HTTPbis

HTTPbis
Name	HTTPbis
Developed by	Internet Engineering Task Force, World Wide Web Consortium
Initial release	1990s–2010s
Latest release	ongoing
Platform	Internet Protocol Suite
License	RFC standards

HTTPbis is the informal name used by standards communities for the series of efforts to revise, clarify, and extend the Hypertext Transfer Protocol specifications originally codified in RFC 2616 and subsequent RFCs. The work coordinates multiple institutions and contributors across the Internet Engineering Task Force, World Wide Web Consortium, and numerous corporate and academic stakeholders such as Google, Microsoft, Mozilla Foundation, Apple Inc., Facebook, Cloudflare, Amazon (company), and IBM. The project spans interactions with protocols like Transmission Control Protocol, User Datagram Protocol, Transport Layer Security, and infrastructures including Apache HTTP Server, nginx, IIS (Internet Information Services), and content delivery networks used by Netflix and Akamai Technologies.

Background and Rationale

The origins trace to early web architecture debates involving contributors from CERN, Mosaic Communications Corporation, National Center for Supercomputing Applications, and later engineering groups at W3C and IETF. Key events and documents include the original RFC 1945 and RFC 2068 discussions, the publication of RFC 2616, and subsequent interoperability challenges revealed by implementers such as Google's Chromium team, Mozilla engineers, and operators at Yahoo!. Concerns referenced during deliberations involved interactions with World Wide Web Consortium specifications like HTML 4.01, HTML5, and security protocols legislated under laws such as United States Digital Millennium Copyright Act in the context of content delivery. Major incidents that motivated clarifications included large-scale deployments by Amazon (company), major outages investigated by New York Times technical teams, and performance initiatives from Akamai Technologies and Netflix engineering blogs.

Development and Standards Process

The process was driven by working groups within the Internet Engineering Task Force and coordination with the World Wide Web Consortium. Prominent contributors included engineers affiliated with Google, Microsoft, Mozilla Foundation, Apple Inc., and research from institutions such as MIT, Stanford University, University of California, Berkeley, and Carnegie Mellon University. The standards progression used the RFC publication stream and iterative drafts discussed at venues like IETF 90, IETF 95, and meetings of the IAB. Corporate stakeholders including Facebook, Cloudflare, Akamai Technologies, Amazon (company), and IBM participated in interoperability testing at events organized by IETF and hosted at labs such as Mozilla Foundation testbeds and W3C workshops. The effort referenced adjacent standards groups like the TLS Working Group and collaborated with registries maintained by IANA.

Key Changes and Features

Revisions emphasized clearer parsing rules, header semantics, connection management, caching behaviors influenced by RFC 7234, and explicit interoperability notes for implementations such as Apache HTTP Server and nginx. Changes addressed interactions with Transport Layer Security and designs used by QUIC implementations from Google and Cloudflare, aligning with work by IETF QUIC Working Group. The specifications clarified method definitions used by agents like curl and clients such as Google Chrome, Mozilla Firefox, Safari (web browser), and Microsoft Edge. Cache control, content negotiation, and conditional requests were revised with input from teams at Wikipedia, New York Times, and BBC. Work also covered semantics for status codes and extensions leveraged by APIs from Twitter, GitHub, Stripe (company), and PayPal.

Implementation and Adoption

Major web servers and proxies implemented the revised guidance, including Apache HTTP Server, nginx, IIS (Internet Information Services), Envoy (software), and HAProxy. Client adoption involved Google Chrome, Mozilla Firefox, Safari (web browser), and Microsoft Edge, while mobile ecosystems such as Android (operating system) and iOS integrated related behaviors. Content delivery networks and platform providers including Akamai Technologies, Cloudflare, Amazon (company), Fastly, Netflix, and Facebook contributed interoperability reports. Open-source projects such as cURL, Node.js, nghttp2, and Go (programming language) implemented features and tests cross-referenced by academic groups at Stanford University and MIT.

Relationship to HTTP/2 and HTTP/3

The revision work paralleled the evolution embodied by HTTP/2 and HTTP/3, coordinating semantics for methods, headers, and status codes while deferring transport multiplexing and framing to separate specifications like the HTTP/2 RFC and QUIC specifications that led to HTTP/3. Implementers from Google (which advanced QUIC), Cloudflare, Mozilla Foundation, Microsoft, and Akamai Technologies ensured that application semantics remained stable across transports. Interactions with TLS 1.3 work by the TLS Working Group and deployment case studies from Facebook and Google informed guidance on security and deployment best practices.

Criticism and Compatibility Issues

Critiques emerged from community stakeholders including smaller implementers, academic researchers at University of California, Berkeley and Carnegie Mellon University, and organizations such as Electronic Frontier Foundation regarding complexity, backward compatibility, and deployment cost. Some operators like legacy hosting providers and projects relying on older stacks (e.g., heritage Apache HTTP Server modules) reported interoperability challenges, leading to advocacy from W3C community groups and operational coordination via IETF mailing lists. Debates also involved commercial platform operators such as Amazon (company), Google, Facebook, and Microsoft over extension mechanisms and implications for caching and intermediaries.

Category:Internet protocols