Proposal: FINAL_DATA

draft-ietf-httpbis-connect-tcp.md

@@ -66,12 +66,13 @@ This specification describes an alternative mechanism for proxying TCP in HTTP.
 
 A template-driven TCP transport proxy for HTTP is identified by a URI Template {{!RFC6570}} containing variables named "target_host" and "target_port".  This URI Template and its variable values MUST meet all the same requirements as for UDP proxying ({{!RFC9298, Section 2}}), and are subject to the same validation rules.  The client MUST substitute the destination host and port number into this template to produce the request URI.  The derived URI serves as the destination of a Capsule Protocol connection using the Upgrade Token "connect-tcp" (see registration in {{new-upgrade-token}}).
 
-When using "connect-tcp", TCP payload data is sent in the payload of a new Capsule Type named DATA (see registration in {{data-capsule}}).  The ordered concatenation of DATA capsule payloads represents the TCP payload data.
+When using "connect-tcp", TCP payload data is sent in the payload of new Capsule Types named DATA and FINAL_DATA (see registrations in {{data-capsule}}).  The ordered concatenation of these capsule payloads represents the TCP payload data.  A FINAL_DATA capsule additionally indicates that sender has closed this stream, semantically equivalent to TCP FIN.  After sending a FINAL_DATA capsule, an endpoint MUST NOT send any more DATA or FINAL_DATA capsules on this data stream. (See {{closing-connections}} for related requirements.)
 
-An intermediary MAY merge and split successive DATA capsules, subject to the following requirements:
+An intermediary MAY merge and split successive DATA and FINAL_DATA capsules, subject to the following requirements:
 
 * There are no intervening capsules of other types.
 * The order of payload content is preserved.
+* The final emitted capsule uses the same capsule type (DATA or FINAL_DATA) as the final input capsule, and all others use the DATA capsule type.
 
 ## In HTTP/1.1
 
@@ -159,9 +160,9 @@ Clients SHOULD assume that all proxy resources generated by a single template sh
 
 In each HTTP version, any requirements related to closing connections in Classic HTTP CONNECT also apply to "connect-tcp", with the following modifications:
 
-* In HTTP/1.1, endpoints SHOULD close the connection in an error state to indicate receipt of a TCP connection error (e.g., a TCP RST or timeout).  Acceptable error states include sending an incomplete DATA capsule (as defined in {{Section 3.3 of !RFC9297}}), a TLS Error Alert ({{!RFC8446, Section 6.2}}), or a TCP RST (if TLS is not in use).  When a connection is terminated in an error state, the receiving endpoint SHOULD send a TCP RST if the underlying TCP implementation permits it.
-* In HTTP/2 and HTTP/3, senders MAY use an incomplete DATA capsule to indicate a TCP connection error, instead of (or in addition to) the signals defined for TCP connection errors in Classic HTTP CONNECT.  Recipients MUST recognize any incomplete capsule as a TCP connection error.
-* Intermediaries MUST propagate connection shutdown errors, including when translating between different HTTP versions.
+* If an endpoint in this specification receives a TCP FIN indicating clean shutdown, it MUST send a FINAL_DATA capsule.
+* When a connection is terminated without a FINAL_DATA capsule, the endpoint SHOULD send a TCP RST if the underlying TCP implementation permits it.
+* In HTTP/2 and HTTP/3, senders MAY additionally emit a stream error as in Classic HTTP CONNECT.
 
 # Additional Connection Setup Behaviors
 
@@ -251,8 +252,9 @@ IF APPROVED, IANA is requested to add the following entry to the "HTTP Capsule T
 | ----- | ------------ | --------- | ---------------------------------- | ----------------- | ------- |
 | Value | Capsule Type | Status    | Reference                          | Change Controller | Contact |
 | (TBD) | DATA         | permanent | (This document), {{specification}} | IETF              | HTTPBIS |
+| (TBD) | FINAL_DATA   | permanent | (This document), {{specification}} | IETF              | HTTPBIS |
 
-For this draft version of the protocol, the Capsule Type value `0x2028d7ee` shall be used provisionally for testing, under the name "DATA-07".
+For this draft version of the protocol, the Capsule Type values `0x2028d7ee` and `0x2028d7ef` shall be used provisionally for testing, under the names "DATA-07" and "FINAL_DATA-07".
 
 --- back