountering the error MUST first send a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame with the stream id of most recently received stream from the remote endpoint, and the error code for why the session
-         is terminating. After sending the GOAWAY frame, the endpoint MUST close the TCP connection.
-      </p>
-      <p id="rfc.section.2.4.1.p.2">Note that the session compression state is dependent upon both endpoints always processing all compressed data. If an endpoint
-         partially processes a frame containing compressed data without updating compression state properly, future control frames
-         which use compression will be always be errored. Implementations SHOULD always try to process compressed data so that errors
-         which could be handled as stream errors do not become session errors.
-      </p>
-      <p id="rfc.section.2.4.1.p.3">Note that because this GOAWAY is sent during a session error case, it is possible that the GOAWAY will not be reliably received
-         by the receiving endpoint. It is a best-effort attempt to communicate with the remote about why the session is going down.
-      </p>
-      <h3 id="rfc.section.2.4.2"><a href="#rfc.section.2.4.2">2.4.2</a>&nbsp;<a id="StreamErrorHandler" href="#StreamErrorHandler">Stream Error Handling</a></h3>
-      <p id="rfc.section.2.4.2.p.1">A stream error is an error related to a specific stream-id which does not affect processing of other streams at the framing
-         layer. Upon a stream error, the endpoint MUST send a RST_STREAM (<a href="#RST_STREAM" title="RST_STREAM">Section&nbsp;2.6.3</a>) frame which contains the stream id of the stream where the error occurred and the error status which caused the error. After
-         sending the RST_STREAM, the stream is closed to the sending endpoint. After sending the RST_STREAM, if the sender receives
-         any frames other than a RST_STREAM for that stream id, it will result in sending additional RST_STREAM frames. An endpoint
-         MUST NOT send a RST_STREAM in response to an RST_STREAM, as doing so would lead to RST_STREAM loops. Sending a RST_STREAM
-         does not cause the SPDY session to be closed.
-      </p>
-      <p id="rfc.section.2.4.2.p.2">If an endpoint has multiple RST_STREAM frames to send in succession for the same stream-id and the same error code, it MAY
-         coalesce them into a single RST_STREAM frame. (This can happen if a stream is closed, but the remote sends multiple data frames.
-         There is no reason to send a RST_STREAM for each frame in succession).
-      </p>
-      <h2 id="rfc.section.2.5"><a href="#rfc.section.2.5">2.5</a>&nbsp;Data flow
-      </h2>
-      <p id="rfc.section.2.5.p.1">Because TCP provides a single stream of data on which SPDY multiplexes multiple logical streams, clients and servers must
-         intelligently interleave data messages for concurrent sessions.
-      </p>
-      <h2 id="rfc.section.2.6"><a href="#rfc.section.2.6">2.6</a>&nbsp;Control frame types
-      </h2>
-      <h3 id="rfc.section.2.6.1"><a href="#rfc.section.2.6.1">2.6.1</a>&nbsp;<a id="SYN_STREAM" href="#SYN_STREAM">SYN_STREAM</a></h3>
-      <p id="rfc.section.2.6.1.p.1">The SYN_STREAM control frame allows the sender to asynchronously create a stream between the endpoints. See Stream Creation (<a href="#StreamCreation" title="Stream creation">Section&nbsp;2.3.2</a>)
-      </p>
-      <div id="rfc.figure.u.3"></div> <pre>+------------------------------------+
+  </pre><p id="rfc.section.2.2.2.p.2">Control bit: For data frames this value is always 0.</p>
+               <p id="rfc.section.2.2.2.p.3">Stream-ID: A 31-bit value identifying the stream.</p>
+               <p id="rfc.section.2.2.2.p.4">Flags: Flags related to this frame. Valid flags are: </p>
+               <ul class="empty">
+                  <li>0x01 = FLAG_FIN - signifies that this frame represents the last frame to be transmitted on this stream. See Stream Close (<a href="#StreamClose" title="Stream close">Section&nbsp;2.3.7</a>) below.
+                  </li>
+                  <li>0x02 = FLAG_COMPRESS - indicates that the data in this frame has been compressed.</li>
+               </ul>
+               <p id="rfc.section.2.2.2.p.5">Length: An unsigned 24-bit value representing the number of bytes after the length field. The total size of a data frame is
+                  8 bytes + length. It is valid to have a zero-length data frame.
+               </p>
+               <p id="rfc.section.2.2.2.p.6">Data: The variable-length data payload; the length was defined in the length field.</p>
+               <p id="rfc.section.2.2.2.p.7">Data frame processing requirements: </p>
+               <ul class="empty">
+                  <li>If an endpoint receives a data frame for a stream-id which is not open and the endpoint has not sent a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame, it MUST send issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code INVALID_STREAM for the stream-id.
+                  </li>
+                  <li>If the endpoint which created the stream receives a data frame before receiving a SYN_REPLY on that stream, it is a protocol
+                     error, and the recipient MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
+                  </li>
+                  <li>Implementors note: If an endpoint receives multiple data frames for invalid stream-ids, it MAY close the session.</li>
+                  <li>All SPDY endpoints MUST accept compressed data frames. Compression of data frames is always done using zlib compression. Each
+                     stream initializes and uses its own compression context dedicated to use within that stream. Endpoints are encouraged to use
+                     application level compression rather than SPDY stream level compression.
+                  </li>
+                  <li>Each SPDY stream sending compressed frames creates its own zlib context for that stream, and these compression contexts MUST
+                     be distinct from the compression contexts used with SYN_STREAM/SYN_REPLY/HEADER compression. (Thus, if both endpoints of a
+                     stream are compressing data on the stream, there will be two zlib contexts, one for sending and one for receiving).
+                  </li>
+               </ul>
+            </div>
+         </div>
+         <div>
+            <h2 id="rfc.section.2.3"><a href="#rfc.section.2.3">2.3</a>&nbsp;Streams
+            </h2>
+            <p id="rfc.section.2.3.p.1">Streams are independent sequences of bi-directional data divided into frames with several properties: </p>
+            <ul class="empty">
+               <li>Streams may be created by either the client or server.</li>
+               <li>Streams optionally carry a set of name/value header pairs.</li>
+               <li>Streams can concurrently send data interleaved with other streams.</li>
+               <li>Streams may be cancelled.</li>
+            </ul>
+            <div id="StreamFrames">
+               <h3 id="rfc.section.2.3.1"><a href="#rfc.section.2.3.1">2.3.1</a>&nbsp;<a href="#StreamFrames">Stream frames</a></h3>
+               <p id="rfc.section.2.3.1.p.1">SPDY defines 3 control frames to manage the lifecycle of a stream: </p>
+               <ul class="empty">
+                  <li>SYN_STREAM - Open a new stream</li>
+                  <li>SYN_REPLY - Remote acknowledgement of a new, open stream</li>
+                  <li>RST_STREAM - Close a stream</li>
+               </ul>
+            </div>
+            <div id="StreamCreation">
+               <h3 id="rfc.section.2.3.2"><a href="#rfc.section.2.3.2">2.3.2</a>&nbsp;<a href="#StreamCreation">Stream creation</a></h3>
+               <p id="rfc.section.2.3.2.p.1">A stream is created by sending a control frame with the type set to SYN_STREAM (<a href="#SYN_STREAM" title="SYN_STREAM">Section&nbsp;2.6.1</a>). If the server is initiating the stream, the Stream-ID must be even. If the client is initiating the stream, the Stream-ID
+                  must be odd. 0 is not a valid Stream-ID. Stream-IDs from each side of the connection must increase monotonically as new streams
+                  are created. E.g. Stream 2 may be created after stream 3, but stream 7 must not be created after stream 9. Stream IDs do not
+                  wrap: when a client or server cannot create a new stream id without exceeding a 31 bit value, it MUST NOT create a new stream.
+               </p>
+               <p id="rfc.section.2.3.2.p.2">The stream-id MUST increase with each new stream. If an endpoint receives a SYN_STREAM with a stream id which is less than
+                  any previously received SYN_STREAM, it MUST issue a session error (<a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>) with the status PROTOCOL_ERROR.
+               </p>
+               <p id="rfc.section.2.3.2.p.3">It is a protocol error to send two SYN_STREAMs with the same stream-id. If a recipient receives a second SYN_STREAM for the
+                  same stream, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR.
+               </p>
+               <p id="rfc.section.2.3.2.p.4">Upon receipt of a SYN_STREAM, the recipient can reject the stream by sending a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code REFUSED_STREAM. Note, however, that the creating endpoint may have already sent additional frames for
+                  that stream which cannot be immediately stopped.
+               </p>
+               <p id="rfc.section.2.3.2.p.5">Once the stream is created, the creator may immediately send HEADERS or DATA frames for that stream, without needing to wait
+                  for the recipient to acknowledge.
+               </p>
+               <div>
+                  <h4 id="rfc.section.2.3.2.1"><a href="#rfc.section.2.3.2.1">2.3.2.1</a>&nbsp;Unidirectional streams
+                  </h4>
+                  <p id="rfc.section.2.3.2.1.p.1">When an endpoint creates a stream with the FLAG_UNIDIRECTIONAL flag set, it creates a unidirectional stream which the creating
+                     endpoint can use to send frames, but the receiving endpoint cannot. The receiving endpoint is implicitly already in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
+                  </p>
+               </div>
+               <div>
+                  <h4 id="rfc.section.2.3.2.2"><a href="#rfc.section.2.3.2.2">2.3.2.2</a>&nbsp;Bidirectional streams
+                  </h4>
+                  <p id="rfc.section.2.3.2.2.p.1">SYN_STREAM frames which do not use the FLAG_UNIDIRECTIONAL flag are bidirectional streams. Both endpoints can send data on
+                     a bi-directional stream.
+                  </p>
+               </div>
+            </div>
+            <div id="StreamPriority">
+               <h3 id="rfc.section.2.3.3"><a href="#rfc.section.2.3.3">2.3.3</a>&nbsp;<a href="#StreamPriority">Stream priority</a></h3>
+               <p id="rfc.section.2.3.3.p.1">The creator of a stream assigns a priority for that stream. Priority is represented as an integer from 0 to 7. 0 represents
+                  the highest priority and 7 represents the lowest priority.
+               </p>
+               <p id="rfc.section.2.3.3.p.2">The sender and recipient SHOULD use best-effort to process streams in the order of highest priority to lowest priority.</p>
+            </div>
+            <div>
+               <h3 id="rfc.section.2.3.4"><a href="#rfc.section.2.3.4">2.3.4</a>&nbsp;Stream headers
+               </h3>
+               <p id="rfc.section.2.3.4.p.1">Streams carry optional sets of name/value pair headers which carry metadata about the stream. After the stream has been created,
+                  and as long as the sender is not closed (<a href="#StreamClose" title="Stream close">Section&nbsp;2.3.7</a>) or half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>), each side may send HEADERS frame(s) containing the header data. Header data can be sent in multiple HEADERS frames, and
+                  HEADERS frames may be interleaved with data frames.
+               </p>
+            </div>
+            <div>
+               <h3 id="rfc.section.2.3.5"><a href="#rfc.section.2.3.5">2.3.5</a>&nbsp;Stream data exchange
+               </h3>
+               <p id="rfc.section.2.3.5.p.1">Once a stream is created, it can be used to send arbitrary amounts of data. Generally this means that a series of data frames
+                  will be sent on the stream until a frame containing the FLAG_FIN flag is set. The FLAG_FIN can be set on a SYN_STREAM (<a href="#SYN_STREAM" title="SYN_STREAM">Section&nbsp;2.6.1</a>), SYN_REPLY (<a href="#SYN_REPLY" title="SYN_REPLY">Section&nbsp;2.6.2</a>), HEADERS (<a href="#HEADERS" title="HEADERS">Section&nbsp;2.6.7</a>) or a DATA (<a href="#DataFrames" title="Data frames">Section&nbsp;2.2.2</a>) frame. Once the FLAG_FIN has been sent, the stream is considered to be half-closed.
+               </p>
+            </div>
+            <div id="StreamHalfClose">
+               <h3 id="rfc.section.2.3.6"><a href="#rfc.section.2.3.6">2.3.6</a>&nbsp;<a href="#StreamHalfClose">Stream half-close</a></h3>
+               <p id="rfc.section.2.3.6.p.1">When one side of the stream sends a frame with the FLAG_FIN flag set, the stream is half-closed from that endpoint. The sender
+                  of the FLAG_FIN MUST NOT send further frames on that stream. When both sides have half-closed, the stream is closed.
+               </p>
+               <p id="rfc.section.2.3.6.p.2">If an endpoint receives a data frame after the stream is half-closed from the sender (e.g. the endpoint has already received
+                  a prior frame for the stream with the FIN flag set), it MUST send a RST_STREAM to the sender with the status STREAM_ALREADY_CLOSED.
+               </p>
+            </div>
+            <div id="StreamClose">
+               <h3 id="rfc.section.2.3.7"><a href="#rfc.section.2.3.7">2.3.7</a>&nbsp;<a href="#StreamClose">Stream close</a></h3>
+               <p id="rfc.section.2.3.7.p.1">There are 3 ways that streams can be terminated: </p>
+               <ul class="empty">
+                  <li>Normal termination: Normal stream termination occurs when both sender and recipient have half-closed the stream by sending
+                     a FLAG_FIN.
+                  </li>
+                  <li>Abrupt termination: Either the client or server can send a RST_STREAM control frame at any time. A RST_STREAM contains an
+                     error code to indicate the reason for failure. When a RST_STREAM is sent from the stream originator, it indicates a failure
+                     to complete the stream and that no further data will be sent on the stream. When a RST_STREAM is sent from the stream recipient,
+                     the sender, upon receipt, should stop sending any data on the stream. The stream recipient should be aware that there is a
+                     race between data already in transit from the sender and the time the RST_STREAM is received. See Stream Error Handling (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>)
+                  </li>
+                  <li>TCP connection teardown: If the TCP connection is torn down while un-closed streams exist, then the endpoint must assume that
+                     the stream was abnormally interrupted and may be incomplete.
+                  </li>
+               </ul>
+               <p id="rfc.section.2.3.7.p.2">If an endpoint receives a data frame after the stream is closed, it must send a RST_STREAM to the sender with the status PROTOCOL_ERROR.</p>
+            </div>
+         </div>
+         <div>
+            <h2 id="rfc.section.2.4"><a href="#rfc.section.2.4">2.4</a>&nbsp;Error Handling
+            </h2>
+            <p id="rfc.section.2.4.p.1">The SPDY framing layer has only two types of errors, and they are always handled consistently. Any reference in this specification
+               to "issue a session error" refers to <a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>. Any reference to "issue a stream error" refers to <a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>.
+            </p>
+            <div id="SessionErrorHandler">
+               <h3 id="rfc.section.2.4.1"><a href="#rfc.section.2.4.1">2.4.1</a>&nbsp;<a href="#SessionErrorHandler">Session Error Handling</a></h3>
+               <p id="rfc.section.2.4.1.p.1">A session error is any error which prevents further processing of the framing layer or which corrupts the session compression
+                  state. When a session error occurs, the endpoint encountering the error MUST first send a GOAWAY (<a href="#GOAWAY" title="GOAWAY">Section&nbsp;2.6.6</a>) frame with the stream id of most recently received stream from the remote endpoint, and the error code for why the session
+                  is terminating. After sending the GOAWAY frame, the endpoint MUST close the TCP connection.
+               </p>
+               <p id="rfc.section.2.4.1.p.2">Note that the session compression state is dependent upon both endpoints always processing all compressed data. If an endpoint
+                  partially processes a frame containing compressed data without updating compression state properly, future control frames
+                  which use compression will be always be errored. Implementations SHOULD always try to process compressed data so that errors
+                  which could be handled as stream errors do not become session errors.
+               </p>
+               <p id="rfc.section.2.4.1.p.3">Note that because this GOAWAY is sent during a session error case, it is possible that the GOAWAY will not be reliably received
+                  by the receiving endpoint. It is a best-effort attempt to communicate with the remote about why the session is going down.
+               </p>
+            </div>
+            <div id="StreamErrorHandler">
+               <h3 id="rfc.section.2.4.2"><a href="#rfc.section.2.4.2">2.4.2</a>&nbsp;<a href="#StreamErrorHandler">Stream Error Handling</a></h3>
+               <p id="rfc.section.2.4.2.p.1">A stream error is an error related to a specific stream-id which does not affect processing of other streams at the framing
+                  layer. Upon a stream error, the endpoint MUST send a RST_STREAM (<a href="#RST_STREAM" title="RST_STREAM">Section&nbsp;2.6.3</a>) frame which contains the stream id of the stream where the error occurred and the error status which caused the error. After
+                  sending the RST_STREAM, the stream is closed to the sending endpoint. After sending the RST_STREAM, if the sender receives
+                  any frames other than a RST_STREAM for that stream id, it will result in sending additional RST_STREAM frames. An endpoint
+                  MUST NOT send a RST_STREAM in response to an RST_STREAM, as doing so would lead to RST_STREAM loops. Sending a RST_STREAM
+                  does not cause the SPDY session to be closed.
+               </p>
+               <p id="rfc.section.2.4.2.p.2">If an endpoint has multiple RST_STREAM frames to send in succession for the same stream-id and the same error code, it MAY
+                  coalesce them into a single RST_STREAM frame. (This can happen if a stream is closed, but the remote sends multiple data frames.
+                  There is no reason to send a RST_STREAM for each frame in succession).
+               </p>
+            </div>
+         </div>
+         <div>
+            <h2 id="rfc.section.2.5"><a href="#rfc.section.2.5">2.5</a>&nbsp;Data flow
+            </h2>
+            <p id="rfc.section.2.5.p.1">Because TCP provides a single stream of data on which SPDY multiplexes multiple logical streams, clients and servers must
+               intelligently interleave data messages for concurrent sessions.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.2.6"><a href="#rfc.section.2.6">2.6</a>&nbsp;Control frame types
+            </h2>
+            <div id="SYN_STREAM">
+               <h3 id="rfc.section.2.6.1"><a href="#rfc.section.2.6.1">2.6.1</a>&nbsp;<a href="#SYN_STREAM">SYN_STREAM</a></h3>
+               <p id="rfc.section.2.6.1.p.1">The SYN_STREAM control frame allows the sender to asynchronously create a stream between the endpoints. See Stream Creation (<a href="#StreamCreation" title="Stream creation">Section&nbsp;2.3.2</a>)
+               </p>
+               <div id="rfc.figure.u.3"></div><pre>+------------------------------------+
 |1|    version    |         1        |
 +------------------------------------+
@@ -907 +931 @@
 +------------------------------------+    |
 |           (repeats)                |   &lt;+
-            </pre> <p id="rfc.section.2.6.1.p.3">Flags: Flags related to this frame. Valid flags are: </p>
-      <ul class="empty">
-         <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
-         </li>
-         <li>0x02 = FLAG_UNIDIRECTIONAL - a stream created with this flag puts the recipient in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
-         </li>
-      </ul>
-      <p id="rfc.section.2.6.1.p.4">Length: The length is the number of bytes which follow the length field in the frame. For SYN_STREAM frames, this is 10 bytes
-         plus the length of the compressed Name/Value block.
-      </p>
-      <p id="rfc.section.2.6.1.p.5">Stream-ID: The 31-bit identifier for this stream. This stream-id will be used in frames which are part of this stream.</p>
-      <p id="rfc.section.2.6.1.p.6">Associated-To-Stream-ID: The 31-bit identifier for a stream which this stream is associated to. If this stream is independent
-         of all other streams, it should be 0.
-      </p>
-      <p id="rfc.section.2.6.1.p.7">Priority: A 3-bit priority (<a href="#StreamPriority" title="Stream priority">Section&nbsp;2.3.3</a>) field.
-      </p>
-      <p id="rfc.section.2.6.1.p.8">Unused: 5 bits of unused space, reserved for future use.</p>
-      <p id="rfc.section.2.6.1.p.9">Slot: An 8 bit unsigned integer specifying the index in the server's CREDENTIAL vector of the client certificate to be used
-         for this request. see CREDENTIAL frame (<a href="#CREDENTIAL" title="CREDENTIAL">Section&nbsp;2.6.9</a>). The value 0 means no client certificate should be associated with this stream.
-      </p>
-      <p id="rfc.section.2.6.1.p.10">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
-      </p>
-      <p id="rfc.section.2.6.1.p.11">If an endpoint receives a SYN_STREAM which is larger than the implementation supports, it MAY send a RST_STREAM with error
-         code FRAME_TOO_LARGE. All implementations MUST support the minimum size limits defined in the Control Frames section (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>).
-      </p>
-      <h3 id="rfc.section.2.6.2"><a href="#rfc.section.2.6.2">2.6.2</a>&nbsp;<a id="SYN_REPLY" href="#SYN_REPLY">SYN_REPLY</a></h3>
-      <p id="rfc.section.2.6.2.p.1">SYN_REPLY indicates the acceptance of a stream creation by the recipient of a SYN_STREAM frame.</p>
-      <div id="rfc.figure.u.4"></div> <pre>+------------------------------------+
+            </pre><p id="rfc.section.2.6.1.p.3">Flags: Flags related to this frame. Valid flags are: </p>
+               <ul class="empty">
+                  <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
+                  </li>
+                  <li>0x02 = FLAG_UNIDIRECTIONAL - a stream created with this flag puts the recipient in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
+                  </li>
+               </ul>
+               <p id="rfc.section.2.6.1.p.4">Length: The length is the number of bytes which follow the length field in the frame. For SYN_STREAM frames, this is 10 bytes
+                  plus the length of the compressed Name/Value block.
+               </p>
+               <p id="rfc.section.2.6.1.p.5">Stream-ID: The 31-bit identifier for this stream. This stream-id will be used in frames which are part of this stream.</p>
+               <p id="rfc.section.2.6.1.p.6">Associated-To-Stream-ID: The 31-bit identifier for a stream which this stream is associated to. If this stream is independent
+                  of all other streams, it should be 0.
+               </p>
+               <p id="rfc.section.2.6.1.p.7">Priority: A 3-bit priority (<a href="#StreamPriority" title="Stream priority">Section&nbsp;2.3.3</a>) field.
+               </p>
+               <p id="rfc.section.2.6.1.p.8">Unused: 5 bits of unused space, reserved for future use.</p>
+               <p id="rfc.section.2.6.1.p.9">Slot: An 8 bit unsigned integer specifying the index in the server's CREDENTIAL vector of the client certificate to be used
+                  for this request. see CREDENTIAL frame (<a href="#CREDENTIAL" title="CREDENTIAL">Section&nbsp;2.6.9</a>). The value 0 means no client certificate should be associated with this stream.
+               </p>
+               <p id="rfc.section.2.6.1.p.10">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
+               </p>
+               <p id="rfc.section.2.6.1.p.11">If an endpoint receives a SYN_STREAM which is larger than the implementation supports, it MAY send a RST_STREAM with error
+                  code FRAME_TOO_LARGE. All implementations MUST support the minimum size limits defined in the Control Frames section (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>).
+               </p>
+            </div>
+            <div id="SYN_REPLY">
+               <h3 id="rfc.section.2.6.2"><a href="#rfc.section.2.6.2">2.6.2</a>&nbsp;<a href="#SYN_REPLY">SYN_REPLY</a></h3>
+               <p id="rfc.section.2.6.2.p.1">SYN_REPLY indicates the acceptance of a stream creation by the recipient of a SYN_STREAM frame.</p>
+               <div id="rfc.figure.u.4"></div><pre>+------------------------------------+
 |1|    version    |         2        |
 +------------------------------------+
@@ -952 +978 @@
 +------------------------------------+    |
 |           (repeats)                |   &lt;+
-            </pre> <p id="rfc.section.2.6.2.p.3">Flags: Flags related to this frame. Valid flags are: </p>
-      <ul class="empty">
-         <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
-         </li>
-      </ul>
-      <p id="rfc.section.2.6.2.p.4">Length: The length is the number of bytes which follow the length field in the frame. For SYN_REPLY frames, this is 4 bytes
-         plus the length of the compressed Name/Value block.
-      </p>
-      <p id="rfc.section.2.6.2.p.5">Stream-ID: The 31-bit identifier for this stream.</p>
-      <p id="rfc.section.2.6.2.p.6">If an endpoint receives multiple SYN_REPLY frames for the same active stream ID, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code STREAM_IN_USE.
-      </p>
-      <p id="rfc.section.2.6.2.p.7">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
-      </p>
-      <p id="rfc.section.2.6.2.p.8">If an endpoint receives a SYN_REPLY which is larger than the implementation supports, it MAY send a RST_STREAM with error
-         code FRAME_TOO_LARGE. All implementations MUST support the minimum size limits defined in the Control Frames section (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>).
-      </p>
-      <h3 id="rfc.section.2.6.3"><a href="#rfc.section.2.6.3">2.6.3</a>&nbsp;<a id="RST_STREAM" href="#RST_STREAM">RST_STREAM</a></h3>
-      <p id="rfc.section.2.6.3.p.1">The RST_STREAM frame allows for abnormal termination of a stream. When sent by the creator of a stream, it indicates the creator
-         wishes to cancel the stream. When sent by the recipient of a stream, it indicates an error or that the recipient did not want
-         to accept the stream, so the stream should be closed.
-      </p>
-      <div id="rfc.figure.u.5"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.2.p.3">Flags: Flags related to this frame. Valid flags are: </p>
+               <ul class="empty">
+                  <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
+                  </li>
+               </ul>
+               <p id="rfc.section.2.6.2.p.4">Length: The length is the number of bytes which follow the length field in the frame. For SYN_REPLY frames, this is 4 bytes
+                  plus the length of the compressed Name/Value block.
+               </p>
+               <p id="rfc.section.2.6.2.p.5">Stream-ID: The 31-bit identifier for this stream.</p>
+               <p id="rfc.section.2.6.2.p.6">If an endpoint receives multiple SYN_REPLY frames for the same active stream ID, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the error code STREAM_IN_USE.
+               </p>
+               <p id="rfc.section.2.6.2.p.7">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
+               </p>
+               <p id="rfc.section.2.6.2.p.8">If an endpoint receives a SYN_REPLY which is larger than the implementation supports, it MAY send a RST_STREAM with error
+                  code FRAME_TOO_LARGE. All implementations MUST support the minimum size limits defined in the Control Frames section (<a href="#ControlFrames" title="Control frames">Section&nbsp;2.2.1</a>).
+               </p>
+            </div>
+            <div id="RST_STREAM">
+               <h3 id="rfc.section.2.6.3"><a href="#rfc.section.2.6.3">2.6.3</a>&nbsp;<a href="#RST_STREAM">RST_STREAM</a></h3>
+               <p id="rfc.section.2.6.3.p.1">The RST_STREAM frame allows for abnormal termination of a stream. When sent by the creator of a stream, it indicates the creator
+                  wishes to cancel the stream. When sent by the recipient of a stream, it indicates an error or that the recipient did not want
+                  to accept the stream, so the stream should be closed.
+               </p>
+               <div id="rfc.figure.u.5"></div><pre>+----------------------------------+
 |1|   version    |         3       |
 +----------------------------------+
@@ -982 +1010 @@
 |          Status code             |
 +----------------------------------+
-            </pre> <p id="rfc.section.2.6.3.p.3">Flags: Flags related to this frame. RST_STREAM does not define any flags. This value must be 0.</p>
-      <p id="rfc.section.2.6.3.p.4">Length: An unsigned 24-bit value representing the number of bytes after the length field. For RST_STREAM control frames, this
-         value is always 8.
-      </p>
-      <p id="rfc.section.2.6.3.p.5">Stream-ID: The 31-bit identifier for this stream.</p>
-      <p id="rfc.section.2.6.3.p.6">Status code: (32 bits) An indicator for why the stream is being terminated.The following status codes are defined: </p>
-      <ul class="empty">
-         <li>1 - PROTOCOL_ERROR. This is a generic error, and should only be used if a more specific error is not available.</li>
-         <li>2 - INVALID_STREAM. This is returned when a frame is received for a stream which is not active.</li>
-         <li>3 - REFUSED_STREAM. Indicates that the stream was refused before any processing has been done on the stream.</li>
-         <li>4 - UNSUPPORTED_VERSION. Indicates that the recipient of a stream does not support the SPDY version requested.</li>
-         <li>5 - CANCEL. Used by the creator of a stream to indicate that the stream is no longer needed.</li>
-         <li>6 - INTERNAL_ERROR. This is a generic error which can be used when the implementation has internally failed, not due to anything
-            in the protocol.
-         </li>
-         <li>7 - FLOW_CONTROL_ERROR. The endpoint detected that its peer violated the flow control protocol.</li>
-         <li>8 - STREAM_IN_USE. The endpoint received a SYN_REPLY for a stream already open.</li>
-         <li>9 - STREAM_ALREADY_CLOSED. The endpoint received a data or SYN_REPLY frame for a stream which is half closed.</li>
-         <li>10 - INVALID_CREDENTIALS. The server received a request for a resource whose origin does not have valid credentials in the
-            client certificate vector.
-         </li>
-         <li>11 - FRAME_TOO_LARGE. The endpoint received a frame which this implementation could not support. If FRAME_TOO_LARGE is sent
-            for a SYN_STREAM, HEADERS, or SYN_REPLY frame without fully processing the compressed portion of those frames, then the compression
-            state will be out-of-sync with the other endpoint. In this case, senders of FRAME_TOO_LARGE MUST close the session.
-         </li>
-         <li>Note: 0 is not a valid status code for a RST_STREAM.</li>
-      </ul>
-      <p id="rfc.section.2.6.3.p.7">After receiving a RST_STREAM on a stream, the recipient must not send additional frames for that stream, and the stream moves
-         into the closed state.
-      </p>
-      <h3 id="rfc.section.2.6.4"><a href="#rfc.section.2.6.4">2.6.4</a>&nbsp;<a id="SETTINGS" href="#SETTINGS">SETTINGS</a></h3>
-      <p id="rfc.section.2.6.4.p.1">A SETTINGS frame contains a set of id/value pairs for communicating configuration data about how the two endpoints may communicate.
-         SETTINGS frames can be sent at any time by either endpoint, are optionally sent, and are fully asynchronous. When the server
-         is the sender, the sender can request that configuration data be persisted by the client across SPDY sessions and returned
-         to the server in future communications.
-      </p>
-      <p id="rfc.section.2.6.4.p.2">Persistence of SETTINGS ID/Value pairs is done on a per origin/IP pair (the "origin" is the set of scheme, host, and port
-         from the URI. See <a href="#RFC6454" id="rfc.xref.RFC6454.1"><cite title="The Web Origin Concept">[RFC6454]</cite></a>). That is, when a client connects to a server, and the server persists settings within the client, the client SHOULD return
-         the persisted settings on future connections to the same origin AND IP address and TCP port. Clients MUST NOT request servers
-         to use the persistence features of the SETTINGS frames, and servers MUST ignore persistence related flags sent by a client.
-      </p>
-      <div id="rfc.figure.u.6"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.3.p.3">Flags: Flags related to this frame. RST_STREAM does not define any flags. This value must be 0.</p>
+               <p id="rfc.section.2.6.3.p.4">Length: An unsigned 24-bit value representing the number of bytes after the length field. For RST_STREAM control frames, this
+                  value is always 8.
+               </p>
+               <p id="rfc.section.2.6.3.p.5">Stream-ID: The 31-bit identifier for this stream.</p>
+               <p id="rfc.section.2.6.3.p.6">Status code: (32 bits) An indicator for why the stream is being terminated.The following status codes are defined: </p>
+               <ul class="empty">
+                  <li>1 - PROTOCOL_ERROR. This is a generic error, and should only be used if a more specific error is not available.</li>
+                  <li>2 - INVALID_STREAM. This is returned when a frame is received for a stream which is not active.</li>
+                  <li>3 - REFUSED_STREAM. Indicates that the stream was refused before any processing has been done on the stream.</li>
+                  <li>4 - UNSUPPORTED_VERSION. Indicates that the recipient of a stream does not support the SPDY version requested.</li>
+                  <li>5 - CANCEL. Used by the creator of a stream to indicate that the stream is no longer needed.</li>
+                  <li>6 - INTERNAL_ERROR. This is a generic error which can be used when the implementation has internally failed, not due to anything
+                     in the protocol.
+                  </li>
+                  <li>7 - FLOW_CONTROL_ERROR. The endpoint detected that its peer violated the flow control protocol.</li>
+                  <li>8 - STREAM_IN_USE. The endpoint received a SYN_REPLY for a stream already open.</li>
+                  <li>9 - STREAM_ALREADY_CLOSED. The endpoint received a data or SYN_REPLY frame for a stream which is half closed.</li>
+                  <li>10 - INVALID_CREDENTIALS. The server received a request for a resource whose origin does not have valid credentials in the
+                     client certificate vector.
+                  </li>
+                  <li>11 - FRAME_TOO_LARGE. The endpoint received a frame which this implementation could not support. If FRAME_TOO_LARGE is sent
+                     for a SYN_STREAM, HEADERS, or SYN_REPLY frame without fully processing the compressed portion of those frames, then the compression
+                     state will be out-of-sync with the other endpoint. In this case, senders of FRAME_TOO_LARGE MUST close the session.
+                  </li>
+                  <li>Note: 0 is not a valid status code for a RST_STREAM.</li>
+               </ul>
+               <p id="rfc.section.2.6.3.p.7">After receiving a RST_STREAM on a stream, the recipient must not send additional frames for that stream, and the stream moves
+                  into the closed state.
+               </p>
+            </div>
+            <div id="SETTINGS">
+               <h3 id="rfc.section.2.6.4"><a href="#rfc.section.2.6.4">2.6.4</a>&nbsp;<a href="#SETTINGS">SETTINGS</a></h3>
+               <p id="rfc.section.2.6.4.p.1">A SETTINGS frame contains a set of id/value pairs for communicating configuration data about how the two endpoints may communicate.
+                  SETTINGS frames can be sent at any time by either endpoint, are optionally sent, and are fully asynchronous. When the server
+                  is the sender, the sender can request that configuration data be persisted by the client across SPDY sessions and returned
+                  to the server in future communications.
+               </p>
+               <p id="rfc.section.2.6.4.p.2">Persistence of SETTINGS ID/Value pairs is done on a per origin/IP pair (the "origin" is the set of scheme, host, and port
+                  from the URI. See <a href="#RFC6454" id="rfc.xref.RFC6454.1"><cite title="The Web Origin Concept">[RFC6454]</cite></a>). That is, when a client connects to a server, and the server persists settings within the client, the client SHOULD return
+                  the persisted settings on future connections to the same origin AND IP address and TCP port. Clients MUST NOT request servers
+                  to use the persistence features of the SETTINGS frames, and servers MUST ignore persistence related flags sent by a client.
+               </p>
+               <div id="rfc.figure.u.6"></div><pre>+----------------------------------+
 |1|   version    |         4       |
 +----------------------------------+
@@ -1032 +1062 @@
 |          ID/Value Pairs          |
 |             ...                  |
-            </pre> <p id="rfc.section.2.6.4.p.4">Control bit: The control bit is always 1 for this message.</p>
-      <p id="rfc.section.2.6.4.p.5">Version: The SPDY version number.</p>
-      <p id="rfc.section.2.6.4.p.6">Type: The message type for a SETTINGS message is 4.</p>
-      <p id="rfc.section.2.6.4.p.7">Flags: FLAG_SETTINGS_CLEAR_SETTINGS (0x1): When set, the client should clear any previously persisted SETTINGS ID/Value pairs.
-         If this frame contains ID/Value pairs with the FLAG_SETTINGS_PERSIST_VALUE set, then the client will first clear its existing,
-         persisted settings, and then persist the values with the flag set which are contained within this frame. Because persistence
-         is only implemented on the client, this flag can only be used when the sender is the server.
-      </p>
-      <p id="rfc.section.2.6.4.p.8">Length: An unsigned 24-bit value representing the number of bytes after the length field. The total size of a SETTINGS frame
-         is 8 bytes + length.
-      </p>
-      <p id="rfc.section.2.6.4.p.9">Number of entries: A 32-bit value representing the number of ID/value pairs in this message.</p>
-      <p id="rfc.section.2.6.4.p.10">ID: A 32-bit ID number, comprised of 8 bits of flags and 24 bits of unique ID. </p>
-      <ul class="empty">
-         <li>ID.flags: 
-            <ul class="empty">
-               <li>FLAG_SETTINGS_PERSIST_VALUE (0x1): When set, the sender of this SETTINGS frame is requesting that the recipient persist the
-                  ID/Value and return it in future SETTINGS frames sent from the sender to this recipient. Because persistence is only implemented
-                  on the client, this flag is only sent by the server.
-               </li>
-               <li>FLAG_SETTINGS_PERSISTED (0x2): When set, the sender is notifying the recipient that this ID/Value pair was previously sent
-                  to the sender by the recipient with the FLAG_SETTINGS_PERSIST_VALUE, and the sender is returning it. Because persistence is
-                  only implemented on the client, this flag is only sent by the client.
-               </li>
-            </ul> 
-         </li>
-         <li>Defined IDs: 
-            <ul class="empty">
-               <li>1 - SETTINGS_UPLOAD_BANDWIDTH allows the sender to send its expected upload bandwidth on this channel. This number is an estimate.
-                  The value should be the integral number of kilobytes per second that the sender predicts as an expected maximum upload channel
-                  capacity.
-               </li>
-               <li>2 - SETTINGS_DOWNLOAD_BANDWIDTH allows the sender to send its expected download bandwidth on this channel. This number is
-                  an estimate. The value should be the integral number of kilobytes per second that the sender predicts as an expected maximum
-                  download channel capacity.
-               </li>
-               <li>3 - SETTINGS_ROUND_TRIP_TIME allows the sender to send its expected round-trip-time on this channel. The round trip time is
-                  defined as the minimum amount of time to send a control frame from this client to the remote and receive a response. The value
-                  is represented in milliseconds.
-               </li>
-               <li>4 - SETTINGS_MAX_CONCURRENT_STREAMS allows the sender to inform the remote endpoint the maximum number of concurrent streams
-                  which it will allow. By default there is no limit. For implementors it is recommended that this value be no smaller than 100.
-               </li>
-               <li>5 - SETTINGS_CURRENT_CWND allows the sender to inform the remote endpoint of the current TCP CWND value.</li>
-               <li>6 - SETTINGS_DOWNLOAD_RETRANS_RATE allows the sender to inform the remote endpoint the retransmission rate (bytes retransmitted
-                  / total bytes transmitted).
-               </li>
-               <li>7 - SETTINGS_INITIAL_WINDOW_SIZE allows the sender to inform the remote endpoint the initial window size (in bytes) for new
-                  streams.
-               </li>
-               <li>8 - SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE allows the server to inform the client if the new size of the client certificate
-                  vector.
-               </li>
-            </ul> 
-         </li>
-      </ul>
-      <p id="rfc.section.2.6.4.p.11">Value: A 32-bit value.</p>
-      <p id="rfc.section.2.6.4.p.12">The message is intentionally extensible for future information which may improve client-server communications. The sender
-         does not need to send every type of ID/value. It must only send those for which it has accurate values to convey. When multiple
-         ID/value pairs are sent, they should be sent in order of lowest id to highest id. A single SETTINGS frame MUST not contain
-         multiple values for the same ID. If the recipient of a SETTINGS frame discovers multiple values for the same ID, it MUST ignore
-         all values except the first one.
-      </p>
-      <p id="rfc.section.2.6.4.p.13">A server may send multiple SETTINGS frames containing different ID/Value pairs. When the same ID/Value is sent twice, the
-         most recent value overrides any previously sent values. If the server sends IDs 1, 2, and 3 with the FLAG_SETTINGS_PERSIST_VALUE
-         in a first SETTINGS frame, and then sends IDs 4 and 5 with the FLAG_SETTINGS_PERSIST_VALUE, when the client returns the persisted
-         state on its next SETTINGS frame, it SHOULD send all 5 settings (1, 2, 3, 4, and 5 in this example) to the server.
-      </p>
-      <h3 id="rfc.section.2.6.5"><a href="#rfc.section.2.6.5">2.6.5</a>&nbsp;<a id="PING" href="#PING">PING</a></h3>
-      <p id="rfc.section.2.6.5.p.1">The PING control frame is a mechanism for measuring a minimal round-trip time from the sender. It can be sent from the client
-         or the server. Recipients of a PING frame should send an identical frame to the sender as soon as possible (if there is other
-         pending data waiting to be sent, PING should take highest priority). Each ping sent by a sender should use a unique ID.
-      </p>
-      <div id="rfc.figure.u.7"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.4.p.4">Control bit: The control bit is always 1 for this message.</p>
+               <p id="rfc.section.2.6.4.p.5">Version: The SPDY version number.</p>
+               <p id="rfc.section.2.6.4.p.6">Type: The message type for a SETTINGS message is 4.</p>
+               <p id="rfc.section.2.6.4.p.7">Flags: FLAG_SETTINGS_CLEAR_SETTINGS (0x1): When set, the client should clear any previously persisted SETTINGS ID/Value pairs.
+                  If this frame contains ID/Value pairs with the FLAG_SETTINGS_PERSIST_VALUE set, then the client will first clear its existing,
+                  persisted settings, and then persist the values with the flag set which are contained within this frame. Because persistence
+                  is only implemented on the client, this flag can only be used when the sender is the server.
+               </p>
+               <p id="rfc.section.2.6.4.p.8">Length: An unsigned 24-bit value representing the number of bytes after the length field. The total size of a SETTINGS frame
+                  is 8 bytes + length.
+               </p>
+               <p id="rfc.section.2.6.4.p.9">Number of entries: A 32-bit value representing the number of ID/value pairs in this message.</p>
+               <p id="rfc.section.2.6.4.p.10">ID: A 32-bit ID number, comprised of 8 bits of flags and 24 bits of unique ID. </p>
+               <ul class="empty">
+                  <li>ID.flags: 
+                     <ul class="empty">
+                        <li>FLAG_SETTINGS_PERSIST_VALUE (0x1): When set, the sender of this SETTINGS frame is requesting that the recipient persist the
+                           ID/Value and return it in future SETTINGS frames sent from the sender to this recipient. Because persistence is only implemented
+                           on the client, this flag is only sent by the server.
+                        </li>
+                        <li>FLAG_SETTINGS_PERSISTED (0x2): When set, the sender is notifying the recipient that this ID/Value pair was previously sent
+                           to the sender by the recipient with the FLAG_SETTINGS_PERSIST_VALUE, and the sender is returning it. Because persistence is
+                           only implemented on the client, this flag is only sent by the client.
+                        </li>
+                     </ul> 
+                  </li>
+                  <li>Defined IDs: 
+                     <ul class="empty">
+                        <li>1 - SETTINGS_UPLOAD_BANDWIDTH allows the sender to send its expected upload bandwidth on this channel. This number is an estimate.
+                           The value should be the integral number of kilobytes per second that the sender predicts as an expected maximum upload channel
+                           capacity.
+                        </li>
+                        <li>2 - SETTINGS_DOWNLOAD_BANDWIDTH allows the sender to send its expected download bandwidth on this channel. This number is
+                           an estimate. The value should be the integral number of kilobytes per second that the sender predicts as an expected maximum
+                           download channel capacity.
+                        </li>
+                        <li>3 - SETTINGS_ROUND_TRIP_TIME allows the sender to send its expected round-trip-time on this channel. The round trip time is
+                           defined as the minimum amount of time to send a control frame from this client to the remote and receive a response. The value
+                           is represented in milliseconds.
+                        </li>
+                        <li>4 - SETTINGS_MAX_CONCURRENT_STREAMS allows the sender to inform the remote endpoint the maximum number of concurrent streams
+                           which it will allow. By default there is no limit. For implementors it is recommended that this value be no smaller than 100.
+                        </li>
+                        <li>5 - SETTINGS_CURRENT_CWND allows the sender to inform the remote endpoint of the current TCP CWND value.</li>
+                        <li>6 - SETTINGS_DOWNLOAD_RETRANS_RATE allows the sender to inform the remote endpoint the retransmission rate (bytes retransmitted
+                           / total bytes transmitted).
+                        </li>
+                        <li>7 - SETTINGS_INITIAL_WINDOW_SIZE allows the sender to inform the remote endpoint the initial window size (in bytes) for new
+                           streams.
+                        </li>
+                        <li>8 - SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE allows the server to inform the client if the new size of the client certificate
+                           vector.
+                        </li>
+                     </ul> 
+                  </li>
+               </ul>
+               <p id="rfc.section.2.6.4.p.11">Value: A 32-bit value.</p>
+               <p id="rfc.section.2.6.4.p.12">The message is intentionally extensible for future information which may improve client-server communications. The sender
+                  does not need to send every type of ID/value. It must only send those for which it has accurate values to convey. When multiple
+                  ID/value pairs are sent, they should be sent in order of lowest id to highest id. A single SETTINGS frame MUST not contain
+                  multiple values for the same ID. If the recipient of a SETTINGS frame discovers multiple values for the same ID, it MUST ignore
+                  all values except the first one.
+               </p>
+               <p id="rfc.section.2.6.4.p.13">A server may send multiple SETTINGS frames containing different ID/Value pairs. When the same ID/Value is sent twice, the
+                  most recent value overrides any previously sent values. If the server sends IDs 1, 2, and 3 with the FLAG_SETTINGS_PERSIST_VALUE
+                  in a first SETTINGS frame, and then sends IDs 4 and 5 with the FLAG_SETTINGS_PERSIST_VALUE, when the client returns the persisted
+                  state on its next SETTINGS frame, it SHOULD send all 5 settings (1, 2, 3, 4, and 5 in this example) to the server.
+               </p>
+            </div>
+            <div id="PING">
+               <h3 id="rfc.section.2.6.5"><a href="#rfc.section.2.6.5">2.6.5</a>&nbsp;<a href="#PING">PING</a></h3>
+               <p id="rfc.section.2.6.5.p.1">The PING control frame is a mechanism for measuring a minimal round-trip time from the sender. It can be sent from the client
+                  or the server. Recipients of a PING frame should send an identical frame to the sender as soon as possible (if there is other
+                  pending data waiting to be sent, PING should take highest priority). Each ping sent by a sender should use a unique ID.
+               </p>
+               <div id="rfc.figure.u.7"></div><pre>+----------------------------------+
 |1|   version    |         6       |
 +----------------------------------+
@@ -1112 +1144 @@
 |            32-bit ID             |
 +----------------------------------+
-            </pre> <p id="rfc.section.2.6.5.p.3">Control bit: The control bit is always 1 for this message.</p>
-      <p id="rfc.section.2.6.5.p.4">Version: The SPDY version number.</p>
-      <p id="rfc.section.2.6.5.p.5">Type: The message type for a PING message is 6.</p>
-      <p id="rfc.section.2.6.5.p.6">Length: This frame is always 4 bytes long.</p>
-      <p id="rfc.section.2.6.5.p.7">ID: A unique ID for this ping, represented as an unsigned 32 bit value. When the client initiates a ping, it must use an odd
-         numbered ID. When the server initiates a ping, it must use an even numbered ping. Use of odd/even IDs is required in order
-         to avoid accidental looping on PINGs (where each side initiates an identical PING at the same time).
-      </p>
-      <p id="rfc.section.2.6.5.p.8">Note: If a sender uses all possible PING ids (e.g. has sent all 2^31 possible IDs), it can wrap and start re-using IDs.</p>
-      <p id="rfc.section.2.6.5.p.9">If a server receives an even numbered PING which it did not initiate, it must ignore the PING. If a client receives an odd
-         numbered PING which it did not initiate, it must ignore the PING.
-      </p>
-      <h3 id="rfc.section.2.6.6"><a href="#rfc.section.2.6.6">2.6.6</a>&nbsp;<a id="GOAWAY" href="#GOAWAY">GOAWAY</a></h3>
-      <p id="rfc.section.2.6.6.p.1">The GOAWAY control frame is a mechanism to tell the remote side of the connection to stop creating streams on this session.
-         It can be sent from the client or the server. Once sent, the sender will not respond to any new SYN_STREAMs on this session.
-         Recipients of a GOAWAY frame must not send additional streams on this session, although a new session can be established for
-         new streams. The purpose of this message is to allow an endpoint to gracefully stop accepting new streams (perhaps for a reboot
-         or maintenance), while still finishing processing of previously established streams.
-      </p>
-      <p id="rfc.section.2.6.6.p.2">There is an inherent race condition between an endpoint sending SYN_STREAMs and the remote sending a GOAWAY message. To deal
-         with this case, the GOAWAY contains a last-stream-id indicating the stream-id of the last stream which was created on the
-         sending endpoint in this session. If the receiver of the GOAWAY sent new SYN_STREAMs for sessions after this last-stream-id,
-         they were not processed by the server and the receiver may treat the stream as though it had never been created at all (hence
-         the receiver may want to re-create the stream later on a new session).
-      </p>
-      <p id="rfc.section.2.6.6.p.3">Endpoints should always send a GOAWAY message before closing a connection so that the remote can know whether a stream has
-         been partially processed or not. (For example, if an HTTP client sends a POST at the same time that a server closes a connection,
-         the client cannot know if the server started to process that POST request if the server does not send a GOAWAY frame to indicate
-         where it stopped working).
-      </p>
-      <p id="rfc.section.2.6.6.p.4">After sending a GOAWAY message, the sender must ignore all SYN_STREAM frames for new streams.</p>
-      <div id="rfc.figure.u.8"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.5.p.3">Control bit: The control bit is always 1 for this message.</p>
+               <p id="rfc.section.2.6.5.p.4">Version: The SPDY version number.</p>
+               <p id="rfc.section.2.6.5.p.5">Type: The message type for a PING message is 6.</p>
+               <p id="rfc.section.2.6.5.p.6">Length: This frame is always 4 bytes long.</p>
+               <p id="rfc.section.2.6.5.p.7">ID: A unique ID for this ping, represented as an unsigned 32 bit value. When the client initiates a ping, it must use an odd
+                  numbered ID. When the server initiates a ping, it must use an even numbered ping. Use of odd/even IDs is required in order
+                  to avoid accidental looping on PINGs (where each side initiates an identical PING at the same time).
+               </p>
+               <p id="rfc.section.2.6.5.p.8">Note: If a sender uses all possible PING ids (e.g. has sent all 2^31 possible IDs), it can wrap and start re-using IDs.</p>
+               <p id="rfc.section.2.6.5.p.9">If a server receives an even numbered PING which it did not initiate, it must ignore the PING. If a client receives an odd
+                  numbered PING which it did not initiate, it must ignore the PING.
+               </p>
+            </div>
+            <div id="GOAWAY">
+               <h3 id="rfc.section.2.6.6"><a href="#rfc.section.2.6.6">2.6.6</a>&nbsp;<a href="#GOAWAY">GOAWAY</a></h3>
+               <p id="rfc.section.2.6.6.p.1">The GOAWAY control frame is a mechanism to tell the remote side of the connection to stop creating streams on this session.
+                  It can be sent from the client or the server. Once sent, the sender will not respond to any new SYN_STREAMs on this session.
+                  Recipients of a GOAWAY frame must not send additional streams on this session, although a new session can be established for
+                  new streams. The purpose of this message is to allow an endpoint to gracefully stop accepting new streams (perhaps for a reboot
+                  or maintenance), while still finishing processing of previously established streams.
+               </p>
+               <p id="rfc.section.2.6.6.p.2">There is an inherent race condition between an endpoint sending SYN_STREAMs and the remote sending a GOAWAY message. To deal
+                  with this case, the GOAWAY contains a last-stream-id indicating the stream-id of the last stream which was created on the
+                  sending endpoint in this session. If the receiver of the GOAWAY sent new SYN_STREAMs for sessions after this last-stream-id,
+                  they were not processed by the server and the receiver may treat the stream as though it had never been created at all (hence
+                  the receiver may want to re-create the stream later on a new session).
+               </p>
+               <p id="rfc.section.2.6.6.p.3">Endpoints should always send a GOAWAY message before closing a connection so that the remote can know whether a stream has
+                  been partially processed or not. (For example, if an HTTP client sends a POST at the same time that a server closes a connection,
+                  the client cannot know if the server started to process that POST request if the server does not send a GOAWAY frame to indicate
+                  where it stopped working).
+               </p>
+               <p id="rfc.section.2.6.6.p.4">After sending a GOAWAY message, the sender must ignore all SYN_STREAM frames for new streams.</p>
+               <div id="rfc.figure.u.8"></div><pre>+----------------------------------+
 |1|   version    |         7       |
 +----------------------------------+
@@ -1152 +1186 @@
 |          Status code             |
 +----------------------------------+
-            </pre> <p id="rfc.section.2.6.6.p.6">Control bit: The control bit is always 1 for this message.</p>
-      <p id="rfc.section.2.6.6.p.7">Version: The SPDY version number.</p>
-      <p id="rfc.section.2.6.6.p.8">Type: The message type for a GOAWAY message is 7.</p>
-      <p id="rfc.section.2.6.6.p.9">Length: This frame is always 8 bytes long.</p>
-      <p id="rfc.section.2.6.6.p.10">Last-good-stream-Id: The last stream id which was replied to (with either a SYN_REPLY or RST_STREAM) by the sender of the
-         GOAWAY message. If no streams were replied to, this value MUST be 0.
-      </p>
-      <p id="rfc.section.2.6.6.p.11">Status: The reason for closing the session. </p>
-      <ul class="empty">
-         <li>0 - OK. This is a normal session teardown.</li>
-         <li>1 - PROTOCOL_ERROR. This is a generic error, and should only be used if a more specific error is not available.</li>
-         <li>11 - INTERNAL_ERROR. This is a generic error which can be used when the implementation has internally failed, not due to anything
-            in the protocol.
-         </li>
-      </ul>
-      <h3 id="rfc.section.2.6.7"><a href="#rfc.section.2.6.7">2.6.7</a>&nbsp;<a id="HEADERS" href="#HEADERS">HEADERS</a></h3>
-      <p id="rfc.section.2.6.7.p.1">The HEADERS frame augments a stream with additional headers. It may be optionally sent on an existing stream at any time.
-         Specific application of the headers in this frame is application-dependent. The name/value header block within this frame
-         is compressed.
-      </p>
-      <div id="rfc.figure.u.9"></div> <pre>+------------------------------------+
+            </pre><p id="rfc.section.2.6.6.p.6">Control bit: The control bit is always 1 for this message.</p>
+               <p id="rfc.section.2.6.6.p.7">Version: The SPDY version number.</p>
+               <p id="rfc.section.2.6.6.p.8">Type: The message type for a GOAWAY message is 7.</p>
+               <p id="rfc.section.2.6.6.p.9">Length: This frame is always 8 bytes long.</p>
+               <p id="rfc.section.2.6.6.p.10">Last-good-stream-Id: The last stream id which was replied to (with either a SYN_REPLY or RST_STREAM) by the sender of the
+                  GOAWAY message. If no streams were replied to, this value MUST be 0.
+               </p>
+               <p id="rfc.section.2.6.6.p.11">Status: The reason for closing the session. </p>
+               <ul class="empty">
+                  <li>0 - OK. This is a normal session teardown.</li>
+                  <li>1 - PROTOCOL_ERROR. This is a generic error, and should only be used if a more specific error is not available.</li>
+                  <li>11 - INTERNAL_ERROR. This is a generic error which can be used when the implementation has internally failed, not due to anything
+                     in the protocol.
+                  </li>
+               </ul>
+            </div>
+            <div id="HEADERS">
+               <h3 id="rfc.section.2.6.7"><a href="#rfc.section.2.6.7">2.6.7</a>&nbsp;<a href="#HEADERS">HEADERS</a></h3>
+               <p id="rfc.section.2.6.7.p.1">The HEADERS frame augments a stream with additional headers. It may be optionally sent on an existing stream at any time.
+                  Specific application of the headers in this frame is application-dependent. The name/value header block within this frame
+                  is compressed.
+               </p>
+               <div id="rfc.figure.u.9"></div><pre>+------------------------------------+
 |1|   version     |          8       |
 +------------------------------------+
@@ -1190 +1226 @@
 +------------------------------------+    |
 |           (repeats)                |   &lt;+
-            </pre> <p id="rfc.section.2.6.7.p.3">Flags: Flags related to this frame. Valid flags are: </p>
-      <ul class="empty">
-         <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
-         </li>
-      </ul>
-      <p id="rfc.section.2.6.7.p.4">Length: An unsigned 24 bit value representing the number of bytes after the length field. The minimum length of the length
-         field is 4 (when the number of name value pairs is 0).
-      </p>
-      <p id="rfc.section.2.6.7.p.5">Stream-ID: The stream this HEADERS block is associated with.</p>
-      <p id="rfc.section.2.6.7.p.6">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
-      </p>
-      <h3 id="rfc.section.2.6.8"><a href="#rfc.section.2.6.8">2.6.8</a>&nbsp;<a id="WINDOW_UPDATE" href="#WINDOW_UPDATE">WINDOW_UPDATE</a></h3>
-      <p id="rfc.section.2.6.8.p.1">The WINDOW_UPDATE control frame is used to implement per stream flow control in SPDY. Flow control in SPDY is per hop, that
-         is, only between the two endpoints of a SPDY connection. If there are one or more intermediaries between the client and the
-         origin server, flow control signals are not explicitly forwarded by the intermediaries. (However, throttling of data transfer
-         by any recipient may have the effect of indirectly propagating flow control information upstream back to the original sender.)
-         Flow control only applies to the data portion of data frames. Recipients must buffer all control frames. If a recipient fails
-         to buffer an entire control frame, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code FLOW_CONTROL_ERROR for the stream.
-      </p>
-      <p id="rfc.section.2.6.8.p.2">Flow control in SPDY is implemented by a data transfer window kept by the sender of each stream. The data transfer window
-         is a simple uint32 that indicates how many bytes of data the sender can transmit. After a stream is created, but before any
-         data frames have been transmitted, the sender begins with the initial window size. This window size is a measure of the buffering
-         capability of the recipient. The sender must not send a data frame with data length greater than the transfer window size.
-         After sending each data frame, the sender decrements its transfer window size by the amount of data transmitted. When the
-         window size becomes less than or equal to 0, the sender must pause transmitting data frames. At the other end of the stream,
-         the recipient sends a WINDOW_UPDATE control back to notify the sender that it has consumed some data and freed up buffer space
-         to receive more data.
-      </p>
-      <div id="rfc.figure.u.10"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.7.p.3">Flags: Flags related to this frame. Valid flags are: </p>
+               <ul class="empty">
+                  <li>0x01 = FLAG_FIN - marks this frame as the last frame to be transmitted on this stream and puts the sender in the half-closed (<a href="#StreamHalfClose" title="Stream half-close">Section&nbsp;2.3.6</a>) state.
+                  </li>
+               </ul>
+               <p id="rfc.section.2.6.7.p.4">Length: An unsigned 24 bit value representing the number of bytes after the length field. The minimum length of the length
+                  field is 4 (when the number of name value pairs is 0).
+               </p>
+               <p id="rfc.section.2.6.7.p.5">Stream-ID: The stream this HEADERS block is associated with.</p>
+               <p id="rfc.section.2.6.7.p.6">Name/Value Header Block: A set of name/value pairs carried as part of the SYN_STREAM. see Name/Value Header Block (<a href="#HeaderBlock" title="Name/Value Header Block">Section&nbsp;2.6.10</a>).
+               </p>
+            </div>
+            <div id="WINDOW_UPDATE">
+               <h3 id="rfc.section.2.6.8"><a href="#rfc.section.2.6.8">2.6.8</a>&nbsp;<a href="#WINDOW_UPDATE">WINDOW_UPDATE</a></h3>
+               <p id="rfc.section.2.6.8.p.1">The WINDOW_UPDATE control frame is used to implement per stream flow control in SPDY. Flow control in SPDY is per hop, that
+                  is, only between the two endpoints of a SPDY connection. If there are one or more intermediaries between the client and the
+                  origin server, flow control signals are not explicitly forwarded by the intermediaries. (However, throttling of data transfer
+                  by any recipient may have the effect of indirectly propagating flow control information upstream back to the original sender.)
+                  Flow control only applies to the data portion of data frames. Recipients must buffer all control frames. If a recipient fails
+                  to buffer an entire control frame, it MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code FLOW_CONTROL_ERROR for the stream.
+               </p>
+               <p id="rfc.section.2.6.8.p.2">Flow control in SPDY is implemented by a data transfer window kept by the sender of each stream. The data transfer window
+                  is a simple uint32 that indicates how many bytes of data the sender can transmit. After a stream is created, but before any
+                  data frames have been transmitted, the sender begins with the initial window size. This window size is a measure of the buffering
+                  capability of the recipient. The sender must not send a data frame with data length greater than the transfer window size.
+                  After sending each data frame, the sender decrements its transfer window size by the amount of data transmitted. When the
+                  window size becomes less than or equal to 0, the sender must pause transmitting data frames. At the other end of the stream,
+                  the recipient sends a WINDOW_UPDATE control back to notify the sender that it has consumed some data and freed up buffer space
+                  to receive more data.
+               </p>
+               <div id="rfc.figure.u.10"></div><pre>+----------------------------------+
 |1|   version    |         9       |
 +----------------------------------+
@@ -1227 +1265 @@
 |X|  Delta-Window-Size (31-bits)   |
 +----------------------------------+
-            </pre> <p id="rfc.section.2.6.8.p.4">Control bit: The control bit is always 1 for this message.</p>
-      <p id="rfc.section.2.6.8.p.5">Version: The SPDY version number.</p>
-      <p id="rfc.section.2.6.8.p.6">Type: The message type for a WINDOW_UPDATE message is 9.</p>
-      <p id="rfc.section.2.6.8.p.7">Length: The length field is always 8 for this frame (there are 8 bytes after the length field).</p>
-      <p id="rfc.section.2.6.8.p.8">Stream-ID: The stream ID that this WINDOW_UPDATE control frame is for.</p>
-      <p id="rfc.section.2.6.8.p.9">Delta-Window-Size: The additional number of bytes that the sender can transmit in addition to existing remaining window size.
-         The legal range for this field is 1 to 2^31 - 1 (0x7fffffff) bytes.
-      </p>
-      <p id="rfc.section.2.6.8.p.10">The window size as kept by the sender must never exceed 2^31 (although it can become negative in one special case). If a sender
-         receives a WINDOW_UPDATE that causes the its window size to exceed this limit, it must send RST_STREAM with status code FLOW_CONTROL_ERROR
-         to terminate the stream.
-      </p>
-      <p id="rfc.section.2.6.8.p.11">When a SPDY connection is first established, the default initial window size for all streams is 64KB. An endpoint can use
-         the SETTINGS control frame to adjust the initial window size for the connection. That is, its peer can start out using the
-         64KB default initial window size when sending data frames before receiving the SETTINGS. Because SETTINGS is asynchronous,
-         there may be a race condition if the recipient wants to decrease the initial window size, but its peer immediately sends 64KB
-         on the creation of a new connection, before waiting for the SETTINGS to arrive. This is one case where the window size kept
-         by the sender will become negative. Once the sender detects this condition, it must stop sending data frames and wait for
-         the recipient to catch up. The recipient has two choices: 
-      </p>
-      <ul class="empty">
-         <li>immediately send RST_STREAM with FLOW_CONTROL_ERROR status code.</li>
-         <li>allow the head of line blocking (as there is only one stream for the session and the amount of data in flight is bounded by
-            the default initial window size), and send WINDOW_UPDATE as it consumes data.
-         </li>
-      </ul>
-      <p id="rfc.section.2.6.8.p.12">In the case of option 2, both sides must compute the window size based on the initial window size in the SETTINGS. For example,
-         if the recipient sets the initial window size to be 16KB, and the sender sends 64KB immediately on connection establishment,
-         the sender will discover its window size is -48KB on receipt of the SETTINGS. As the recipient consumes the first 16KB, it
-         must send a WINDOW_UPDATE of 16KB back to the sender. This interaction continues until the sender's window size becomes positive
-         again, and it can resume transmitting data frames.
-      </p>
-      <p id="rfc.section.2.6.8.p.13">After the recipient reads in a data frame with FLAG_FIN that marks the end of the data stream, it should not send WINDOW_UPDATE
-         frames as it consumes the last data frame. A sender should ignore all the WINDOW_UPDATE frames associated with the stream
-         after it send the last frame for the stream.
-      </p>
-      <p id="rfc.section.2.6.8.p.14">The data frames from the sender and the WINDOW_UPDATE frames from the recipient are completely asynchronous with respect to
-         each other. This property allows a recipient to aggressively update the window size kept by the sender to prevent the stream
-         from stalling.
-      </p>
-      <h3 id="rfc.section.2.6.9"><a href="#rfc.section.2.6.9">2.6.9</a>&nbsp;<a id="CREDENTIAL" href="#CREDENTIAL">CREDENTIAL</a></h3>
-      <p id="rfc.section.2.6.9.p.1">The CREDENTIAL control frame is used by the client to send additional client certificates to the server. A SPDY client may
-         decide to send requests for resources from different origins on the same SPDY session if it decides that that server handles
-         both origins. For example if the IP address associated with both hostnames matches and the SSL server certificate presented
-         in the initial handshake is valid for both hostnames. However, because the SSL connection can contain at most one client certificate,
-         the client needs a mechanism to send additional client certificates to the server.
-      </p>
-      <p id="rfc.section.2.6.9.p.2">The server is required to maintain a vector of client certificates associated with a SPDY session. When the client needs to
-         send a client certificate to the server, it will send a CREDENTIAL frame that specifies the index of the slot in which to
-         store the certificate as well as proof that the client posesses the corresponding private key. The initial size of this vector
-         must be 8. If the client provides a client certificate during the first TLS handshake, the contents of this certificate must
-         be copied into the first slot (index 1) in the CREDENTIAL vector, though it may be overwritten by subsequent CREDENTIAL frames.
-         The server must exclusively use the CREDNETIAL vector when evaluating the client certificates associated with an origin. The
-         server may change the size of this vector by sending a SETTINGS frame with the setting SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE
-         value specified. In the event that the new size is smaller than the current size, truncation occurs preserving lower-index
-         slots as possible.
-      </p>
-      <p id="rfc.section.2.6.9.p.3">TLS renegotiation with client authentication is incompatible with SPDY given the multiplexed nature of SPDY. Specifically,
-         imagine that the client has 2 requests outstanding to the server for two different pages (in different tabs). When the renegotiation
-         + client certificate request comes in, the browser is unable to determine which resource triggered the client certificate
-         request, in order to prompt the user accordingly.
-      </p>
-      <div id="rfc.figure.u.11"></div> <pre>+----------------------------------+
+            </pre><p id="rfc.section.2.6.8.p.4">Control bit: The control bit is always 1 for this message.</p>
+               <p id="rfc.section.2.6.8.p.5">Version: The SPDY version number.</p>
+               <p id="rfc.section.2.6.8.p.6">Type: The message type for a WINDOW_UPDATE message is 9.</p>
+               <p id="rfc.section.2.6.8.p.7">Length: The length field is always 8 for this frame (there are 8 bytes after the length field).</p>
+               <p id="rfc.section.2.6.8.p.8">Stream-ID: The stream ID that this WINDOW_UPDATE control frame is for.</p>
+               <p id="rfc.section.2.6.8.p.9">Delta-Window-Size: The additional number of bytes that the sender can transmit in addition to existing remaining window size.
+                  The legal range for this field is 1 to 2^31 - 1 (0x7fffffff) bytes.
+               </p>
+               <p id="rfc.section.2.6.8.p.10">The window size as kept by the sender must never exceed 2^31 (although it can become negative in one special case). If a sender
+                  receives a WINDOW_UPDATE that causes the its window size to exceed this limit, it must send RST_STREAM with status code FLOW_CONTROL_ERROR
+                  to terminate the stream.
+               </p>
+               <p id="rfc.section.2.6.8.p.11">When a SPDY connection is first established, the default initial window size for all streams is 64KB. An endpoint can use
+                  the SETTINGS control frame to adjust the initial window size for the connection. That is, its peer can start out using the
+                  64KB default initial window size when sending data frames before receiving the SETTINGS. Because SETTINGS is asynchronous,
+                  there may be a race condition if the recipient wants to decrease the initial window size, but its peer immediately sends 64KB
+                  on the creation of a new connection, before waiting for the SETTINGS to arrive. This is one case where the window size kept
+                  by the sender will become negative. Once the sender detects this condition, it must stop sending data frames and wait for
+                  the recipient to catch up. The recipient has two choices: 
+               </p>
+               <ul class="empty">
+                  <li>immediately send RST_STREAM with FLOW_CONTROL_ERROR status code.</li>
+                  <li>allow the head of line blocking (as there is only one stream for the session and the amount of data in flight is bounded by
+                     the default initial window size), and send WINDOW_UPDATE as it consumes data.
+                  </li>
+               </ul>
+               <p id="rfc.section.2.6.8.p.12">In the case of option 2, both sides must compute the window size based on the initial window size in the SETTINGS. For example,
+                  if the recipient sets the initial window size to be 16KB, and the sender sends 64KB immediately on connection establishment,
+                  the sender will discover its window size is -48KB on receipt of the SETTINGS. As the recipient consumes the first 16KB, it
+                  must send a WINDOW_UPDATE of 16KB back to the sender. This interaction continues until the sender's window size becomes positive
+                  again, and it can resume transmitting data frames.
+               </p>
+               <p id="rfc.section.2.6.8.p.13">After the recipient reads in a data frame with FLAG_FIN that marks the end of the data stream, it should not send WINDOW_UPDATE
+                  frames as it consumes the last data frame. A sender should ignore all the WINDOW_UPDATE frames associated with the stream
+                  after it send the last frame for the stream.
+               </p>
+               <p id="rfc.section.2.6.8.p.14">The data frames from the sender and the WINDOW_UPDATE frames from the recipient are completely asynchronous with respect to
+                  each other. This property allows a recipient to aggressively update the window size kept by the sender to prevent the stream
+                  from stalling.
+               </p>
+            </div>
+            <div id="CREDENTIAL">
+               <h3 id="rfc.section.2.6.9"><a href="#rfc.section.2.6.9">2.6.9</a>&nbsp;<a href="#CREDENTIAL">CREDENTIAL</a></h3>
+               <p id="rfc.section.2.6.9.p.1">The CREDENTIAL control frame is used by the client to send additional client certificates to the server. A SPDY client may
+                  decide to send requests for resources from different origins on the same SPDY session if it decides that that server handles
+                  both origins. For example if the IP address associated with both hostnames matches and the SSL server certificate presented
+                  in the initial handshake is valid for both hostnames. However, because the SSL connection can contain at most one client certificate,
+                  the client needs a mechanism to send additional client certificates to the server.
+               </p>
+               <p id="rfc.section.2.6.9.p.2">The server is required to maintain a vector of client certificates associated with a SPDY session. When the client needs to
+                  send a client certificate to the server, it will send a CREDENTIAL frame that specifies the index of the slot in which to
+                  store the certificate as well as proof that the client posesses the corresponding private key. The initial size of this vector
+                  must be 8. If the client provides a client certificate during the first TLS handshake, the contents of this certificate must
+                  be copied into the first slot (index 1) in the CREDENTIAL vector, though it may be overwritten by subsequent CREDENTIAL frames.
+                  The server must exclusively use the CREDNETIAL vector when evaluating the client certificates associated with an origin. The
+                  server may change the size of this vector by sending a SETTINGS frame with the setting SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE
+                  value specified. In the event that the new size is smaller than the current size, truncation occurs preserving lower-index
+                  slots as possible.
+               </p>
+               <p id="rfc.section.2.6.9.p.3">TLS renegotiation with client authentication is incompatible with SPDY given the multiplexed nature of SPDY. Specifically,
+                  imagine that the client has 2 requests outstanding to the server for two different pages (in different tabs). When the renegotiation
+                  + client certificate request comes in, the browser is unable to determine which resource triggered the client certificate
+                  request, in order to prompt the user accordingly.
+               </p>
+               <div id="rfc.figure.u.11"></div><pre>+----------------------------------+
 |1|000000000000001|0000000000001011|
 +----------------------------------+
@@ -1304 +1344 @@
 |            Certificate           |  |
 +----------------------------------+ &lt;+
-            </pre> <p id="rfc.section.2.6.9.p.5">Slot: The index in the server's client certificate vector where this certificate should be stored. If there is already a certificate
-         stored at this index, it will be overwritten. The index is one based, not zero based; zero is an invalid slot index.
-      </p>
-      <p id="rfc.section.2.6.9.p.6">Proof: Cryptographic proof that the client has possession of the private key associated with the certificate. The format is
-         a TLS digitally-signed element (<a href="#RFC5246" id="rfc.xref.RFC5246.1"><cite title="The Transport Layer Security (TLS) Protocol Version 1.2">[RFC5246]</cite></a>, <a href="http://tools.ietf.org/html/rfc5246#section-4.7">Section 4.7</a>). The signature algorithm must be the same as that used in the CertificateVerify message. However, since the MD5+SHA1 signature
-         type used in TLS 1.0 connections can not be correctly encoded in a digitally-signed element, SHA1 must be used when MD5+SHA1
-         was used in the SSL connection. The signature is calculated over a 32 byte TLS extractor value (http://tools.ietf.org/html/rfc5705)
-         with a label of "EXPORTER SPDY certificate proof" using the empty string as context. ForRSA certificates the signature would
-         be a PKCS#1 v1.5 signature. For ECDSA, it would be an ECDSA-Sig-Value (http://tools.ietf.org/html/rfc5480#appendix-A). For
-         a 1024-bit RSA key, the CREDENTIAL message would be ~500 bytes.
-      </p>
-      <p id="rfc.section.2.6.9.p.7">Certificate: The certificate chain, starting with the leaf certificate. Each certificate must be encoded as a 32 bit length,
-         followed by a DER encoded certificate. The certificate must be of the same type (RSA, ECDSA, etc) as the client certificate
-         associated with the SSL connection.
-      </p>
-      <p id="rfc.section.2.6.9.p.8">If the server receives a request for a resource with unacceptable credential (either missing or invalid), it must reply with
-         a RST_STREAM frame with the status code INVALID_CREDENTIALS. Upon receipt of a RST_STREAM frame with INVALID_CREDENTIALS,
-         the client should initiate a new stream directly to the requested origin and resend the request. Note, SPDY does not allow
-         the server to request different client authentication for different resources in the same origin.
-      </p>
-      <p id="rfc.section.2.6.9.p.9">If the server receives an invalid CREDENTIAL frame, it MUST respond with a GOAWAY frame and shutdown the session.</p>
-      <h3 id="rfc.section.2.6.10"><a href="#rfc.section.2.6.10">2.6.10</a>&nbsp;<a id="HeaderBlock" href="#HeaderBlock">Name/Value Header Block</a></h3>
-      <p id="rfc.section.2.6.10.p.1">The Name/Value Header Block is found in the SYN_STREAM, SYN_REPLY and HEADERS control frames, and shares a common format:</p>
-      <div id="rfc.figure.u.12"></div> <pre>+------------------------------------+
+            </pre><p id="rfc.section.2.6.9.p.5">Slot: The index in the server's client certificate vector where this certificate should be stored. If there is already a certificate
+                  stored at this index, it will be overwritten. The index is one based, not zero based; zero is an invalid slot index.
+               </p>
+               <p id="rfc.section.2.6.9.p.6">Proof: Cryptographic proof that the client has possession of the private key associated with the certificate. The format is
+                  a TLS digitally-signed element (<a href="#RFC5246" id="rfc.xref.RFC5246.1"><cite title="The Transport Layer Security (TLS) Protocol Version 1.2">[RFC5246]</cite></a>, <a href="https://tools.ietf.org/html/rfc5246#section-4.7">Section 4.7</a>). The signature algorithm must be the same as that used in the CertificateVerify message. However, since the MD5+SHA1 signature
+                  type used in TLS 1.0 connections can not be correctly encoded in a digitally-signed element, SHA1 must be used when MD5+SHA1
+                  was used in the SSL connection. The signature is calculated over a 32 byte TLS extractor value (http://tools.ietf.org/html/rfc5705)
+                  with a label of "EXPORTER SPDY certificate proof" using the empty string as context. ForRSA certificates the signature would
+                  be a PKCS#1 v1.5 signature. For ECDSA, it would be an ECDSA-Sig-Value (http://tools.ietf.org/html/rfc5480#appendix-A). For
+                  a 1024-bit RSA key, the CREDENTIAL message would be ~500 bytes.
+               </p>
+               <p id="rfc.section.2.6.9.p.7">Certificate: The certificate chain, starting with the leaf certificate. Each certificate must be encoded as a 32 bit length,
+                  followed by a DER encoded certificate. The certificate must be of the same type (RSA, ECDSA, etc) as the client certificate
+                  associated with the SSL connection.
+               </p>
+               <p id="rfc.section.2.6.9.p.8">If the server receives a request for a resource with unacceptable credential (either missing or invalid), it must reply with
+                  a RST_STREAM frame with the status code INVALID_CREDENTIALS. Upon receipt of a RST_STREAM frame with INVALID_CREDENTIALS,
+                  the client should initiate a new stream directly to the requested origin and resend the request. Note, SPDY does not allow
+                  the server to request different client authentication for different resources in the same origin.
+               </p>
+               <p id="rfc.section.2.6.9.p.9">If the server receives an invalid CREDENTIAL frame, it MUST respond with a GOAWAY frame and shutdown the session.</p>
+            </div>
+            <div id="HeaderBlock">
+               <h3 id="rfc.section.2.6.10"><a href="#rfc.section.2.6.10">2.6.10</a>&nbsp;<a href="#HeaderBlock">Name/Value Header Block</a></h3>
+               <p id="rfc.section.2.6.10.p.1">The Name/Value Header Block is found in the SYN_STREAM, SYN_REPLY and HEADERS control frames, and shares a common format:</p>
+               <div id="rfc.figure.u.12"></div><pre>+------------------------------------+
 | Number of Name/Value pairs (int32) |
 +------------------------------------+
@@ -1339 +1381 @@
 +------------------------------------+
 |           (repeats)                |
-            </pre> <p id="rfc.section.2.6.10.p.3">Number of Name/Value pairs: The number of repeating name/value pairs following this field.</p>
-      <p id="rfc.section.2.6.10.p.4">List of Name/Value pairs: </p>
-      <ul class="empty">
-         <li>Length of Name: a 32-bit value containing the number of octets in the name field. Note that in practice, this length must
-            not exceed 2^24, as that is the maximum size of a SPDY frame.
-         </li>
-         <li>Name: 0 or more octets, 8-bit sequences of data, excluding 0.</li>
-         <li>Length of Value: a 32-bit value containing the number of octets in the value field. Note that in practice, this length must
-            not exceed 2^24, as that is the maximum size of a SPDY frame.
-         </li>
-         <li>Value: 0 or more octets, 8-bit sequences of data, excluding 0.</li>
-      </ul>
-      <p id="rfc.section.2.6.10.p.5">Each header name must have at least one value. Header names are encoded using the <a href="#ASCII">US-ASCII character set</a> <cite title="US-ASCII. Coded Character Set - 7-Bit American Standard Code for Information Interchange. Standard ANSI X3.4-1986, ANSI, 1986." id="rfc.xref.ASCII.1">[ASCII]</cite> and must be all lower case. The length of each name must be greater than zero. A recipient of a zero-length name MUST issue
-         a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
-      </p>
-      <p id="rfc.section.2.6.10.p.6">Duplicate header names are not allowed. To send two identically named headers, send a header with two values, where the values
-         are separated by a single NUL (0) byte. A header value can either be empty (e.g. the length is zero) or it can contain multiple,
-         NUL-separated values, each with length greater than zero. The value never starts nor ends with a NUL character. Recipients
-         of illegal value fields MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
-      </p>
-      <h4 id="rfc.section.2.6.10.1"><a href="#rfc.section.2.6.10.1">2.6.10.1</a>&nbsp;<a id="Compression" href="#Compression">Compression</a></h4>
-      <p id="rfc.section.2.6.10.1.p.1">The Name/Value Header Block is a section of the SYN_STREAM, SYN_REPLY, and HEADERS frames used to carry header meta-data.
-         This block is always compressed using zlib compression. Within this specification, any reference to 'zlib' is referring to
-         the <a href="#RFC1950">ZLIB Compressed Data Format Specification Version 3.3 as part of RFC1950.</a> <cite title="ZLIB Compressed Data Format Specification version 3.3" id="rfc.xref.RFC1950.1">[RFC1950]</cite></p>
-      <p id="rfc.section.2.6.10.1.p.2">For each HEADERS compression instance, the initial state is initialized using the following <a href="#UDELCOMPRESSION">dictionary</a> <cite title="A Methodology to Derive SPDY's Initial Dictionary for Zlib Compression" id="rfc.xref.UDELCOMPRESSION.1">[UDELCOMPRESSION]</cite>:
-      </p>
-      <div id="rfc.figure.u.13"></div> <pre class="ccmarker cct"><span>&lt;CODE BEGINS&gt;</span></pre><pre class="text">const unsigned char SPDY_dictionary_txt[] = {
+            </pre><p id="rfc.section.2.6.10.p.3">Number of Name/Value pairs: The number of repeating name/value pairs following this field.</p>
+               <p id="rfc.section.2.6.10.p.4">List of Name/Value pairs: </p>
+               <ul class="empty">
+                  <li>Length of Name: a 32-bit value containing the number of octets in the name field. Note that in practice, this length must
+                     not exceed 2^24, as that is the maximum size of a SPDY frame.
+                  </li>
+                  <li>Name: 0 or more octets, 8-bit sequences of data, excluding 0.</li>
+                  <li>Length of Value: a 32-bit value containing the number of octets in the value field. Note that in practice, this length must
+                     not exceed 2^24, as that is the maximum size of a SPDY frame.
+                  </li>
+                  <li>Value: 0 or more octets, 8-bit sequences of data, excluding 0.</li>
+               </ul>
+               <p id="rfc.section.2.6.10.p.5">Each header name must have at least one value. Header names are encoded using the <a href="#ASCII">US-ASCII character set</a> <cite title="US-ASCII. Coded Character Set - 7-Bit American Standard Code for Information Interchange. Standard ANSI X3.4-1986, ANSI, 1986." id="rfc.xref.ASCII.1">[ASCII]</cite> and must be all lower case. The length of each name must be greater than zero. A recipient of a zero-length name MUST issue
+                  a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
+               </p>
+               <p id="rfc.section.2.6.10.p.6">Duplicate header names are not allowed. To send two identically named headers, send a header with two values, where the values
+                  are separated by a single NUL (0) byte. A header value can either be empty (e.g. the length is zero) or it can contain multiple,
+                  NUL-separated values, each with length greater than zero. The value never starts nor ends with a NUL character. Recipients
+                  of illegal value fields MUST issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with the status code PROTOCOL_ERROR for the stream-id.
+               </p>
+               <div id="Compression">
+                  <h4 id="rfc.section.2.6.10.1"><a href="#rfc.section.2.6.10.1">2.6.10.1</a>&nbsp;<a href="#Compression">Compression</a></h4>
+                  <p id="rfc.section.2.6.10.1.p.1">The Name/Value Header Block is a section of the SYN_STREAM, SYN_REPLY, and HEADERS frames used to carry header meta-data.
+                     This block is always compressed using zlib compression. Within this specification, any reference to 'zlib' is referring to
+                     the <a href="#RFC1950">ZLIB Compressed Data Format Specification Version 3.3 as part of RFC1950.</a> <cite title="ZLIB Compressed Data Format Specification version 3.3" id="rfc.xref.RFC1950.1">[RFC1950]</cite></p>
+                  <p id="rfc.section.2.6.10.1.p.2">For each HEADERS compression instance, the initial state is initialized using the following <a href="#UDELCOMPRESSION">dictionary</a> <cite title="A Methodology to Derive SPDY's Initial Dictionary for Zlib Compression" id="rfc.xref.UDELCOMPRESSION.1">[UDELCOMPRESSION]</cite>:
+                  </p>
+                  <div id="rfc.figure.u.13"></div><pre class="text">const unsigned char SPDY_dictionary_txt[] = {
   0x00, 0x00, 0x00, 0x07, 0x6f, 0x70, 0x74, 0x69,  \\ - - - - o p t i
   0x6f, 0x6e, 0x73, 0x00, 0x00, 0x00, 0x04, 0x68,  \\ o n s - - - - h
@@ -1545 +1588 @@
   0x2c, 0x65, 0x6e, 0x71, 0x3d, 0x30, 0x2e         \\ - e n q - 0 -
 };
-</pre><pre class="ccmarker ccb"><span>&lt;CODE ENDS&gt;</span></pre> <p id="rfc.section.2.6.10.1.p.4">The entire contents of the name/value header block is compressed using zlib. There is a single zlib stream for all name value
-         pairs in one direction on a connection. SPDY uses a SYNC_FLUSH between each compressed frame.
-      </p>
-      <p id="rfc.section.2.6.10.1.p.5">Implementation notes: the compression engine can be tuned to favor speed or size. Optimizing for size increases memory use
-         and CPU consumption. Because header blocks are generally small, implementors may want to reduce the window-size of the compression
-         engine from the default 15bits (a 32KB window) to more like 11bits (a 2KB window). The exact setting is chosen by the compressor,
-         the decompressor will work with any setting.
-      </p>
-      <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a id="HTTPLayer" href="#HTTPLayer">HTTP Layering over SPDY</a></h1>
-      <p id="rfc.section.3.p.1">SPDY is intended to be as compatible as possible with current web-based applications. This means that, from the perspective
-         of the server business logic or application API, the features of HTTP are unchanged. To achieve this, all of the application
-         request and response header semantics are preserved, although the syntax of conveying those semantics has changed. Thus, the
-         rules from the <a href="#RFC2616">HTTP/1.1 specification in RFC2616</a> <cite title="Hypertext Transfer Protocol -- HTTP/1.1" id="rfc.xref.RFC2616.2">[RFC2616]</cite> apply with the changes in the sections below.
-      </p>
-      <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;Connection Management
-      </h2>
-      <p id="rfc.section.3.1.p.1">Clients SHOULD NOT open more than one SPDY session to a given <a href="#RFC6454">origin</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.2">[RFC6454]</cite> concurrently.
-      </p>
-      <p id="rfc.section.3.1.p.2">Note that it is possible for one SPDY session to be finishing (e.g. a GOAWAY message has been sent, but not all streams have
-         finished), while another SPDY session is starting.
-      </p>
-      <h3 id="rfc.section.3.1.1"><a href="#rfc.section.3.1.1">3.1.1</a>&nbsp;Use of GOAWAY
-      </h3>
-      <p id="rfc.section.3.1.1.p.1">SPDY provides a GOAWAY message which can be used when closing a connection from either the client or server. Without a server
-         GOAWAY message, HTTP has a race condition where the client sends a request (a new SYN_STREAM) just as the server is closing
-         the connection, and the client cannot know if the server received the stream or not. By using the last-stream-id in the GOAWAY,
-         servers can indicate to the client if a request was processed or not.
-      </p>
-      <p id="rfc.section.3.1.1.p.2">Note that some servers will choose to send the GOAWAY and immediately terminate the connection without waiting for active
-         streams to finish. The client will be able to determine this because SPDY streams are determinstically closed. This abrupt
-         termination will force the client to heuristically decide whether to retry the pending requests. Clients always need to be
-         capable of dealing with this case because they must deal with accidental connection termination cases, which are the same
-         as the server never having sent a GOAWAY.
-      </p>
-      <p id="rfc.section.3.1.1.p.3">More sophisticated servers will use GOAWAY to implement a graceful teardown. They will send the GOAWAY and provide some time
-         for the active streams to finish before terminating the connection.
-      </p>
-      <p id="rfc.section.3.1.1.p.4">If a SPDY client closes the connection, it should also send a GOAWAY message. This allows the server to know if any server-push
-         streams were received by the client.
-      </p>
-      <p id="rfc.section.3.1.1.p.5">If the endpoint closing the connection has not received any SYN_STREAMs from the remote, the GOAWAY will contain a last-stream-id
-         of 0.
-      </p>
-      <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;HTTP Request/Response
-      </h2>
-      <h3 id="rfc.section.3.2.1"><a href="#rfc.section.3.2.1">3.2.1</a>&nbsp;Request
-      </h3>
-      <p id="rfc.section.3.2.1.p.1">The client initiates a request by sending a SYN_STREAM frame. For requests which do not contain a body, the SYN_STREAM frame
-         MUST set the FLAG_FIN, indicating that the client intends to send no further data on this stream. For requests which do contain
-         a body, the SYN_STREAM will not contain the FLAG_FIN, and the body will follow the SYN_STREAM in a series of DATA frames.
-         The last DATA frame will set the FLAG_FIN to indicate the end of the body.
-      </p>
-      <p id="rfc.section.3.2.1.p.2">The SYN_STREAM Name/Value section will contain all of the HTTP headers which are associated with an HTTP request. The header
-         block in SPDY is mostly unchanged from today's HTTP header block, with the following differences: 
-      </p>
-      <ul class="empty">
-         <li>The first line of the request is unfolded into name/value pairs like other HTTP headers and MUST be present: 
-            <ul class="empty">
-               <li>":method" - the HTTP method for this request (e.g. "GET", "POST", "HEAD", etc)</li>
-               <li>":path" - the url-path for this url with "/" prefixed. (See <a href="#RFC1738">RFC1738</a> <cite title="Uniform Resource Locators (URL)" id="rfc.xref.RFC1738.1">[RFC1738]</cite>). For example, for "http://www.google.com/search?q=dogs" the path would be "/search?q=dogs".
-               </li>
-               <li>":version" - the HTTP version of this request (e.g. "HTTP/1.1")</li>
-            </ul> 
-         </li>
-         <li>In addition, the following two name/value pairs must also be present in every request: 
-            <ul class="empty">
-               <li>":host" - the hostport (See <a href="#RFC1738">RFC1738</a> <cite title="Uniform Resource Locators (URL)" id="rfc.xref.RFC1738.2">[RFC1738]</cite>) portion of the URL for this request (e.g. "www.google.com:1234"). This header is the same as the HTTP 'Host' header.
-               </li>
-               <li>":scheme" - the scheme portion of the URL for this request (e.g. "https"))</li>
-            </ul>
-         </li>
-         <li>Header names are all lowercase.</li>
-         <li>The Connection, Host, Keep-Alive, Proxy-Connection, and Transfer-Encoding headers are not valid and MUST not be sent.</li>
-         <li>User-agents MUST support gzip compression. Regardless of the Accept-Encoding sent by the user-agent, the server may always
-            send content encoded with gzip or deflate encoding.
-         </li>
-         <li>If a server receives a request where the sum of the data frame payload lengths does not equal the size of the Content-Length
-            header, the server MUST return a 400 (Bad Request) error.
-         </li>
-         <li>POST-specific changes: 
-            <ul class="empty">
-               <li>Although POSTs are inherently chunked, POST requests SHOULD also be accompanied by a Content-Length header. There are two
-                  reasons for this: First, it assists with upload progress meters for an improved user experience. But second, we know from
-                  early versions of SPDY that failure to send a content length header is incompatible with many existing HTTP server implementations.
-                  Existing user-agents do not omit the Content-Length header, and server implementations have come to depend upon this.
-               </li>
-            </ul> 
-         </li>
-      </ul>
-      <p id="rfc.section.3.2.1.p.3">The user-agent is free to prioritize requests as it sees fit. If the user-agent cannot make progress without receiving a resource,
-         it should attempt to raise the priority of that resource. Resources such as images, SHOULD generally use the lowest priority.
-      </p>
-      <p id="rfc.section.3.2.1.p.4">If a client sends a SYN_STREAM without all of the method, host, path, scheme, and version headers, the server MUST reply with
-         a HTTP 400 Bad Request reply.
-      </p>
-      <h3 id="rfc.section.3.2.2"><a href="#rfc.section.3.2.2">3.2.2</a>&nbsp;Response
-      </h3>
-      <p id="rfc.section.3.2.2.p.1">The server responds to a client request with a SYN_REPLY frame. Symmetric to the client's upload stream, server will send
-         data after the SYN_REPLY frame via a series of DATA frames, and the last data frame will contain the FLAG_FIN to indicate
-         successful end-of-stream. If a response (like a 202 or 204 response) contains no body, the SYN_REPLY frame may contain the
-         FLAG_FIN flag to indicate no further data will be sent on the stream.
-      </p>
-      <p id="rfc.section.3.2.2.p.2"> </p>
-      <ul class="empty">
-         <li>The response status line is unfolded into name/value pairs like other HTTP headers and must be present: 
-            <ul class="empty">
-               <li>":status" - The HTTP response status code (e.g. "200" or "200 OK")</li>
-               <li>":version" - The HTTP response version (e.g. "HTTP/1.1")</li>
-            </ul> 
-         </li>
-         <li>All header names must be lowercase.</li>
-         <li>The Connection, Keep-Alive, Proxy-Connection, and Transfer-Encoding headers are not valid and MUST not be sent.</li>
-         <li>Responses MAY be accompanied by a Content-Length header for advisory purposes. (e.g. for UI progress meters)</li>
-         <li>If a client receives a response where the sum of the data frame payload lengths does not equal the size of the Content-Length
-            header, the client MUST ignore the content length header.
-         </li>
-      </ul>
-      <p id="rfc.section.3.2.2.p.3">If a client receives a SYN_REPLY without a status or without a version header, the client must reply with a RST_STREAM frame
-         indicating a PROTOCOL ERROR.
-      </p>
-      <h3 id="rfc.section.3.2.3"><a href="#rfc.section.3.2.3">3.2.3</a>&nbsp;<a id="Authentication" href="#Authentication">Authentication</a></h3>
-      <p id="rfc.section.3.2.3.p.1">When a client sends a request to an origin server that requires authentication, the server can reply with a "401 Unauthorized"
-         response, and include a WWW-Authenticate challenge header that defines the authentication scheme to be used. The client then
-         retries the request with an Authorization header appropriate to the specified authentication scheme.
-      </p>
-      <p id="rfc.section.3.2.3.p.2">There are four options for proxy authentication, Basic, Digest, NTLM and Negotiate (SPNEGO). The first two options were defined
-         in <a href="#RFC2617">RFC2617</a> <cite title="HTTP Authentication: Basic and Digest Access Authentication" id="rfc.xref.RFC2617.1">[RFC2617]</cite>, and are stateless. The second two options were developed by Microsoft and specified in <a href="#RFC4559">RFC4559</a> <cite title="SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows" id="rfc.xref.RFC4559.1">[RFC4559]</cite>, and are stateful; otherwise known as multi-round authentication, or connection authentication.
-      </p>
-      <h4 id="rfc.section.3.2.3.1"><a href="#rfc.section.3.2.3.1">3.2.3.1</a>&nbsp;Stateless Authentication
-      </h4>
-      <p id="rfc.section.3.2.3.1.p.1">Stateless Authentication over SPDY is identical to how it is performed over HTTP. If multiple SPDY streams are concurrently
-         sent to a single server, each will authenticate independently, similar to how two HTTP connections would independently authenticate
-         to a proxy server.
-      </p>
-      <h4 id="rfc.section.3.2.3.2"><a href="#rfc.section.3.2.3.2">3.2.3.2</a>&nbsp;Stateful Authentication
-      </h4>
-      <p id="rfc.section.3.2.3.2.p.1">Unfortunately, the stateful authentication mechanisms were implemented and defined in a such a way that directly violates
-         RFC2617 - they do not include a "realm" as part of the request. This is problematic in SPDY because it makes it impossible
-         for a client to disambiguate two concurrent server authentication challenges.
-      </p>
-      <p id="rfc.section.3.2.3.2.p.2">To deal with this case, SPDY servers using Stateful Authentication MUST implement one of two changes: </p>
-      <ul class="empty">
-         <li>Servers can add a "realm=&lt;desired realm&gt;" header so that the two authentication requests can be disambiguated and run concurrently.
-            Unfortunately, given how these mechanisms work, this is probably not practical.
-         </li>
-         <li>Upon sending the first stateful challenge response, the server MUST buffer and defer all further frames which are not part
-            of completing the challenge until the challenge has completed. Completing the authentication challenge may take multiple round
-            trips. Once the client receives a "401 Authenticate" response for a stateful authentication type, it MUST stop sending new
-            requests to the server until the authentication has completed by receiving a non-401 response on at least one stream.
-         </li>
-      </ul>
-      <h2 id="rfc.section.3.3"><a href="#rfc.section.3.3">3.3</a>&nbsp;Server Push Transactions
-      </h2>
-      <p id="rfc.section.3.3.p.1">SPDY enables a server to send multiple replies to a client for a single request. The rationale for this feature is that sometimes
-         a server knows that it will need to send multiple resources in response to a single request. Without server push features,
-         the client must first download the primary resource, then discover the secondary resource(s), and request them. Pushing of
-         resources avoids the round-trip delay, but also creates a potential race where a server can be pushing content which a user-agent
-         is in the process of requesting. The following mechanics attempt to prevent the race condition while enabling the performance
-         benefit.
-      </p>
-      <p id="rfc.section.3.3.p.2">Browsers receiving a pushed response MUST validate that the server is authorized to push the URL using the <a href="#RFC6454">browser same-origin</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.3">[RFC6454]</cite> policy. For example, a SPDY connection to www.foo.com is generally not permitted to push a response for www.evil.com.
-      </p>
-      <p id="rfc.section.3.3.p.3">If the browser accepts a pushed response (e.g. it does not send a RST_STREAM), the browser MUST attempt to cache the pushed
-         response in same way that it would cache any other response. This means validating the response headers and inserting into
-         the disk cache.
-      </p>
-      <p id="rfc.section.3.3.p.4">Because pushed responses have no request, they have no request headers associated with them. At the framing layer, SPDY pushed
-         streams contain an "associated-stream-id" which indicates the requested stream for which the pushed stream is related. The
-         pushed stream inherits all of the headers from the associated-stream-id with the exception of ":host", ":scheme", and ":path",
-         which are provided as part of the pushed response stream headers. The browser MUST store these inherited and implied request
-         headers with the cached resource.
-      </p>
-      <p id="rfc.section.3.3.p.5">Implementation note: With server push, it is theoretically possible for servers to push unreasonable amounts of content or
-         resources to the user-agent. Browsers MUST implement throttles to protect against unreasonable push attacks.
-      </p>
-      <h3 id="rfc.section.3.3.1"><a href="#rfc.section.3.3.1">3.3.1</a>&nbsp;Server implementation
-      </h3>
-      <p id="rfc.section.3.3.1.p.1">When the server intends to push a resource to the user-agent, it opens a new stream by sending a unidirectional SYN_STREAM.
-         The SYN_STREAM MUST include an Associated-To-Stream-ID, and MUST set the FLAG_UNIDIRECTIONAL flag. The SYN_STREAM MUST include
-         headers for ":scheme", ":host", ":path", which represent the URL for the resource being pushed. Subsequent headers may follow
-         in HEADERS frames. The purpose of the association is so that the user-agent can differentiate which request induced the pushed
-         stream; without it, if the user-agent had two tabs open to the same page, each pushing unique content under a fixed URL, the
-         user-agent would not be able to differentiate the requests.
-      </p>
-      <p id="rfc.section.3.3.1.p.2">The Associated-To-Stream-ID must be the ID of an existing, open stream. The reason for this restriction is to have a clear
-         endpoint for pushed content. If the user-agent requested a resource on stream 11, the server replies on stream 11. It can
-         push any number of additional streams to the client before sending a FLAG_FIN on stream 11. However, once the originating
-         stream is closed no further push streams may be associated with it. The pushed streams do not need to be closed (FIN set)
-         before the originating stream is closed, they only need to be created before the originating stream closes.
-      </p>
-      <p id="rfc.section.3.3.1.p.3">It is illegal for a server to push a resource with the Associated-To-Stream-ID of 0.</p>
-      <p id="rfc.section.3.3.1.p.4">To minimize race conditions with the client, the SYN_STREAM for the pushed resources MUST be sent prior to sending any content
-         which could allow the client to discover the pushed resource and request it.
-      </p>
-      <p id="rfc.section.3.3.1.p.5">The server MUST only push resources which would have been returned from a GET request.</p>
-      <p id="rfc.section.3.3.1.p.6">Note: If the server does not have all of the Name/Value Response headers available at the time it issues the HEADERS frame
-         for the pushed resource, it may later use an additional HEADERS frame to augment the name/value pairs to be associated with
-         the pushed stream. The subsequent HEADERS frame(s) must not contain a header for ':host', ':scheme', or ':path' (e.g. the
-         server can't change the identity of the resource to be pushed). The HEADERS frame must not contain duplicate headers with
-         a previously sent HEADERS frame. The server must send a HEADERS frame including the scheme/host/port headers before sending
-         any data frames on the stream.
-      </p>
-      <h3 id="rfc.section.3.3.2"><a href="#rfc.section.3.3.2">3.3.2</a>&nbsp;Client implementation
-      </h3>
-      <p id="rfc.section.3.3.2.p.1">When fetching a resource the client has 3 possibilities: </p>
-      <ul class="empty">
-         <li>the resource is not being pushed</li>
-         <li>the resource is being pushed, but the data has not yet arrived</li>
-         <li>the resource is being pushed, and the data has started to arrive</li>
-      </ul>
-      <p id="rfc.section.3.3.2.p.2">When a SYN_STREAM and HEADERS frame which contains an Associated-To-Stream-ID is received, the client must not issue GET requests
-         for the resource in the pushed stream, and instead wait for the pushed stream to arrive.
-      </p>
-      <p id="rfc.section.3.3.2.p.3">If a client receives a server push stream with stream-id 0, it MUST issue a session error (<a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>) with the status code PROTOCOL_ERROR.
-      </p>
-      <p id="rfc.section.3.3.2.p.4">When a client receives a SYN_STREAM from the server without a the ':host', ':scheme', and ':path' headers in the Name/Value
-         section, it MUST reply with a RST_STREAM with error code HTTP_PROTOCOL_ERROR.
-      </p>
-      <p id="rfc.section.3.3.2.p.5">To cancel individual server push streams, the client can issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code CANCEL. Upon receipt, the server MUST stop sending on this stream immediately (this is an Abrupt termination).
-      </p>
-      <p id="rfc.section.3.3.2.p.6">To cancel all server push streams related to a request, the client may issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code CANCEL on the associated-stream-id. By cancelling that stream, the server MUST immediately stop sending frames
-         for any streams with in-association-to for the original stream.
-      </p>
-      <p id="rfc.section.3.3.2.p.7">If the server sends a HEADER frame containing duplicate headers with a previous HEADERS frame for the same stream, the client
-         must issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code PROTOCOL ERROR.
-      </p>
-      <p id="rfc.section.3.3.2.p.8">If the server sends a HEADERS frame after sending a data frame for the same stream, the client MAY ignore the HEADERS frame.
-         Ignoring the HEADERS frame after a data frame prevents handling of HTTP's trailing headers (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.40).
-      </p>
-      <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;Design Rationale and Notes
-      </h1>
-      <p id="rfc.section.4.p.1">Authors' notes: The notes in this section have no bearing on the SPDY protocol as specified within this document, and none
-         of these notes should be considered authoritative about how the protocol works. However, these notes may prove useful in future
-         debates about how to resolve protocol ambiguities or how to evolve the protocol going forward. They may be removed before
-         the final draft.
-      </p>
-      <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a>&nbsp;Separation of Framing Layer and Application Layer
-      </h2>
-      <p id="rfc.section.4.1.p.1">Readers may note that this specification sometimes blends the framing layer (<a href="#FramingLayer" title="SPDY Framing Layer">Section&nbsp;2</a>) with requirements of a specific application - HTTP (<a href="#HTTPLayer" title="HTTP Layering over SPDY">Section&nbsp;3</a>). This is reflected in the request/response nature of the streams, the definition of the HEADERS and compression contexts
-         which are very similar to HTTP, and other areas as well.
-      </p>
-      <p id="rfc.section.4.1.p.2">This blending is intentional - the primary goal of this protocol is to create a low-latency protocol for use with HTTP. Isolating
-         the two layers is convenient for description of the protocol and how it relates to existing HTTP implementations. However,
-         the ability to reuse the SPDY framing layer is a non goal.
-      </p>
-      <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;Error handling - Framing Layer
-      </h2>
-      <p id="rfc.section.4.2.p.1">Error handling at the SPDY layer splits errors into two groups: Those that affect an individual SPDY stream, and those that
-         do not.
-      </p>
-      <p id="rfc.section.4.2.p.2">When an error is confined to a single stream, but general framing is in tact, SPDY attempts to use the RST_STREAM as a mechanism
-         to invalidate the stream but move forward without aborting the connection altogether.
-      </p>
-      <p id="rfc.section.4.2.p.3">For errors occuring outside of a single stream context, SPDY assumes the entire session is hosed. In this case, the endpoint
-         detecting the error should initiate a connection close.
-      </p>
-      <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;One Connection Per Domain
-      </h2>
-      <p id="rfc.section.4.3.p.1">SPDY attempts to use fewer connections than other protocols have traditionally used. The rationale for this behavior is because
-         it is very difficult to provide a consistent level of service (e.g. TCP slow-start), prioritization, or optimal compression
-         when the client is connecting to the server through multiple channels.
-      </p>
-      <p id="rfc.section.4.3.p.2">Through lab measurements, we have seen consistent latency benefits by using fewer connections from the client. The overall
-         number of packets sent by SPDY can be as much as 40% less than HTTP. Handling large numbers of concurrent connections on the
-         server also does become a scalability problem, and SPDY reduces this load.
-      </p>
-      <p id="rfc.section.4.3.p.3">The use of multiple connections is not without benefit, however. Because SPDY multiplexes multiple, independent streams onto
-         a single stream, it creates a potential for head-of-line blocking problems at the transport level. In tests so far, the negative
-         effects of head-of-line blocking (especially in the presence of packet loss) is outweighed by the benefits of compression
-         and prioritization.
-      </p>
-      <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a>&nbsp;Fixed vs Variable Length Fields
-      </h2>
-      <p id="rfc.section.4.4.p.1">SPDY favors use of fixed length 32bit fields in cases where smaller, variable length encodings could have been used. To some,
-         this seems like a tragic waste of bandwidth. SPDY choses the simple encoding for speed and simplicity.
-      </p>
-      <p id="rfc.section.4.4.p.2">The goal of SPDY is to reduce latency on the network. The overhead of SPDY frames is generally quite low. Each data frame
-         is only an 8 byte overhead for a 1452 byte payload (~0.6%). At the time of this writing, bandwidth is already plentiful, and
-         there is a strong trend indicating that bandwidth will continue to increase. With an average worldwide bandwidth of 1Mbps,
-         and assuming that a variable length encoding could reduce the overhead by 50%, the latency saved by using a variable length
-         encoding would be less than 100 nanoseconds. More interesting are the effects when the larger encodings force a packet boundary,
-         in which case a round-trip could be induced. However, by addressing other aspects of SPDY and TCP interactions, we believe
-         this is completely mitigated.
-      </p>
-      <h2 id="rfc.section.4.5"><a href="#rfc.section.4.5">4.5</a>&nbsp;Compression Context(s)
-      </h2>
-      <p id="rfc.section.4.5.p.1">When isolating the compression contexts used for communicating with multiple origins, we had a few choices to make. We could
-         have maintained a map (or list) of compression contexts usable for each origin. The basic case is easy - each HEADERS frame
-         would need to identify the context to use for that frame. However, compression contexts are not cheap, so the lifecycle of
-         each context would need to be bounded. For proxy servers, where we could churn through many contexts, this would be a concern.
-         We considered using a static set of contexts, say 16 of them, which would bound the memory use. We also considered dynamic
-         contexts, which could be created on the fly, and would need to be subsequently destroyed. All of these are complicated, and
-         ultimately we decided that such a mechanism creates too many problems to solve.
-      </p>
-      <p id="rfc.section.4.5.p.2">Alternatively, we've chosen the simple approach, which is to simply provide a flag for resetting the compression context.
-         For the common case (no proxy), this fine because most requests are to the same origin and we never need to reset the context.
-         For cases where we are using two different origins over a single SPDY session, we simply reset the compression state between
-         each transition.
-      </p>
-      <h2 id="rfc.section.4.6"><a href="#rfc.section.4.6">4.6</a>&nbsp;Unidirectional streams
-      </h2>
-      <p id="rfc.section.4.6.p.1">Many readers notice that unidirectional streams are both a bit confusing in concept and also somewhat redundant. If the recipient
-         of a stream doesn't wish to send data on a stream, it could simply send a SYN_REPLY with the FLAG_FIN bit set. The FLAG_UNIDIRECTIONAL
-         is, therefore, not necessary.
-      </p>
-      <p id="rfc.section.4.6.p.2">It is true that we don't need the UNIDIRECTIONAL markings. It is added because it avoids the recipient of pushed streams from
-         needing to send a set of empty frames (e.g. the SYN_STREAM w/ FLAG_FIN) which otherwise serve no purpose.
-      </p>
-      <h2 id="rfc.section.4.7"><a href="#rfc.section.4.7">4.7</a>&nbsp;Data Compression
-      </h2>
-      <p id="rfc.section.4.7.p.1">Generic compression of data portion of the streams (as opposed to compression of the headers) without knowing the content
-         of the stream is redundant. There is no value in compressing a stream which is already compressed. Because of this, SPDY does
-         allow data compression to be optional. We included it because study of existing websites shows that many sites are not using
-         compression as they should, and users suffer because of it. We wanted a mechanism where, at the SPDY layer, site administrators
-         could simply force compression - it is better to compress twice than to not compress.
-      </p>
-      <p id="rfc.section.4.7.p.2">Overall, however, with this feature being optional and sometimes redundant, it is unclear if it is useful at all. We will
-         likely remove it from the specification.
-      </p>
-      <h2 id="rfc.section.4.8"><a href="#rfc.section.4.8">4.8</a>&nbsp;Server Push
-      </h2>
-      <p id="rfc.section.4.8.p.1">A subtle but important point is that server push streams must be declared before the associated stream is closed. The reason
-         for this is so that proxies have a lifetime for which they can discard information about previous streams. If a pushed stream
-         could associate itself with an already-closed stream, then endpoints would not have a specific lifecycle for when they could
-         disavow knowledge of the streams which went before.
-      </p>
-      <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a>&nbsp;Security Considerations
-      </h1>
-      <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a>&nbsp;Use of Same-origin constraints
-      </h2>
-      <p id="rfc.section.5.1.p.1">This specification uses the <a href="#RFC6454">same-origin policy</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.4">[RFC6454]</cite> in all cases where verification of content is required.
-      </p>
-      <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;HTTP Headers and SPDY Headers
-      </h2>
-      <p id="rfc.section.5.2.p.1">At the application level, HTTP uses name/value pairs in its headers. Because SPDY merges the existing HTTP headers with SPDY
-         headers, there is a possibility that some HTTP applications already use a particular header name. To avoid any conflicts,
-         all headers introduced for layering HTTP over SPDY are prefixed with ":". ":" is not a valid sequence in HTTP header naming,
-         preventing any possible conflict.
-      </p>
-      <h2 id="rfc.section.5.3"><a href="#rfc.section.5.3">5.3</a>&nbsp;Cross-Protocol Attacks
-      </h2>
-      <p id="rfc.section.5.3.p.1">By utilizing TLS, we believe that SPDY introduces no new cross-protocol attacks. TLS encrypts the contents of all transmission
-         (except the handshake itself), making it difficult for attackers to control the data which could be used in a cross-protocol
-         attack.
-      </p>
-      <h2 id="rfc.section.5.4"><a href="#rfc.section.5.4">5.4</a>&nbsp;Server Push Implicit Headers
-      </h2>
-      <p id="rfc.section.5.4.p.1">Pushed resources do not have an associated request. In order for existing HTTP cache control validations (such as the Vary
-         header) to work, however, all cached resources must have a set of request headers. For this reason, browsers MUST be careful
-         to inherit request headers from the associated stream for the push. This includes the 'Cookie' header.
-      </p>
-      <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;Privacy Considerations
-      </h1>
-      <h2 id="rfc.section.6.1"><a href="#rfc.section.6.1">6.1</a>&nbsp;Long Lived Connections
-      </h2>
-      <p id="rfc.section.6.1.p.1">SPDY aims to keep connections open longer between clients and servers in order to reduce the latency when a user makes a request.
-         The maintenance of these connections over time could be used to expose private information. For example, a user using a browser
-         hours after the previous user stopped using that browser may be able to learn about what the previous user was doing. This
-         is a problem with HTTP in its current form as well, however the short lived connections make it less of a risk.
-      </p>
-      <h2 id="rfc.section.6.2"><a href="#rfc.section.6.2">6.2</a>&nbsp;SETTINGS frame
-      </h2>
-      <p id="rfc.section.6.2.p.1">The SPDY SETTINGS frame allows servers to store out-of-band transmitted information about the communication between client
-         and server on the client. Although this is intended only to be used to reduce latency, renegade servers could use it as a
-         mechanism to store identifying information about the client in future requests.
-      </p>
-      <p id="rfc.section.6.2.p.2">Clients implementing privacy modes, such as Google Chrome's "incognito mode", may wish to disable client-persisted SETTINGS
-         storage.
-      </p>
-      <p id="rfc.section.6.2.p.3">Clients MUST clear persisted SETTINGS information when clearing the cookies.</p>
-      <p id="rfc.section.6.2.p.4">TODO: Put range maximums on each type of setting to limit inappropriate uses.</p>
-      <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;Incompatibilities with SPDY draft #2
-      </h1>
-      <p id="rfc.section.7.p.1">Here is a list of the major changes between this draft and draft #2. </p>
-      <ul class="empty">
-         <li>Addition of flow control</li>
-         <li>Increased 16 bit length fields in SYN_STREAM and SYN_REPLY to 32 bits.</li>
-         <li>Changed definition of compression for DATA frames</li>
-         <li>Updated compression dictionary</li>
-         <li>Fixed off-by-one on the compression dictionary for headers</li>
-         <li>Increased priority field from 2bits to 3bits.</li>
-         <li>Removed NOOP frame</li>
-         <li>Split the request "url" into "scheme", "host", and "path"</li>
-         <li>Added the requirement that POSTs contain content-length.</li>
-         <li>Removed wasted 16bits of unused space from the end of the SYN_REPLY and HEADERS frames.</li>
-         <li>Fixed bug: Priorities were described backward (0 was lowest instead of highest).</li>
-         <li>Fixed bug: Name/Value header counts were duplicated in both the Name Value header block and also the containing frame.</li>
-      </ul>
-      <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a>&nbsp;Requirements Notation
-      </h1>
-      <p id="rfc.section.8.p.1">The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
-         in this document are to be interpreted as described in <a href="#RFC2119">RFC 2119</a> <cite title="Key words for use in RFCs to Indicate Requirement Levels" id="rfc.xref.RFC2119.1">[RFC2119]</cite>.
-      </p>
-      <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a>&nbsp;Acknowledgements
-      </h1>
-      <p id="rfc.section.9.p.1">Many individuals have contributed to the design and evolution of SPDY: Adam Langley, Wan-Teh Chang, Jim Morrison, Mark Nottingham,
-         Alyssa Wilk, Costin Manolache, William Chan, Vitaliy Lvin, Joe Chan, Adam Barth, Ryan Hamilton, Gavin Peters, Kent Alstad,
-         Kevin Lindsay, Paul Amer, Fan Yang, Jonathan Leighton.
-      </p>
+</pre><p id="rfc.section.2.6.10.1.p.4">The entire contents of the name/value header block is compressed using zlib. There is a single zlib stream for all name value
+                     pairs in one direction on a connection. SPDY uses a SYNC_FLUSH between each compressed frame.
+                  </p>
+                  <p id="rfc.section.2.6.10.1.p.5">Implementation notes: the compression engine can be tuned to favor speed or size. Optimizing for size increases memory use
+                     and CPU consumption. Because header blocks are generally small, implementors may want to reduce the window-size of the compression
+                     engine from the default 15bits (a 32KB window) to more like 11bits (a 2KB window). The exact setting is chosen by the compressor,
+                     the decompressor will work with any setting.
+                  </p>
+               </div>
+            </div>
+         </div>
+      </div>
+      <div id="HTTPLayer">
+         <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a href="#HTTPLayer">HTTP Layering over SPDY</a></h1>
+         <p id="rfc.section.3.p.1">SPDY is intended to be as compatible as possible with current web-based applications. This means that, from the perspective
+            of the server business logic or application API, the features of HTTP are unchanged. To achieve this, all of the application
+            request and response header semantics are preserved, although the syntax of conveying those semantics has changed. Thus, the
+            rules from the <a href="#RFC2616">HTTP/1.1 specification in RFC2616</a> <cite title="Hypertext Transfer Protocol -- HTTP/1.1" id="rfc.xref.RFC2616.2">[RFC2616]</cite> apply with the changes in the sections below.
+         </p>
+         <div>
+            <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;Connection Management
+            </h2>
+            <p id="rfc.section.3.1.p.1">Clients SHOULD NOT open more than one SPDY session to a given <a href="#RFC6454">origin</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.2">[RFC6454]</cite> concurrently.
+            </p>
+            <p id="rfc.section.3.1.p.2">Note that it is possible for one SPDY session to be finishing (e.g. a GOAWAY message has been sent, but not all streams have
+               finished), while another SPDY session is starting.
+            </p>
+            <div>
+               <h3 id="rfc.section.3.1.1"><a href="#rfc.section.3.1.1">3.1.1</a>&nbsp;Use of GOAWAY
+               </h3>
+               <p id="rfc.section.3.1.1.p.1">SPDY provides a GOAWAY message which can be used when closing a connection from either the client or server. Without a server
+                  GOAWAY message, HTTP has a race condition where the client sends a request (a new SYN_STREAM) just as the server is closing
+                  the connection, and the client cannot know if the server received the stream or not. By using the last-stream-id in the GOAWAY,
+                  servers can indicate to the client if a request was processed or not.
+               </p>
+               <p id="rfc.section.3.1.1.p.2">Note that some servers will choose to send the GOAWAY and immediately terminate the connection without waiting for active
+                  streams to finish. The client will be able to determine this because SPDY streams are determinstically closed. This abrupt
+                  termination will force the client to heuristically decide whether to retry the pending requests. Clients always need to be
+                  capable of dealing with this case because they must deal with accidental connection termination cases, which are the same
+                  as the server never having sent a GOAWAY.
+               </p>
+               <p id="rfc.section.3.1.1.p.3">More sophisticated servers will use GOAWAY to implement a graceful teardown. They will send the GOAWAY and provide some time
+                  for the active streams to finish before terminating the connection.
+               </p>
+               <p id="rfc.section.3.1.1.p.4">If a SPDY client closes the connection, it should also send a GOAWAY message. This allows the server to know if any server-push
+                  streams were received by the client.
+               </p>
+               <p id="rfc.section.3.1.1.p.5">If the endpoint closing the connection has not received any SYN_STREAMs from the remote, the GOAWAY will contain a last-stream-id
+                  of 0.
+               </p>
+            </div>
+         </div>
+         <div>
+            <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;HTTP Request/Response
+            </h2>
+            <div>
+               <h3 id="rfc.section.3.2.1"><a href="#rfc.section.3.2.1">3.2.1</a>&nbsp;Request
+               </h3>
+               <p id="rfc.section.3.2.1.p.1">The client initiates a request by sending a SYN_STREAM frame. For requests which do not contain a body, the SYN_STREAM frame
+                  MUST set the FLAG_FIN, indicating that the client intends to send no further data on this stream. For requests which do contain
+                  a body, the SYN_STREAM will not contain the FLAG_FIN, and the body will follow the SYN_STREAM in a series of DATA frames.
+                  The last DATA frame will set the FLAG_FIN to indicate the end of the body.
+               </p>
+               <p id="rfc.section.3.2.1.p.2">The SYN_STREAM Name/Value section will contain all of the HTTP headers which are associated with an HTTP request. The header
+                  block in SPDY is mostly unchanged from today's HTTP header block, with the following differences: 
+               </p>
+               <ul class="empty">
+                  <li>The first line of the request is unfolded into name/value pairs like other HTTP headers and MUST be present: 
+                     <ul class="empty">
+                        <li>":method" - the HTTP method for this request (e.g. "GET", "POST", "HEAD", etc)</li>
+                        <li>":path" - the url-path for this url with "/" prefixed. (See <a href="#RFC1738">RFC1738</a> <cite title="Uniform Resource Locators (URL)" id="rfc.xref.RFC1738.1">[RFC1738]</cite>). For example, for "http://www.google.com/search?q=dogs" the path would be "/search?q=dogs".
+                        </li>
+                        <li>":version" - the HTTP version of this request (e.g. "HTTP/1.1")</li>
+                     </ul> 
+                  </li>
+                  <li>In addition, the following two name/value pairs must also be present in every request: 
+                     <ul class="empty">
+                        <li>":host" - the hostport (See <a href="#RFC1738">RFC1738</a> <cite title="Uniform Resource Locators (URL)" id="rfc.xref.RFC1738.2">[RFC1738]</cite>) portion of the URL for this request (e.g. "www.google.com:1234"). This header is the same as the HTTP 'Host' header.
+                        </li>
+                        <li>":scheme" - the scheme portion of the URL for this request (e.g. "https"))</li>
+                     </ul>
+                  </li>
+                  <li>Header names are all lowercase.</li>
+                  <li>The Connection, Host, Keep-Alive, Proxy-Connection, and Transfer-Encoding headers are not valid and MUST not be sent.</li>
+                  <li>User-agents MUST support gzip compression. Regardless of the Accept-Encoding sent by the user-agent, the server may always
+                     send content encoded with gzip or deflate encoding.
+                  </li>
+                  <li>If a server receives a request where the sum of the data frame payload lengths does not equal the size of the Content-Length
+                     header, the server MUST return a 400 (Bad Request) error.
+                  </li>
+                  <li>POST-specific changes: 
+                     <ul class="empty">
+                        <li>Although POSTs are inherently chunked, POST requests SHOULD also be accompanied by a Content-Length header. There are two
+                           reasons for this: First, it assists with upload progress meters for an improved user experience. But second, we know from
+                           early versions of SPDY that failure to send a content length header is incompatible with many existing HTTP server implementations.
+                           Existing user-agents do not omit the Content-Length header, and server implementations have come to depend upon this.
+                        </li>
+                     </ul> 
+                  </li>
+               </ul>
+               <p id="rfc.section.3.2.1.p.3">The user-agent is free to prioritize requests as it sees fit. If the user-agent cannot make progress without receiving a resource,
+                  it should attempt to raise the priority of that resource. Resources such as images, SHOULD generally use the lowest priority.
+               </p>
+               <p id="rfc.section.3.2.1.p.4">If a client sends a SYN_STREAM without all of the method, host, path, scheme, and version headers, the server MUST reply with
+                  a HTTP 400 Bad Request reply.
+               </p>
+            </div>
+            <div>
+               <h3 id="rfc.section.3.2.2"><a href="#rfc.section.3.2.2">3.2.2</a>&nbsp;Response
+               </h3>
+               <p id="rfc.section.3.2.2.p.1">The server responds to a client request with a SYN_REPLY frame. Symmetric to the client's upload stream, server will send
+                  data after the SYN_REPLY frame via a series of DATA frames, and the last data frame will contain the FLAG_FIN to indicate
+                  successful end-of-stream. If a response (like a 202 or 204 response) contains no body, the SYN_REPLY frame may contain the
+                  FLAG_FIN flag to indicate no further data will be sent on the stream.
+               </p>
+               <p id="rfc.section.3.2.2.p.2"></p>
+               <ul class="empty">
+                  <li>The response status line is unfolded into name/value pairs like other HTTP headers and must be present: 
+                     <ul class="empty">
+                        <li>":status" - The HTTP response status code (e.g. "200" or "200 OK")</li>
+                        <li>":version" - The HTTP response version (e.g. "HTTP/1.1")</li>
+                     </ul> 
+                  </li>
+                  <li>All header names must be lowercase.</li>
+                  <li>The Connection, Keep-Alive, Proxy-Connection, and Transfer-Encoding headers are not valid and MUST not be sent.</li>
+                  <li>Responses MAY be accompanied by a Content-Length header for advisory purposes. (e.g. for UI progress meters)</li>
+                  <li>If a client receives a response where the sum of the data frame payload lengths does not equal the size of the Content-Length
+                     header, the client MUST ignore the content length header.
+                  </li>
+               </ul>
+               <p id="rfc.section.3.2.2.p.3">If a client receives a SYN_REPLY without a status or without a version header, the client must reply with a RST_STREAM frame
+                  indicating a PROTOCOL ERROR.
+               </p>
+            </div>
+            <div id="Authentication">
+               <h3 id="rfc.section.3.2.3"><a href="#rfc.section.3.2.3">3.2.3</a>&nbsp;<a href="#Authentication">Authentication</a></h3>
+               <p id="rfc.section.3.2.3.p.1">When a client sends a request to an origin server that requires authentication, the server can reply with a "401 Unauthorized"
+                  response, and include a WWW-Authenticate challenge header that defines the authentication scheme to be used. The client then
+                  retries the request with an Authorization header appropriate to the specified authentication scheme.
+               </p>
+               <p id="rfc.section.3.2.3.p.2">There are four options for proxy authentication, Basic, Digest, NTLM and Negotiate (SPNEGO). The first two options were defined
+                  in <a href="#RFC2617">RFC2617</a> <cite title="HTTP Authentication: Basic and Digest Access Authentication" id="rfc.xref.RFC2617.1">[RFC2617]</cite>, and are stateless. The second two options were developed by Microsoft and specified in <a href="#RFC4559">RFC4559</a> <cite title="SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows" id="rfc.xref.RFC4559.1">[RFC4559]</cite>, and are stateful; otherwise known as multi-round authentication, or connection authentication.
+               </p>
+               <div>
+                  <h4 id="rfc.section.3.2.3.1"><a href="#rfc.section.3.2.3.1">3.2.3.1</a>&nbsp;Stateless Authentication
+                  </h4>
+                  <p id="rfc.section.3.2.3.1.p.1">Stateless Authentication over SPDY is identical to how it is performed over HTTP. If multiple SPDY streams are concurrently
+                     sent to a single server, each will authenticate independently, similar to how two HTTP connections would independently authenticate
+                     to a proxy server.
+                  </p>
+               </div>
+               <div>
+                  <h4 id="rfc.section.3.2.3.2"><a href="#rfc.section.3.2.3.2">3.2.3.2</a>&nbsp;Stateful Authentication
+                  </h4>
+                  <p id="rfc.section.3.2.3.2.p.1">Unfortunately, the stateful authentication mechanisms were implemented and defined in a such a way that directly violates
+                     RFC2617 - they do not include a "realm" as part of the request. This is problematic in SPDY because it makes it impossible
+                     for a client to disambiguate two concurrent server authentication challenges.
+                  </p>
+                  <p id="rfc.section.3.2.3.2.p.2">To deal with this case, SPDY servers using Stateful Authentication MUST implement one of two changes: </p>
+                  <ul class="empty">
+                     <li>Servers can add a "realm=&lt;desired realm&gt;" header so that the two authentication requests can be disambiguated and run concurrently.
+                        Unfortunately, given how these mechanisms work, this is probably not practical.
+                     </li>
+                     <li>Upon sending the first stateful challenge response, the server MUST buffer and defer all further frames which are not part
+                        of completing the challenge until the challenge has completed. Completing the authentication challenge may take multiple round
+                        trips. Once the client receives a "401 Authenticate" response for a stateful authentication type, it MUST stop sending new
+                        requests to the server until the authentication has completed by receiving a non-401 response on at least one stream.
+                     </li>
+                  </ul>
+               </div>
+            </div>
+         </div>
+         <div>
+            <h2 id="rfc.section.3.3"><a href="#rfc.section.3.3">3.3</a>&nbsp;Server Push Transactions
+            </h2>
+            <p id="rfc.section.3.3.p.1">SPDY enables a server to send multiple replies to a client for a single request. The rationale for this feature is that sometimes
+               a server knows that it will need to send multiple resources in response to a single request. Without server push features,
+               the client must first download the primary resource, then discover the secondary resource(s), and request them. Pushing of
+               resources avoids the round-trip delay, but also creates a potential race where a server can be pushing content which a user-agent
+               is in the process of requesting. The following mechanics attempt to prevent the race condition while enabling the performance
+               benefit.
+            </p>
+            <p id="rfc.section.3.3.p.2">Browsers receiving a pushed response MUST validate that the server is authorized to push the URL using the <a href="#RFC6454">browser same-origin</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.3">[RFC6454]</cite> policy. For example, a SPDY connection to www.foo.com is generally not permitted to push a response for www.evil.com.
+            </p>
+            <p id="rfc.section.3.3.p.3">If the browser accepts a pushed response (e.g. it does not send a RST_STREAM), the browser MUST attempt to cache the pushed
+               response in same way that it would cache any other response. This means validating the response headers and inserting into
+               the disk cache.
+            </p>
+            <p id="rfc.section.3.3.p.4">Because pushed responses have no request, they have no request headers associated with them. At the framing layer, SPDY pushed
+               streams contain an "associated-stream-id" which indicates the requested stream for which the pushed stream is related. The
+               pushed stream inherits all of the headers from the associated-stream-id with the exception of ":host", ":scheme", and ":path",
+               which are provided as part of the pushed response stream headers. The browser MUST store these inherited and implied request
+               headers with the cached resource.
+            </p>
+            <p id="rfc.section.3.3.p.5">Implementation note: With server push, it is theoretically possible for servers to push unreasonable amounts of content or
+               resources to the user-agent. Browsers MUST implement throttles to protect against unreasonable push attacks.
+            </p>
+            <div>
+               <h3 id="rfc.section.3.3.1"><a href="#rfc.section.3.3.1">3.3.1</a>&nbsp;Server implementation
+               </h3>
+               <p id="rfc.section.3.3.1.p.1">When the server intends to push a resource to the user-agent, it opens a new stream by sending a unidirectional SYN_STREAM.
+                  The SYN_STREAM MUST include an Associated-To-Stream-ID, and MUST set the FLAG_UNIDIRECTIONAL flag. The SYN_STREAM MUST include
+                  headers for ":scheme", ":host", ":path", which represent the URL for the resource being pushed. Subsequent headers may follow
+                  in HEADERS frames. The purpose of the association is so that the user-agent can differentiate which request induced the pushed
+                  stream; without it, if the user-agent had two tabs open to the same page, each pushing unique content under a fixed URL, the
+                  user-agent would not be able to differentiate the requests.
+               </p>
+               <p id="rfc.section.3.3.1.p.2">The Associated-To-Stream-ID must be the ID of an existing, open stream. The reason for this restriction is to have a clear
+                  endpoint for pushed content. If the user-agent requested a resource on stream 11, the server replies on stream 11. It can
+                  push any number of additional streams to the client before sending a FLAG_FIN on stream 11. However, once the originating
+                  stream is closed no further push streams may be associated with it. The pushed streams do not need to be closed (FIN set)
+                  before the originating stream is closed, they only need to be created before the originating stream closes.
+               </p>
+               <p id="rfc.section.3.3.1.p.3">It is illegal for a server to push a resource with the Associated-To-Stream-ID of 0.</p>
+               <p id="rfc.section.3.3.1.p.4">To minimize race conditions with the client, the SYN_STREAM for the pushed resources MUST be sent prior to sending any content
+                  which could allow the client to discover the pushed resource and request it.
+               </p>
+               <p id="rfc.section.3.3.1.p.5">The server MUST only push resources which would have been returned from a GET request.</p>
+               <p id="rfc.section.3.3.1.p.6">Note: If the server does not have all of the Name/Value Response headers available at the time it issues the HEADERS frame
+                  for the pushed resource, it may later use an additional HEADERS frame to augment the name/value pairs to be associated with
+                  the pushed stream. The subsequent HEADERS frame(s) must not contain a header for ':host', ':scheme', or ':path' (e.g. the
+                  server can't change the identity of the resource to be pushed). The HEADERS frame must not contain duplicate headers with
+                  a previously sent HEADERS frame. The server must send a HEADERS frame including the scheme/host/port headers before sending
+                  any data frames on the stream.
+               </p>
+            </div>
+            <div>
+               <h3 id="rfc.section.3.3.2"><a href="#rfc.section.3.3.2">3.3.2</a>&nbsp;Client implementation
+               </h3>
+               <p id="rfc.section.3.3.2.p.1">When fetching a resource the client has 3 possibilities: </p>
+               <ul class="empty">
+                  <li>the resource is not being pushed</li>
+                  <li>the resource is being pushed, but the data has not yet arrived</li>
+                  <li>the resource is being pushed, and the data has started to arrive</li>
+               </ul>
+               <p id="rfc.section.3.3.2.p.2">When a SYN_STREAM and HEADERS frame which contains an Associated-To-Stream-ID is received, the client must not issue GET requests
+                  for the resource in the pushed stream, and instead wait for the pushed stream to arrive.
+               </p>
+               <p id="rfc.section.3.3.2.p.3">If a client receives a server push stream with stream-id 0, it MUST issue a session error (<a href="#SessionErrorHandler" title="Session Error Handling">Section&nbsp;2.4.1</a>) with the status code PROTOCOL_ERROR.
+               </p>
+               <p id="rfc.section.3.3.2.p.4">When a client receives a SYN_STREAM from the server without a the ':host', ':scheme', and ':path' headers in the Name/Value
+                  section, it MUST reply with a RST_STREAM with error code HTTP_PROTOCOL_ERROR.
+               </p>
+               <p id="rfc.section.3.3.2.p.5">To cancel individual server push streams, the client can issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code CANCEL. Upon receipt, the server MUST stop sending on this stream immediately (this is an Abrupt termination).
+               </p>
+               <p id="rfc.section.3.3.2.p.6">To cancel all server push streams related to a request, the client may issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code CANCEL on the associated-stream-id. By cancelling that stream, the server MUST immediately stop sending frames
+                  for any streams with in-association-to for the original stream.
+               </p>
+               <p id="rfc.section.3.3.2.p.7">If the server sends a HEADER frame containing duplicate headers with a previous HEADERS frame for the same stream, the client
+                  must issue a stream error (<a href="#StreamErrorHandler" title="Stream Error Handling">Section&nbsp;2.4.2</a>) with error code PROTOCOL ERROR.
+               </p>
+               <p id="rfc.section.3.3.2.p.8">If the server sends a HEADERS frame after sending a data frame for the same stream, the client MAY ignore the HEADERS frame.
+                  Ignoring the HEADERS frame after a data frame prevents handling of HTTP's trailing headers (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.40).
+               </p>
+            </div>
+         </div>
+      </div>
+      <div>
+         <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;Design Rationale and Notes
+         </h1>
+         <p id="rfc.section.4.p.1">Authors' notes: The notes in this section have no bearing on the SPDY protocol as specified within this document, and none
+            of these notes should be considered authoritative about how the protocol works. However, these notes may prove useful in future
+            debates about how to resolve protocol ambiguities or how to evolve the protocol going forward. They may be removed before
+            the final draft.
+         </p>
+         <div>
+            <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a>&nbsp;Separation of Framing Layer and Application Layer
+            </h2>
+            <p id="rfc.section.4.1.p.1">Readers may note that this specification sometimes blends the framing layer (<a href="#FramingLayer" title="SPDY Framing Layer">Section&nbsp;2</a>) with requirements of a specific application - HTTP (<a href="#HTTPLayer" title="HTTP Layering over SPDY">Section&nbsp;3</a>). This is reflected in the request/response nature of the streams, the definition of the HEADERS and compression contexts
+               which are very similar to HTTP, and other areas as well.
+            </p>
+            <p id="rfc.section.4.1.p.2">This blending is intentional - the primary goal of this protocol is to create a low-latency protocol for use with HTTP. Isolating
+               the two layers is convenient for description of the protocol and how it relates to existing HTTP implementations. However,
+               the ability to reuse the SPDY framing layer is a non goal.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;Error handling - Framing Layer
+            </h2>
+            <p id="rfc.section.4.2.p.1">Error handling at the SPDY layer splits errors into two groups: Those that affect an individual SPDY stream, and those that
+               do not.
+            </p>
+            <p id="rfc.section.4.2.p.2">When an error is confined to a single stream, but general framing is in tact, SPDY attempts to use the RST_STREAM as a mechanism
+               to invalidate the stream but move forward without aborting the connection altogether.
+            </p>
+            <p id="rfc.section.4.2.p.3">For errors occuring outside of a single stream context, SPDY assumes the entire session is hosed. In this case, the endpoint
+               detecting the error should initiate a connection close.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;One Connection Per Domain
+            </h2>
+            <p id="rfc.section.4.3.p.1">SPDY attempts to use fewer connections than other protocols have traditionally used. The rationale for this behavior is because
+               it is very difficult to provide a consistent level of service (e.g. TCP slow-start), prioritization, or optimal compression
+               when the client is connecting to the server through multiple channels.
+            </p>
+            <p id="rfc.section.4.3.p.2">Through lab measurements, we have seen consistent latency benefits by using fewer connections from the client. The overall
+               number of packets sent by SPDY can be as much as 40% less than HTTP. Handling large numbers of concurrent connections on the
+               server also does become a scalability problem, and SPDY reduces this load.
+            </p>
+            <p id="rfc.section.4.3.p.3">The use of multiple connections is not without benefit, however. Because SPDY multiplexes multiple, independent streams onto
+               a single stream, it creates a potential for head-of-line blocking problems at the transport level. In tests so far, the negative
+               effects of head-of-line blocking (especially in the presence of packet loss) is outweighed by the benefits of compression
+               and prioritization.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a>&nbsp;Fixed vs Variable Length Fields
+            </h2>
+            <p id="rfc.section.4.4.p.1">SPDY favors use of fixed length 32bit fields in cases where smaller, variable length encodings could have been used. To some,
+               this seems like a tragic waste of bandwidth. SPDY choses the simple encoding for speed and simplicity.
+            </p>
+            <p id="rfc.section.4.4.p.2">The goal of SPDY is to reduce latency on the network. The overhead of SPDY frames is generally quite low. Each data frame
+               is only an 8 byte overhead for a 1452 byte payload (~0.6%). At the time of this writing, bandwidth is already plentiful, and
+               there is a strong trend indicating that bandwidth will continue to increase. With an average worldwide bandwidth of 1Mbps,
+               and assuming that a variable length encoding could reduce the overhead by 50%, the latency saved by using a variable length
+               encoding would be less than 100 nanoseconds. More interesting are the effects when the larger encodings force a packet boundary,
+               in which case a round-trip could be induced. However, by addressing other aspects of SPDY and TCP interactions, we believe
+               this is completely mitigated.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.5"><a href="#rfc.section.4.5">4.5</a>&nbsp;Compression Context(s)
+            </h2>
+            <p id="rfc.section.4.5.p.1">When isolating the compression contexts used for communicating with multiple origins, we had a few choices to make. We could
+               have maintained a map (or list) of compression contexts usable for each origin. The basic case is easy - each HEADERS frame
+               would need to identify the context to use for that frame. However, compression contexts are not cheap, so the lifecycle of
+               each context would need to be bounded. For proxy servers, where we could churn through many contexts, this would be a concern.
+               We considered using a static set of contexts, say 16 of them, which would bound the memory use. We also considered dynamic
+               contexts, which could be created on the fly, and would need to be subsequently destroyed. All of these are complicated, and
+               ultimately we decided that such a mechanism creates too many problems to solve.
+            </p>
+            <p id="rfc.section.4.5.p.2">Alternatively, we've chosen the simple approach, which is to simply provide a flag for resetting the compression context.
+               For the common case (no proxy), this fine because most requests are to the same origin and we never need to reset the context.
+               For cases where we are using two different origins over a single SPDY session, we simply reset the compression state between
+               each transition.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.6"><a href="#rfc.section.4.6">4.6</a>&nbsp;Unidirectional streams
+            </h2>
+            <p id="rfc.section.4.6.p.1">Many readers notice that unidirectional streams are both a bit confusing in concept and also somewhat redundant. If the recipient
+               of a stream doesn't wish to send data on a stream, it could simply send a SYN_REPLY with the FLAG_FIN bit set. The FLAG_UNIDIRECTIONAL
+               is, therefore, not necessary.
+            </p>
+            <p id="rfc.section.4.6.p.2">It is true that we don't need the UNIDIRECTIONAL markings. It is added because it avoids the recipient of pushed streams from
+               needing to send a set of empty frames (e.g. the SYN_STREAM w/ FLAG_FIN) which otherwise serve no purpose.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.7"><a href="#rfc.section.4.7">4.7</a>&nbsp;Data Compression
+            </h2>
+            <p id="rfc.section.4.7.p.1">Generic compression of data portion of the streams (as opposed to compression of the headers) without knowing the content
+               of the stream is redundant. There is no value in compressing a stream which is already compressed. Because of this, SPDY does
+               allow data compression to be optional. We included it because study of existing websites shows that many sites are not using
+               compression as they should, and users suffer because of it. We wanted a mechanism where, at the SPDY layer, site administrators
+               could simply force compression - it is better to compress twice than to not compress.
+            </p>
+            <p id="rfc.section.4.7.p.2">Overall, however, with this feature being optional and sometimes redundant, it is unclear if it is useful at all. We will
+               likely remove it from the specification.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.4.8"><a href="#rfc.section.4.8">4.8</a>&nbsp;Server Push
+            </h2>
+            <p id="rfc.section.4.8.p.1">A subtle but important point is that server push streams must be declared before the associated stream is closed. The reason
+               for this is so that proxies have a lifetime for which they can discard information about previous streams. If a pushed stream
+               could associate itself with an already-closed stream, then endpoints would not have a specific lifecycle for when they could
+               disavow knowledge of the streams which went before.
+            </p>
+         </div>
+      </div>
+      <div>
+         <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a>&nbsp;Security Considerations
+         </h1>
+         <div>
+            <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a>&nbsp;Use of Same-origin constraints
+            </h2>
+            <p id="rfc.section.5.1.p.1">This specification uses the <a href="#RFC6454">same-origin policy</a> <cite title="The Web Origin Concept" id="rfc.xref.RFC6454.4">[RFC6454]</cite> in all cases where verification of content is required.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;HTTP Headers and SPDY Headers
+            </h2>
+            <p id="rfc.section.5.2.p.1">At the application level, HTTP uses name/value pairs in its headers. Because SPDY merges the existing HTTP headers with SPDY
+               headers, there is a possibility that some HTTP applications already use a particular header name. To avoid any conflicts,
+               all headers introduced for layering HTTP over SPDY are prefixed with ":". ":" is not a valid sequence in HTTP header naming,
+               preventing any possible conflict.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.5.3"><a href="#rfc.section.5.3">5.3</a>&nbsp;Cross-Protocol Attacks
+            </h2>
+            <p id="rfc.section.5.3.p.1">By utilizing TLS, we believe that SPDY introduces no new cross-protocol attacks. TLS encrypts the contents of all transmission
+               (except the handshake itself), making it difficult for attackers to control the data which could be used in a cross-protocol
+               attack.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.5.4"><a href="#rfc.section.5.4">5.4</a>&nbsp;Server Push Implicit Headers
+            </h2>
+            <p id="rfc.section.5.4.p.1">Pushed resources do not have an associated request. In order for existing HTTP cache control validations (such as the Vary
+               header) to work, however, all cached resources must have a set of request headers. For this reason, browsers MUST be careful
+               to inherit request headers from the associated stream for the push. This includes the 'Cookie' header.
+            </p>
+         </div>
+      </div>
+      <div>
+         <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;Privacy Considerations
+         </h1>
+         <div>
+            <h2 id="rfc.section.6.1"><a href="#rfc.section.6.1">6.1</a>&nbsp;Long Lived Connections
+            </h2>
+            <p id="rfc.section.6.1.p.1">SPDY aims to keep connections open longer between clients and servers in order to reduce the latency when a user makes a request.
+               The maintenance of these connections over time could be used to expose private information. For example, a user using a browser
+               hours after the previous user stopped using that browser may be able to learn about what the previous user was doing. This
+               is a problem with HTTP in its current form as well, however the short lived connections make it less of a risk.
+            </p>
+         </div>
+         <div>
+            <h2 id="rfc.section.6.2"><a href="#rfc.section.6.2">6.2</a>&nbsp;SETTINGS frame
+            </h2>
+            <p id="rfc.section.6.2.p.1">The SPDY SETTINGS frame allows servers to store out-of-band transmitted information about the communication between client
+               and server on the client. Although this is intended only to be used to reduce latency, renegade servers could use it as a
+               mechanism to store identifying information about the client in future requests.
+            </p>
+            <p id="rfc.section.6.2.p.2">Clients implementing privacy modes, such as Google Chrome's "incognito mode", may wish to disable client-persisted SETTINGS
+               storage.
+            </p>
+            <p id="rfc.section.6.2.p.3">Clients MUST clear persisted SETTINGS information when clearing the cookies.</p>
+            <p id="rfc.section.6.2.p.4">TODO: Put range maximums on each type of setting to limit inappropriate uses.</p>
+         </div>
+      </div>
+      <div>
+         <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;Incompatibilities with SPDY draft #2
+         </h1>
+         <p id="rfc.section.7.p.1">Here is a list of the major changes between this draft and draft #2. </p>
+         <ul class="empty">
+            <li>Addition of flow control</li>
+            <li>Increased 16 bit length fields in SYN_STREAM and SYN_REPLY to 32 bits.</li>
+            <li>Changed definition of compression for DATA frames</li>
+            <li>Updated compression dictionary</li>
+            <li>Fixed off-by-one on the compression dictionary for headers</li>
+            <li>Increased priority field from 2bits to 3bits.</li>
+            <li>Removed NOOP frame</li>
+            <li>Split the request "url" into "scheme", "host", and "path"</li>
+            <li>Added the requirement that POSTs contain content-length.</li>
+            <li>Removed wasted 16bits of unused space from the end of the SYN_REPLY and HEADERS frames.</li>
+            <li>Fixed bug: Priorities were described backward (0 was lowest instead of highest).</li>
+            <li>Fixed bug: Name/Value header counts were duplicated in both the Name Value header block and also the containing frame.</li>
+         </ul>
+      </div>
+      <div>
+         <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a>&nbsp;Requirements Notation
+         </h1>
+         <p id="rfc.section.8.p.1">The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
+            in this document are to be interpreted as described in <a href="#RFC2119">RFC 2119</a> <cite title="Key words for use in RFCs to Indicate Requirement Levels" id="rfc.xref.RFC2119.1">[RFC2119]</cite>.
+         </p>
+      </div>
+      <div>
+         <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a>&nbsp;Acknowledgements
+         </h1>
+         <p id="rfc.section.9.p.1">Many individuals have contributed to the design and evolution of SPDY: Adam Langley, Wan-Teh Chang, Jim Morrison, Mark Nottingham,
+            Alyssa Wilk, Costin Manolache, William Chan, Vitaliy Lvin, Joe Chan, Adam Barth, Ryan Hamilton, Gavin Peters, Kent Alstad,
+            Kevin Lindsay, Paul Amer, Fan Yang, Jonathan Leighton.
+         </p>
+      </div>
       <h1 id="rfc.references"><a href="#rfc.section.10" id="rfc.section.10">10.</a> Normative References
       </h1>
-      <table>                            
+      <table>
          <tr>
             <td class="reference"><b id="ASCII">[ASCII]</b></td>
@@ -1953 +2064 @@
          <tr>
             <td class="reference"><b id="RFC0793">[RFC0793]</b></td>
-            <td class="top">Postel, J., “<a href="http://tools.ietf.org/html/rfc793">Transmission Control Protocol</a>”, STD&nbsp;7, RFC&nbsp;793, September&nbsp;1981.
+            <td class="top">Postel, J., “<a href="https://tools.ietf.org/html/rfc793">Transmission Control Protocol</a>”, STD&nbsp;7, RFC&nbsp;793, September&nbsp;1981.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC1738">[RFC1738]</b></td>
-            <td class="top">Berners-Lee, T., Masinter, L., and M. McCahill, “<a href="http://tools.ietf.org/html/rfc1738">Uniform Resource Locators (URL)</a>”, RFC&nbsp;1738, December&nbsp;1994.
+            <td class="top">Berners-Lee, T., Masinter, L., and M. McCahill, “<a href="https://tools.ietf.org/html/rfc1738">Uniform Resource Locators (URL)</a>”, RFC&nbsp;1738, December&nbsp;1994.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC1950">[RFC1950]</b></td>
-            <td class="top"><a href="mailto:ghost@aladdin.com" title="Aladdin Enterprises">Deutsch, L.</a> and J. Gailly, “<a href="http://tools.ietf.org/html/rfc1950">ZLIB Compressed Data Format Specification version 3.3</a>”, RFC&nbsp;1950, May&nbsp;1996.
+            <td class="top"><a href="mailto:ghost@aladdin.com" title="Aladdin Enterprises">Deutsch, L.</a> and J. Gailly, “<a href="https://tools.ietf.org/html/rfc1950">ZLIB Compressed Data Format Specification version 3.3</a>”, RFC&nbsp;1950, May&nbsp;1996.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC2119">[RFC2119]</b></td>
-            <td class="top"><a href="mailto:sob@harvard.edu" title="Harvard University">Bradner, S.</a>, “<a href="http://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>”, BCP&nbsp;14, RFC&nbsp;2119, March&nbsp;1997.
+            <td class="top"><a href="mailto:sob@harvard.edu" title="Harvard University">Bradner, S.</a>, “<a href="https://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>”, BCP&nbsp;14, RFC&nbsp;2119, March&nbsp;1997.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC2285">[RFC2285]</b></td>
-            <td class="top">Mandeville, R., “<a href="http://tools.ietf.org/html/rfc2285">Benchmarking Terminology for LAN Switching Devices</a>”, RFC&nbsp;2285, February&nbsp;1998.
+            <td class="top">Mandeville, R., “<a href="https://tools.ietf.org/html/rfc2285">Benchmarking Terminology for LAN Switching Devices</a>”, RFC&nbsp;2285, February&nbsp;1998.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC2616">[RFC2616]</b></td>
-            <td class="top"><a href="mailto:fielding@ics.uci.edu" title="University of California, Irvine">Fielding, R.</a>, <a href="mailto:jg@w3.org" title="W3C">Gettys, J.</a>, <a href="mailto:mogul@wrl.dec.com" title="Compaq Computer Corporation">Mogul, J.</a>, <a href="mailto:frystyk@w3.org" title="MIT Laboratory for Computer Science">Frystyk, H.</a>, <a href="mailto:masinter@parc.xerox.com" title="Xerox Corporation">Masinter, L.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, and <a href="mailto:timbl@w3.org" title="W3C">T. Berners-Lee</a>, “<a href="http://tools.ietf.org/html/rfc2616">Hypertext Transfer Protocol -- HTTP/1.1</a>”, RFC&nbsp;2616, June&nbsp;1999.
+            <td class="top"><a href="mailto:fielding@ics.uci.edu" title="University of California, Irvine">Fielding, R.</a>, <a href="mailto:jg@w3.org" title="W3C">Gettys, J.</a>, <a href="mailto:mogul@wrl.dec.com" title="Compaq Computer Corporation">Mogul, J.</a>, <a href="mailto:frystyk@w3.org" title="MIT Laboratory for Computer Science">Frystyk, H.</a>, <a href="mailto:masinter@parc.xerox.com" title="Xerox Corporation">Masinter, L.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, and <a href="mailto:timbl@w3.org" title="W3C">T. Berners-Lee</a>, “<a href="https://tools.ietf.org/html/rfc2616">Hypertext Transfer Protocol -- HTTP/1.1</a>”, RFC&nbsp;2616, June&nbsp;1999.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC2617">[RFC2617]</b></td>
-            <td class="top"><a href="mailto:john@math.nwu.edu" title="Northwestern University, Department of Mathematics">Franks, J.</a>, <a href="mailto:pbaker@verisign.com" title="Verisign Inc.">Hallam-Baker, P.</a>, <a href="mailto:jeff@AbiSource.com" title="AbiSource, Inc.">Hostetler, J.</a>, <a href="mailto:lawrence@agranat.com" title="Agranat Systems, Inc.">Lawrence, S.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, Luotonen, A., and <a href="mailto:stewart@OpenMarket.com" title="Open Market, Inc.">L. Stewart</a>, “<a href="http://tools.ietf.org/html/rfc2617">HTTP Authentication: Basic and Digest Access Authentication</a>”, RFC&nbsp;2617, June&nbsp;1999.
+            <td class="top"><a href="mailto:john@math.nwu.edu" title="Northwestern University, Department of Mathematics">Franks, J.</a>, <a href="mailto:pbaker@verisign.com" title="Verisign Inc.">Hallam-Baker, P.</a>, <a href="mailto:jeff@AbiSource.com" title="AbiSource, Inc.">Hostetler, J.</a>, <a href="mailto:lawrence@agranat.com" title="Agranat Systems, Inc.">Lawrence, S.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, Luotonen, A., and <a href="mailto:stewart@OpenMarket.com" title="Open Market, Inc.">L. Stewart</a>, “<a href="https://tools.ietf.org/html/rfc2617">HTTP Authentication: Basic and Digest Access Authentication</a>”, RFC&nbsp;2617, June&nbsp;1999.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC4366">[RFC4366]</b></td>
-            <td class="top">Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, “<a href="http://tools.ietf.org/html/rfc4366">Transport Layer Security (TLS) Extensions</a>”, RFC&nbsp;4366, April&nbsp;2006.
+            <td class="top">Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, “<a href="https://tools.ietf.org/html/rfc4366">Transport Layer Security (TLS) Extensions</a>”, RFC&nbsp;4366, April&nbsp;2006.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC4559">[RFC4559]</b></td>
-            <td class="top">Jaganathan, K., Zhu, L., and J. Brezak, “<a href="http://tools.ietf.org/html/rfc4559">SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</a>”, RFC&nbsp;4559, June&nbsp;2006.
+            <td class="top">Jaganathan, K., Zhu, L., and J. Brezak, “<a href="https://tools.ietf.org/html/rfc4559">SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</a>”, RFC&nbsp;4559, June&nbsp;2006.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC5246">[RFC5246]</b></td>
-            <td class="top">Dierks, T. and E. Rescorla, “<a href="http://tools.ietf.org/html/rfc5246">The Transport Layer Security (TLS) Protocol Version 1.2</a>”, RFC&nbsp;5246, August&nbsp;2008.
+            <td class="top">Dierks, T. and E. Rescorla, “<a href="https://tools.ietf.org/html/rfc5246">The Transport Layer Security (TLS) Protocol Version 1.2</a>”, RFC&nbsp;5246, August&nbsp;2008.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="RFC6454">[RFC6454]</b></td>
-            <td class="top">Barth, A., “<a href="http://tools.ietf.org/html/rfc6454">The Web Origin Concept</a>”, RFC&nbsp;6454, December&nbsp;2011.
+            <td class="top">Barth, A., “<a href="https://tools.ietf.org/html/rfc6454">The Web Origin Concept</a>”, RFC&nbsp;6454, December&nbsp;2011.
             </td>
          </tr>
          <tr>
             <td class="reference"><b id="TLSNPN">[TLSNPN]</b></td>
-            <td class="top">Langley, A., “<a href="http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-01">TLS Next Protocol Negotiation</a>”, Internet-Draft&nbsp;draft-agl-tls-nextprotoneg-01 (work in progress), August&nbsp;2010.
+            <td class="top">Langley, A., “<a href="https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-01">TLS Next Protocol Negotiation</a>”, Internet-Draft&nbsp;draft-agl-tls-nextprotoneg-01 (work in progress), August&nbsp;2010.
             </td>
          </tr>
@@ -2017 +2128 @@
          </tr>
       </table>
-      <div class="avoidbreak">
-         <h1 id="rfc.authors"><a href="#rfc.authors">Authors' Addresses</a></h1>
-         <address class="vcard"><span class="vcardline"><span class="fn">Mike Belshe</span><span class="n hidden"><span class="family-name">Belshe</span><span class="given-name">Mike</span></span></span><span class="org vcardline">Twist</span><span class="vcardline">Email: <a href="mailto:mbelshe@chromium.org"><span class="email">mbelshe@chromium.org</span></a></span></address>
-         <address class="vcard"><span class="vcardline"><span class="fn">Roberto Peon</span><span class="n hidden"><span class="family-name">Peon</span><span class="given-name">Roberto</span></span></span><span class="org vcardline">Google, Inc</span><span class="vcardline">Email: <a href="mailto:fenix@google.com"><span class="email">fenix@google.com</span></a></span></address>
-         <address class="vcard"><span class="vcardline"><span class="fn">Martin Thomson</span>
-               (editor)
-               <span class="n hidden"><span class="family-name">Thomson</span><span class="given-name">Martin</span></span></span><span class="org vcardline">Microsoft</span><span class="adr"><span class="street-address vcardline">3210 Porter Drive</span><span class="vcardline"><span class="locality">Palo Alto</span>, <span class="postal-code">94043</span></span><span class="country-name vcardline">US</span></span><span class="vcardline">Email: <a href="mailto:martin.thomson@skype.net"><span class="email">martin.thomson@skype.net</span></a></span></address>
-         <address class="vcard"><span class="vcardline"><span class="fn">Alexey Melnikov</span>
-               (editor)
-               <span class="n hidden"><span class="family-name">Melnikov</span><span class="given-name">Alexey</span></span></span><span class="org vcardline">Isode Ltd</span><span class="adr"><span class="street-address vcardline">5 Castle Business Village</span><span class="street-address vcardline">36 Station Road</span><span class="vcardline"><span class="locality">Hampton</span>, <span class="region">Middlesex</span>&nbsp;<span class="postal-code">TW12 2BX</span></span><span class="country-name vcardline">UK</span></span><span class="vcardline">Email: <a href="mailto:Alexey.Melnikov@isode.com"><span class="email">Alexey.Melnikov@isode.com</span></a></span></address>
+      <div id="change.log">
+         <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
+         <div id="changes.since.draft-mbelshe-httpbis-spdy-00">
+            <h2 id="rfc.section.A.1"><a href="#rfc.section.A.1">A.1</a>&nbsp;<a href="#changes.since.draft-mbelshe-httpbis-spdy-00">Since draft-mbelshe-httpbis-spdy-00</a></h2>
+            <p id="rfc.section.A.1.p.1">Adopted as base for draft-ietf-httpbis-http2.</p>
+            <p id="rfc.section.A.1.p.2">Updated authors/editors list.</p>
+            <p id="rfc.section.A.1.p.3">Added status note.</p>
+         </div>
       </div>
-      <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
-      <h2 id="rfc.section.A.1"><a href="#rfc.section.A.1">A.1</a>&nbsp;<a id="changes.since.draft-mbelshe-httpbis-spdy-00" href="#changes.since.draft-mbelshe-httpbis-spdy-00">Since draft-mbelshe-httpbis-spdy-00</a></h2>
-      <p id="rfc.section.A.1.p.1">Adopted as base for draft-ietf-httpbis-http2.</p>
-      <p id="rfc.section.A.1.p.2">Updated authors/editors list.</p>
-      <p id="rfc.section.A.1.p.3">Added status note.</p>
       <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1>
       <p class="noprint"><a href="#rfc.index.A">A</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.T">T</a> <a href="#rfc.index.U">U</a> 
@@ -2069 +2173 @@
          </ul>
       </div>
+      <div class="avoidbreak">
+         <h1 id="rfc.authors"><a href="#rfc.authors">Authors' Addresses</a></h1>
+         <p><b>Mike Belshe</b><br>Twist<br>Email: <a href="mailto:mbelshe@chromium.org">mbelshe@chromium.org</a></p>
+         <p><b>Roberto Peon</b><br>Google, Inc<br>Email: <a href="mailto:fenix@google.com">fenix@google.com</a></p>
+         <p><b>Martin Thomson</b>
+            (editor)
+            <br>Microsoft<br>3210 Porter Drive<br>Palo Alto, 94043<br>US<br>Email: <a href="mailto:martin.thomson@skype.net">martin.thomson@skype.net</a></p>
+         <p><b>Alexey Melnikov</b>
+            (editor)
+            <br>Isode Ltd<br>5 Castle Business Village<br>36 Station Road<br>Hampton, Middlesex&nbsp;TW12 2BX<br>UK<br>Email: <a href="mailto:Alexey.Melnikov@isode.com">Alexey.Melnikov@isode.com</a></p>
+      </div>
    </body>
 </html>