Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News HTTP Being Revised

HTTP Being Revised

This item in japanese

Mark Nottingham, HTTP guru and amongst other things the ex chair of the WS-Addressing working group, mentions that the IETF HTTPbis Working Group had its first face-to-face meeting recently to discuss updates to the HTTP standard. As Mark points out, it's been a long process to get here:
I’ve spent a fair amount of time over the last year and a half working with people in the IETF to get RFC2616 — the HTTP specification — revised.
Roy Fielding's partitioned drafts will likely become the basis of the new work. Although the charter would appear to be quite limited in scope:
The working group will refine RFC2616 to:
* Incorporate errata and updates (e.g., references, IANA registries,
* Fix editorial problems which have led to misunderstandings of the
* Clarify conformance requirements
* Remove known ambiguities where they affect interoperability
* Clarify existing methods of extensibility
* Remove or deprecate those features that are not widely implemented
and also unduly affect interoperability
* Where necessary, add implementation advice
* Document the security properties of HTTP and its associated
echanisms (e.g., Basic and Digest authentication, cookies, TLS) for
common applications

In doing so, it should consider:
* Implementer experience
* Demonstrated use of HTTP
* Impact on existing implementations and deployments
Mark believes even this will lead to more changes:
HTTP started as a protocol just for browsers, and its task was fairly simple. Yes, persistent connections and ranged requests make things a bit more complex, but the use cases were relatively homogenous almost a decade ago, and the people doing the implementations were able to assure interop for those common cases.


Now, a new generation of developers are using HTTP for things that weren’t even thought of then; AJAX, Atom, CalDAV, “RESTful Web Services” and the like push the limits of what HTTP is and can do. The dark corners that weren’t looked at very closely in the rush to get RFC2616 out are now coming to light, and cleaning them up now will help these new uses, rather than encourage them to diverge in how they use HTTP.

So, while the focus of the WG is on implementors, to me that doesn’t must mean Apache, IIS, Mozilla, Squid and the like; it also means people using HTTP to build new protocols, like OAuth and Atom Publishing Protocol. It means people running large Web sites that use HTTP in not-so-typical ways.

Obviously there will be the usual types of updates and clarifications that occur whenever a standard is revised after many years of use. The original design decisions behind the current standard aren't always crystal clear to new developers or users, so these areas need to be improved, as Mark goes on to point out.

Rate this Article