One document matched: draft-ietf-httpbis-header-compression-08.xml


<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type='text/xsl' href='lib/rfc2629.xslt' ?>

<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc linkmailto="no"?>
<?rfc editing="no"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc rfcedstyle="yes"?>
<?rfc-ext allow-markup-in-artwork="yes" ?>
<?rfc-ext include-index="no" ?>

<rfc category="std"
    ipr="trust200902"
    docName="draft-ietf-httpbis-header-compression-08"
    x:maturity-level="proposed"
    xmlns:x="http://purl.org/net/xml2rfc/ext">
    <x:feedback template="mailto:ietf-http-wg@w3.org?subject={docname},%20%22{section}%22&body=<{ref}>:"/>
    <front>
        <title abbrev="HPACK">HPACK - Header Compression for HTTP/2</title>

        <author initials="R." surname="Peon" fullname="Roberto Peon">
            <organization>Google, Inc</organization>
            <address>
                <email>fenix@google.com</email>
            </address>
        </author>

        <author initials="H." surname="Ruellan" fullname="Hervé Ruellan">
            <organization>Canon CRF</organization>
            <address>
                <email>herve.ruellan@crf.canon.fr</email>
            </address>
        </author>

        <date year="2014"/>
        <area>Applications</area>
        <workgroup>HTTPbis</workgroup>
        <keyword>HTTP</keyword>
        <keyword>Header</keyword>
        <abstract>
            <t>
                This specification defines HPACK, a compression format for
                efficiently representing HTTP header fields in the context of
                HTTP/2.
            </t>
        </abstract>

      <note title="Editorial Note (To be removed by RFC Editor)">
        <t>
          Discussion of this draft takes place on the HTTPBIS working group
          mailing list (ietf-http-wg@w3.org), which is archived at <eref
          target="https://lists.w3.org/Archives/Public/ietf-http-wg/"/>.
        </t>
        <t>
          Working Group information can be found at <eref
          target="http://tools.ietf.org/wg/httpbis/"/>; that specific to HTTP/2
          are at <eref target="http://http2.github.io/"/>.
        </t>
        <t>
          The changes in this draft are summarized in <xref
          target="changes.since.draft-ietf-httpbis-header-compression-07"/>.
        </t>
      </note>
    </front>

    <middle>
        <section title="Introduction">
            <t>
                This specification defines HPACK, a compression format for
                efficiently representing HTTP header fields in the context of
                HTTP/2 (see <xref target="HTTP2"/>).
            </t>
        </section>

        <section title="HPACK Overview" anchor="overview">
            <t>
                In HTTP/1.1 (see <xref target="RFC7230"/>), header fields are
                encoded without any form of compression.  As web pages have
                grown to include dozens to hundreds of requests, the redundant
                header fields in these requests now measurably increase latency
                and unnecessarily consume bandwidth (see <xref
                    target="SPDY-DESC-1"/>
                and <xref target="SPDY-DESC-2"/>).
            </t>

            <t>
                SPDY <xref target="SPDY"/> initially addressed this redundancy
                by compressing header fields using the DEFLATE format <xref
                target="DEFLATE"/>, which proved very effective at efficiently
                representing the redundant header fields.  However, that
                approach exposed a security risk as demonstrated by the CRIME
                attack (see <xref target="CRIME"/>).
            </t>

            <t>
                This document describes HPACK, a new compressor for header
                fields which eliminates redundant header fields, limits
                vulnerability to known security attacks, and which has a bounded
                memory requirement for use in constrained environments.
            </t>

            <section title="Outline">
                <t>
                    The HTTP header field encoding defined in this document is
                    based on a header table that maps name-value pairs to index
                    values.  The header table is incrementally updated as new
                    values are encoded or decoded.
                </t>
                <t>
                    A set of header fields is treated as an unordered collection
                    of name-value pairs that can include duplicates.  Names and
                    values are considered to be opaque sequences of octets.  The
                    order of header fields is not guaranteed to be preserved
                    after being compressed and decompressed.
                </t>
                <t>
                    In the encoded form, a header field is represented either
                    literally or as a reference to a name-value pair in a header
                    table.  A set of header fields can therefore be encoded
                    using a mixture of references and literal values.
                </t>
                <t>
                    As two consecutive sets of header fields often have header
                    fields in common, each set is coded as a difference from the
                    previous set. The goal is to only encode the changes between
                    the two sets of header fields (that is, header fields that
                    are present in only one of the sets) and eliminate
                    redundancy (header fields present in both sets).
                </t>
                <t>
                    A subset of the header fields that are encoded as references to
                    the header table are maintained in a reference set that is
                    used as the initial set of header fields for the next
                    encoding.
                </t>
                <t>
                    The encoder is responsible for deciding which header fields
                    to insert as new entries in the header table.  The decoder
                    executes the modifications to the header table and reference
                    set prescribed by the encoder, reconstructing the set of
                    header fields in the process.  This enables decoders to
                    remain simple and understand a wide variety of encoders.
                </t>
                <t>
                    Examples illustrating the use of these different mechanisms
                    to represent header fields are available in <xref
                    target="examples"/>.
                </t>
            </section>

            <section title="Conventions" anchor="conventions">
                <t>
                    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
                    "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
                    and "OPTIONAL" in this document are to be interpreted as
                    described in <xref target="RFC2119">RFC 2119</xref>.
                </t>
                <t>
                    All numeric values are in network byte order.  Values are
                    unsigned unless otherwise indicated.  Literal values are
                    provided in decimal or hexadecimal as appropriate.
                    Hexadecimal literals are prefixed with <spanx
                        style="verb">0x</spanx> to distinguish them from decimal
                    literals.
                </t>

            </section>

            <section title="Terminology" anchor="encoding.concepts">
                <t>
                    This document uses the following terms:
                    <list style="hanging">
                        <t hangText="Header Field:">
                            A name-value pair.  Both the name and value are
                            treated as opaque sequences of octets.
                        </t>
                        <t hangText="Header Table:">
                            The header table (see <xref target="header.table"/>)
                            is a component used to associate stored header
                            fields to index values.
                        </t>
                        <t hangText="Static Table:">
                            The static table (see <xref target="static.table"/>)
                            is a component used to associate static header
                            fields to index values.  This data is ordered,
                            read-only, always accessible, and may be shared
                            amongst all encoding contexts.
                        </t>
                        <t hangText="Header Set:">
                            A header set is an unordered group of header fields
                            that are encoded jointly. It can contain duplicate
                            header fields. A complete set of key-value pairs
                            contained in a HTTP request or response is a header
                            set.
                        </t>
                        <t hangText="Reference Set:">
                            The reference set (see <xref
                            target="reference.set"/>) is a component containing
                            an unordered set of references to entries in the
                            header table. It doesn't contain duplicate
                            references. The reference set is used for the
                            differential encoding of a new header set.
                        </t>
                        <t hangText="Header Field Representation:">
                            A header field can be represented in encoded form
                            either as a literal or as an index (see <xref
                            target="header.representation"/>).
                        </t>
                        <t hangText="Header Block:">
                            The entire set of encoded header field
                            representations which, when decoded, yield a
                            complete header set.
                        </t>
                        <t hangText="Header Field Emission:">
                            When decoding a set of header field representations,
                            some operations emit a header field (see <xref
                            target="header.emission"/>).  Emitted header fields
                            are added to the output header set and cannot be
                            removed.
                        </t>
                    </list>
                </t>
            </section>
        </section>

        <section title="Decoding Process Overview" anchor="header.encoding">
            <t>
                This specification does not describe a specific algorithm for an
                encoder.  Instead, it defines precisely how a decoder is expected
                to operate, allowing encoders to produce any encoding that this
                definition permits.
            </t>

            <section title="Encoding and Decoding Contexts"
                anchor="encoding.context">
                <t>
                    HPACK requires that a decoder maintains both a header table
                    and a reference set.  No other state information is needed
                    to decode messages.  An encoder that wishes to reference
                    entries in the header table, reference set, or static table
                    needs to maintain a copy of the information a decoder holds.
                </t>
                <t>
                    When used for bidirectional communication, such as in HTTP,
                    the encoding and decoding contexts maintained by an endpoint
                    are completely independent.  Header fields are encoded
                    without any reference to the local decoding state; and
                    header fields are decoded without reference to the encoding
                    state.
                </t>
                <t>
                    Each endpoint maintains a header table and a reference set in
                    order to decode header blocks, and optionally a copy of the
                    information maintained by their peer.
                </t>
            </section>

            <section title="Header Table" anchor="header.table">
                <t>
                    A header table consists of a list of header fields
                    maintained in first-in, first-out order.  The first and
                    newest entry in a header table is always at index 1, and the
                    oldest entry of a header table is at the index corresponding
                    to the number of entries in the header table.
                </t>
                <t>
                    The header table is initially empty.
                </t>
                <t>
                    The header table can contain duplicate entries. Therefore,
                    duplicate entries MUST NOT be treated as an error by a
                    decoder.
                </t>
                <t>
                    The encoder decides how to update the header table and as
                    such can control how much memory is used by the header
                    table. To limit the memory requirements of the decoder, the
                    header table size is strictly bounded (see <xref
                    target="maximum.table.size"/>).
                </t>
                <t>
                    The header table is updated during the processing of a set
                    of header field representations (see <xref
                    target="header.representation.processing"/>).
                </t>
            </section>

            <section title="Reference Set" anchor="reference.set">
                <t>
                    A reference set is an unordered set of references to entries
                    of the header table. It never contains duplicate references.
                </t>
                <t>
                    The reference set is initially empty.
                </t>
                <t>
                    The reference set is updated during the processing of a set
                    of header field representations (see <xref
                    target="header.representation.processing"/>).
                </t>
                <t>
                    The reference set enables differential encoding, where
                    only differences between the previous header set and the
                    current header set need to be encoded. The use of
                    differential encoding is optional for any header set.
                </t>
                <t>
                    When an entry is evicted from the header table, if it was
                    referenced from the reference set, its reference is removed
                    from the reference set.
                </t>
                <t>
                    To limit the memory requirements on the decoder side for
                    handling the reference set, only entries within the header
                    table can be contained in the reference set. To still allow
                    entries from the static table to take advantage of the
                    differential encoding, when a header field is represented as
                    a reference to an entry of the static table, this entry is
                    inserted into the header table (see <xref
                    target="header.representation.processing"/>).
                </t>
            </section>

            <section title="Header Field Representation"
                     anchor="header.representation">
                <t>
                    An encoded header field can be represented either as a
                    literal or as an index.
                </t>
                <t>
                    A literal representation defines a new header field. The
                    header field name can be represented literally or as a
                    reference to an entry of the header table. The header field
                    value is represented literally.
                </t>
                <t>
                    Three different literal representations are provided:
                    <list style="symbols">
                        <t>
                            A literal representation that does not add the
                            header field to the header table (see <xref
                            target="literal.header.without.indexing"/>).
                        </t>
                        <t>
                            A literal representation that does not add the
                            header field to the header table, with the
                            additional stipulation that this header field always
                            use a literal representation, in particular when
                            re-encoded by an intermediary (see <xref
                            target="literal.header.never.indexed"/>).
                        </t>
                        <t>
                            A literal representation that adds the header field
                            as a new entry at the beginning of the header table
                            (see <xref
                            target="literal.header.with.incremental.indexing"/>).
                        </t>
                    </list>
                </t>
                <t>
                    An indexed representation defines a header field as a
                    reference to an entry in either the header table or the
                    static table (see <xref
                    target="indexed.header.representation"/>).
                </t>
                <t>
                    Indices between 1 and the length of the header table
                    (inclusive) refer to elements in the header table, with
                    index 1 referring to the beginning of the table.
                </t>
                <t>
                    Indices between one higher than the length of the header
                    table represent indexes into the static table.  The length
                    of the header table is subtracted to find the index into the
                    static table.
                </t>
                <t>
                    Indices that are greater than the sum of the lengths of both
                    tables MUST be treated as a decoding error.
                </t>
                <t>
                    An indexed representation using an entry of the static
                    table induces a copy of this entry into the header table
                    (see <xref target="header.representation.processing"/>)
                    for bounding memory requirements on the decoder side (see
                    <xref target="maximum.table.size"/>). For this reason, the
                    header table is accessed more frequently than the static
                    table and has the lower indices.
                </t>

                <figure title="Index Address Space">
                    <preamble>
                        For a header table size of k and a static table size of
                        s, the following diagram shows the entire valid index
                        address space.
                    </preamble>
                    <artwork type="drawing"><![CDATA[
        <----------  Index Address Space ---------->
        <-- Header  Table -->  <-- Static  Table -->
        +---+-----------+---+  +---+-----------+---+
        | 1 |    ...    | k |  |k+1|    ...    |k+s|
        +---+-----------+---+  +---+-----------+---+
        ^                   |
        |                   V
 Insertion Point      Dropping Point
]]></artwork>
                </figure>
            </section>

            <section title="Header Field Emission" anchor="header.emission">
                <t>
                    A decoder processes an encoded header block sequentially.
                    As different instructions are processed, some might specify
                    that a header field is emitted.
                </t>
                <t>
                    The emission of a header field is the process of marking a
                    header field as belonging to the output header set. Once a
                    header has been emitted, it cannot be removed or retracted
                    from the decoder output.
                </t>
                <t>
                    An emitted header field can be safely
                    passed to the upper processing layer as part of the current
                    header set. The decoder can pass emitted header fields
                    to the upper processing layer in any order.
                </t>
                <t>
                    By emitting header fields instead of emitting header sets, a
                    decoder can be implemented with minimal memory commitment in
                    addition to the header table and the reference set. The
                    management of memory for handling very large sets of header
                    fields can therefore be deferred to the upper processing
                    layers.
                </t>
            </section>
        </section>

        <section title="Header Block Decoding"
                 anchor="header.block.decoding">
            <t>
                The processing of a header block to obtain a header set is
                defined in this section.  To ensure that the decoding will
                successfully produce a header set, a decoder MUST obey the
                following rules.
            </t>

            <section title="Header Field Representation Processing"
                     anchor="header.representation.processing">
                <t>
                    All the header field representations contained in a header
                    block are processed in the order in which they appear, as
                    specified below.  Details on the formatting of the various
                    header field representations, and some additional processing
                    instructions are found in <xref
                    target="detailed.format"/>.
                </t>
                <t>
                    An <spanx>indexed representation</spanx> corresponding to an
                    entry <spanx>present</spanx> in the reference set entails
                    the following actions:
                    <list style="symbols">
                        <t>The entry is removed from the reference set.</t>
                    </list>
                </t>
                <t>
                    An <spanx>indexed representation</spanx> corresponding to an
                    entry <spanx>not present</spanx> in the reference set
                    entails the following actions:
                    <list style="symbols">
                        <t>If referencing an element of the static table:
                        <list style="symbols">
                            <t>The header field corresponding to the referenced
                            entry is emitted.</t>
                            <t>The referenced static entry is inserted at the
                            beginning of the header table.</t>
                            <t>A reference to this new header table entry is
                            added to the reference set, unless this new entry
                            didn't fit in the header table.</t>
                        </list>
                        </t>
                        <t>If referencing an element of the header table:
                        <list style="symbols">
                            <t>The header field corresponding to the referenced
                            entry is emitted.</t>
                            <t>The referenced header table entry is added to the
                            reference set.</t>
                        </list>
                        </t>
                    </list>
                </t>
                <t>
                    A <spanx>literal representation</spanx> that is <spanx>not
                    added</spanx> to the header table entails the following
                    action:
                    <list style="symbols">
                        <t>The header field is emitted.</t>
                    </list>
                </t>
                <t>
                    A <spanx>literal representation</spanx> that is
                    <spanx>added</spanx> to the header table entails the
                    following actions:
                    <list style="symbols">
                        <t>The header field is emitted.</t>
                        <t>The header field is inserted at the beginning of the
                        header table.</t>
                        <t>A reference to the new entry is added to the
                        reference set, unless this new entry didn't fit in
                        the header table.</t>
                    </list>
                </t>
            </section>

            <section title="Reference Set Emission"
                     anchor="reference.set.emission">
                <t>
                    Once all the representations contained in a header block
                    have been processed, any header fields included in the
                    reference set that have not previously been emitted during
                    the processing of this header block are emitted.
                </t>
                <t>
                    After the emission of these remaining header fields, the
                    header set is complete.
                </t>
            </section>
        </section>

        <section title="Header Table Management"
                 anchor="header.table.management">
            <section title="Maximum Table Size"
                     anchor="maximum.table.size">
                <t>
                    To limit the memory requirements on the decoder side, the
                    mutable structures used in an encoding context are
                    constrained in size. These mutable structures are the header
                    table and the reference set.
                </t>
                <t>
                    The size of the header table is bounded by a maximum size
                    defined by the decoder.  The size of the header table MUST
                    always be lower than or equal to this maximum size.
                </t>
                <t>
                    The reference set can only contain references to entries of
                    the header table, and can't contain references to entries of
                    the static table. In addition, it can't contain duplicate
                    references.  Therefore, its maximum size is bounded by the
                    size of the header table.
                </t>
                <t>
                    By default, the maximum size of the header table is equal to
                    the value of the HTTP/2 setting SETTINGS_HEADER_TABLE_SIZE
                    defined by the decoder (see <xref target="HTTP2"
                        x:fmt="of" x:rel="#SettingValues"/>).  The encoder can
                    change this maximum size (see <xref
                        target="encoding.context.update"/>), but it MUST stay
                    lower than or equal to the value of
                    SETTINGS_HEADER_TABLE_SIZE.
                </t>
                <t>
                    After applying an updated value of the HTTP/2 setting
                    SETTINGS_HEADER_TABLE_SIZE that changes the maximum size of
                    the header table used by the encoder, the encoder MUST
                    signal this change via an encoding context update (see <xref
                    target="encoding.context.update"/>). This encoding context
                    update MUST occur at the beginning of the first header
                    block following the SETTINGS frame sent to acknowledge the
                    application of the updated settings.
                </t>
                <t>
                    The size of the header table is the sum of the size of its
                    entries.
                </t>
                <t>
                    The size of an entry is the sum of its name's length in
                    octets (as defined in <xref
                    target="string.literal.representation" />), its value's
                    length in octets (<xref
                    target="string.literal.representation" />), plus 32.
                </t>
                <t>
                    The size of an entry is calculated using the length of the
                    name and value without any Huffman encoding applied.
                </t>
                <t>
                    The additional 32 octets account for overhead associated
                    with an entry. For example, an entry structure using two
                    64-bit pointers to reference the name and the value of the
                    entry, and two 64-bit integers for counting the number of
                    references to the name and value would have 32 octets of
                    overhead.
                </t>
            </section>
            <section title="Entry Eviction When Header Table Size Changes"
                     anchor="entry.eviction">
                <t>
                    Whenever the maximum size for the header table is reduced,
                    entries are evicted from the end of the header table until
                    the size of the header table is less than or equal to the
                    maximum size.
                </t>
                <t>
                    Whenever an entry is evicted from the header table, any
                    reference to that entry from the reference set is removed.
                </t>
                <t>
                    The eviction of an entry from the header table causes the
                    index of the entries in the static table to be reduced by
                    one.
                </t>
            </section>
            <section title="Entry Eviction when Adding New Entries"
                     anchor="entry.addition">
                <t>
                    Whenever a new entry is to be added to the header table
                    entries are evicted from the end of the header table until
                    the size of the header table is less than or equal to
                    (maximum size - new entry size), or until the table is
                    empty.
                </t>
                <t>
                    If the representation of the added entry references the name
                    of an entry in the header table, the referenced name is
                    cached prior to performing eviction to avoid having the name
                    inadvertently evicted.
                </t>
                <t>
                    If the size of the new entry is less than or equal to the
                    maximum size, that entry is added to the table.  It is not
                    an error to attempt to add an entry that is larger than the
                    maximum size; an attempt to add an entry larger than the
                    entire table causes the table to be emptied of all existing
                    entries.
                </t>
            </section>
        </section>

        <section title="Primitive Type Representations"
                 anchor="low-level.representation">
            <t>
                HPACK encoding uses two primitive types: unsigned variable
                length integers, and strings of octets.
            </t>

            <section title="Integer representation"
                     anchor="integer.representation">
                <t>
                    Integers are used to represent name indexes, pair indexes or
                    string lengths. To allow for optimized processing, an
                    integer representation always finishes at the end of an
                    octet.
                </t>
                <t>
                    An integer is represented in two parts: a prefix that fills
                    the current octet and an optional list of octets that are
                    used if the integer value does not fit within the prefix.
                    The number of bits of the prefix (called N) is a parameter
                    of the integer representation.
                </t>
                <t>
                    The N-bit prefix allows filling the current octet.  If the
                    value is small enough (strictly less than
                    2<x:sup>N</x:sup>-1), it is encoded within the N-bit prefix.
                    Otherwise all the bits of the prefix are set to 1 and the
                    value is encoded using an unsigned variable length integer
                    representation (see <eref
                    target="http://en.wikipedia.org/wiki/Variable-length_quantity"/>).
                    N is always between 1 and 8 bits. An integer starting at an
                    octet-boundary will have an 8-bit prefix.
                </t>
                <figure>
                    <preamble>
                        The algorithm to represent an integer I is as follows:
                    </preamble>
                    <artwork type = "inline"><![CDATA[
if I < 2^N - 1, encode I on N bits
else
    encode (2^N - 1) on N bits
    I = I - (2^N - 1)
    while I >= 128
         encode (I % 128 + 128) on 8 bits
         I = I / 128
    encode I on 8 bits
]]></artwork>
                </figure>
                <figure>
                    <preamble>
                        For informational purpose, the algorithm to decode an
                        integer I is as follows:
                    </preamble>
                    <artwork type="inline"><![CDATA[
decode I from the next N bits
if I < 2^N - 1, return I
else
    M = 0
    repeat
        B = next octet
        I = I + (B & 127) * 2^M
        M = M + 7
    while B & 128 == 128
    return I
]]></artwork>
                </figure>
                <t>
                    Examples illustrating the encoding of integers are available
                    in <xref target="integer.representation.examples"/>.
                </t>
                <t>
                    This integer representation allows for values of indefinite
                    size.  It is also possible for an encoder to send a large
                    number of zero values, which can waste octets and could be
                    used to overflow integer values.  Excessively large integer
                    encodings - in value or octet length - MUST be treated as a
                    decoding error.  Different limits can be set for each of the
                    different uses of integers, based on implementation
                    constraints.
                </t>
            </section>

            <section title="String Literal Representation"
                     anchor="string.literal.representation">
                <t>
                    Header field names and header field values can be
                    represented as literal string. A literal string is encoded
                    as a sequence of octets, either by directly encoding the
                    literal string's octets, or by using a Huffman code
                    <xref target="HUFFMAN"/>.
                </t>
                <figure title="String Literal Representation">
                    <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| H |    String Length (7+)     |
+---+---------------------------+
|  String Data (Length octets)  |
+-------------------------------+
]]></artwork>
                </figure>
                <t>
                    A literal string representation contains the following
                    fields:
                    <list style="hanging">
                        <t hangText="H:">
                            A one bit flag, H, indicating whether or not the
                            octets of the string are Huffman encoded.
                        </t>
                        <t hangText="String Length:">
                            The number of octets used to encode the string
                            literal, encoded as an integer with 7-bit prefix
                            (see <xref target="integer.representation"/>).
                        </t>
                        <t hangText="String Data:">
                            The encoded data of the string literal. If H is
                            '0', then the encoded data is the raw octets of
                            the string literal. If H is '1', then the
                            encoded data is the Huffman encoding of the
                            string literal.
                        </t>
                    </list>
                </t>
                <t>
                    String literals which use Huffman encoding are encoded with
                    the Huffman code defined in <xref target="huffman.code"/>
                    (see examples in <xref
                        target="request.examples.with.huffman.coding">Request
                        Examples with Huffman Coding</xref> and in <xref
                        target="response.examples.with.huffman.coding">Response
                        Examples with Huffman Coding</xref>). The encoded data
                    is the bitwise concatenation of the codes corresponding to
                    each octet of the string literal.
                </t>
                <t>
                    As the Huffman encoded data doesn't always end at an octet
                    boundary, some padding is inserted after it up to the next
                    octet boundary. To prevent this padding to be misinterpreted
                    as part of the string literal, the most significant bits of
                    code corresponding to the EOS (end-of-string) symbol are
                    used.
                </t>
                <t>
                    Upon decoding, an incomplete code at the end of the
                    encoded data is to be considered as padding and discarded. A
                    padding strictly longer than 7 bits MUST be treated as a
                    decoding error. A padding not corresponding to the most
                    significant bits of the code for the EOS symbol MUST be
                    treated as a decoding error. A Huffman encoded string
                    literal containing the EOS symbol MUST be treated as a
                    decoding error.
                </t>
            </section>
        </section>

        <section title="Binary Format" anchor="detailed.format">
            <t>
                This section describes the detailed format of each of the
                different header field representations, plus the encoding
                context update instruction.
            </t>

            <section title="Indexed Header Field Representation"
                anchor="indexed.header.representation">
                <t>
                    An indexed header field representation identifies an entry
                    in either the header table or the static table.
                </t>
                <t>
                    An indexed header field representation can either causes a
                    header field to be emitted or to be removed from the
                    reference set, as described in <xref
                    target="header.representation.processing"/>.
                </t>

                <figure title="Indexed Header Field">
                    <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 1 |        Index (7+)         |
+---+---------------------------+
]]></artwork>
                </figure>
                <t>
                    An indexed header field starts with the '1' 1-bit pattern,
                    followed by the index of the matching pair, represented as
                    an integer with a 7-bit prefix.
                </t>
                <t>
                    The index value of 0 is not used. It MUST be treated as a
                    decoding error if found in an indexed header field
                    representation.
                </t>
            </section>

            <section title="Literal Header Field Representation"
                anchor="literal.header.representation">
                <t>
                    A literal header field representation contains a literal
                    header field value.  Header field names are either provided
                    as a literal or by reference to an existing table entry,
                    either from the header table or the static table.
                </t>
                <t>
                    A literal representation always result in the emission of a
                    header field when decoded.
                </t>

                <section title="Literal Header Field with Incremental Indexing"
                    anchor="literal.header.with.incremental.indexing">
                    <t>
                        A literal header field with incremental indexing
                        representation causes the emission of a header field,
                        adding it as a new entry to the header table.
                    </t>
                    <figure title="Literal Header Field with Incremental Indexing -
                        Indexed Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 1 |      Index (6+)       |
+---+---+-----------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <figure title="Literal Header Field with Incremental Indexing -
                        New Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 1 |           0           |
+---+---+-----------------------+
| H |     Name Length (7+)      |
+---+---------------------------+
|  Name String (Length octets)  |
+---+---------------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <t>
                        A literal header field with incremental indexing
                        representation starts with the '01' 2-bit pattern.
                    </t>
                    <t>
                        If the header field name matches the header field name
                        of an entry stored in the header table or the static
                        table, the header field name can be represented using
                        the index of that entry. In this case, the index of the
                        entry is represented as an integer with a 6-bit prefix
                        (see <xref target="integer.representation"/>).  This
                        value is always non-zero.
                    </t>
                    <t>
                        Otherwise, the header field name is represented as a
                        literal. A value 0 is used in place of the 6-bit index,
                        followed by the header field name (see <xref
                        target="string.literal.representation" />).
                    </t>
                    <t>
                        Either form of header field name representation is
                        followed by the header field value represented as a
                        literal string as described in <xref
                        target="string.literal.representation" />.
                    </t>
                </section>

                <section title="Literal Header Field without Indexing"
                    anchor="literal.header.without.indexing">
                    <t>
                        A literal header field without indexing representation
                        causes the emission of a header field without altering
                        the header table.
                    </t>
                    <figure title="Literal Header Field without Indexing - Indexed Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 0 | 0 |  Index (4+)   |
+---+---+-----------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <figure title="Literal Header Field without Indexing - New Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 0 | 0 |       0       |
+---+---+-----------------------+
| H |     Name Length (7+)      |
+---+---------------------------+
|  Name String (Length octets)  |
+---+---------------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <t>
                        A literal header field without indexing representation
                        starts with the '0000' 4-bit pattern.
                    </t>
                    <t>
                        If the header field name matches the header field name
                        of an entry stored in the header table or the static
                        table, the header field name can be represented using
                        the index of that entry. In this case, the index of the
                        entry is represented as an integer with a 4-bit prefix
                        (see <xref target="integer.representation"/>).  This
                        value is always non-zero.
                    </t>
                    <t>
                        Otherwise, the header field name is represented as a
                        literal. A value 0 is used in place of the 4-bit index,
                        followed by the header field name (see <xref
                        target="string.literal.representation" />).
                    </t>
                    <t>
                        Either form of header field name representation is
                        followed by the header field value represented as a
                        literal string as described in <xref
                        target="string.literal.representation" />.
                    </t>
                </section>

                <section title="Literal Header Field Never Indexed"
                    anchor="literal.header.never.indexed">
                    <t>
                        A literal header field never indexed representation
                        causes the emission of a header field without altering
                        the header table.  Intermediaries MUST use the same
                        representation for encoding this header field.
                    </t>
                    <figure title="Literal Header Field Never Indexed - Indexed Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 0 | 1 |  Index (4+)   |
+---+---+-----------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <figure title="Literal Header Field Never Indexed - New Name">
                        <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 0 | 1 |       0       |
+---+---+-----------------------+
| H |     Name Length (7+)      |
+---+---------------------------+
|  Name String (Length octets)  |
+---+---------------------------+
| H |     Value Length (7+)     |
+---+---------------------------+
| Value String (Length octets)  |
+-------------------------------+
]]></artwork>
                    </figure>
                    <t>
                        A literal header field never indexed representation
                        starts with the '0001' 4-bit pattern.
                    </t>
                    <t>
                        When a header field is represented as a literal header
                        field never indexed, it MUST always be encoded with
                        this specific literal representation. In particular,
                        when a peer sends a header field that it received
                        represented as a literal header field never indexed, it
                        MUST use the same representation to forward this header
                        field.
                    </t>
                    <t>
                        This representation is intended for protecting header
                        field values that are not to be put at risk by
                        compressing them (see <xref
                        target="compression.based.attacks"/> for more details).
                    </t>
                    <t>
                        The encoding of the representation is identical to the
                        literal header field without indexing
                        (see <xref target="literal.header.without.indexing"/>).
                    </t>
                </section>
            </section>

            <section title="Encoding Context Update"
                anchor="encoding.context.update">
                <t>
                    An encoding context update causes the immediate application
                    of a change to the encoding context.
                </t>
                <figure title="Context Update">
                    <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 1 | F |      ...      |
+---+---------------------------+
]]></artwork>
                </figure>
                <t>
                    An encoding context update starts with the '001' 3-bit
                    pattern.
                </t>
                <t>
                    It is followed by a flag specifying the type of the change,
                    and by any data necessary to describe the change itself.
                </t>
                <figure title="Reference Set Emptying">
                    <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 1 | 1 |       0       |
+---+---------------------------+
]]></artwork>
                </figure>
                <t>
                    The flag bit being set to '1' signals that the reference set
                    is emptied. The remaining bits MUST be set to '0', non-zero
                    values MUST be treated as a decoding error.
                </t>
                <figure title="Maximum Header Table Size Change">
                    <artwork type="inline"><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 1 | 0 | Max size (4+) |
+---+---------------------------+
]]></artwork>
                </figure>
                <t>
                    The flag bit being set to '0' signals that a change to the
                    maximum size of the header table. This new maximum size MUST
                    be lower than or equal to the maximum set by the decoder.
                    That is, the value of the HTTP/2 setting
                    SETTINGS_HEADER_TABLE_SIZE, defined in <xref target="HTTP2"
                    x:fmt="of" x:rel="#SettingValues"/>.
                </t>
                <t>
                    The new maximum size is encoded as an integer with a 4-bit
                    prefix (see <xref target="integer.representation"/>).
                </t>
                <t>
                    Reducing the maximum size of the header table causes entries
                    to be evicted (see <xref target="entry.eviction"/>).
                </t>
            </section>
        </section>

        <section anchor="Security" title="Security Considerations">

            <t>
                This section describes potential areas of security concern
                with HPACK:
                <list style="symbols">
                    <t>
                        Use of compression as a length-based oracle for
                        verifying guesses about secrets that are compressed
                        into a shared compression context.
                    </t>
                    <t>
                        Denial of service resulting from exhausting processing
                        or memory capacity at a decoder.
                    </t>
                </list>
            </t>

            <section title="Probing Header Table State"
                anchor="compression.based.attacks">

                <t>
                    HPACK reduces the length of header field encodings by
                    exploiting the redundancy inherent in protocols like HTTP.
                    The ultimate goal of this is to reduce the amount of data
                    that is required to send HTTP requests or responses.
                </t>
                <t>
                    The compression context used to encode header fields can be
                    probed by an attacker that has the following capabilities:
                    to define header fields to be encoded and transmitted; and
                    to observe the length of those fields once they are encoded.
                    This allows an attacker to adaptively modify requests in
                    order to confirm guesses about the header table state. If a
                    guess is compressed into a shorter length, the attacker can
                    observe the encoded length and infer that the guess was
                    correct.
                </t>
                <t>
                    This is possible because while TLS provides confidentiality
                    protection for content, it only provides a limited amount of
                    protection for the length of that content.
                    <list style="hanging">
                        <t hangText="Note:">
                            Padding schemes only provide limited protection
                            against an attacker with these capabilities,
                            potentially only forcing an increased number of
                            guesses to learn the length associated with a given
                            guess.  Padding schemes also work directly against
                            compression by increasing the number of bits that
                            are transmitted.
                        </t>
                    </list>
                </t>
                <t>
                    Attacks like <xref target="CRIME"/> demonstrated the
                    existence of these general attacker capabilities.  The
                    specific attack exploited the fact that <xref
                        target="DEFLATE"/> removes redundancy based on prefix
                    matching.  This permitted the attacker to confirm guesses a
                    character at a time, reducing an exponential-time attack
                    into a constant time attack.
                </t>

                <section title="Applicability to HPACK and HTTP">
                    <t>
                        HPACK mitigates but does not completely prevent attacks
                        modelled on <xref target="CRIME"/> by forcing a guess to
                        match an entire header field value, rather than
                        individual characters.  An attacker can only learn
                        whether a guess is correct or not, so is reduced to a
                        brute force guess for the header field values.
                    </t>
                    <t>
                        The viability of recovering specific header field values
                        therefore depends on the entropy of values.  As a
                        result, values with high entropy are unlikely to be
                        recovered successfully.  However, values with low
                        entropy remain vulnerable.
                    </t>
                    <t>
                        Attacks of this nature are possible any time that two
                        mutually distrustful entities control requests or
                        responses that are placed onto a single HTTP/2
                        connection.  If the shared HPACK compressor permits one
                        entity to add entries to the header table, and the other
                        to access those entries, then the state of the table can
                        be learned.
                    </t>
                    <t>
                        Having requests or responses from mutually distrustful
                        entities occurs when an intermediary either:
                        <list style="symbols">
                            <t>
                                sends requests from multiple clients on a single
                                connection toward an origin server, or
                            </t>
                            <t>
                                takes responses from multiple origin servers and
                                places them on a shared connection toward a
                                client.
                            </t>
                        </list>
                        Web browsers also need to assume that requests made on
                        the same connection by different <xref
                        target="ORIGIN">web origins</xref> are made by mutually
                        distrustful entities.
                    </t>
                </section>

                <section title="Mitigation">
                    <t>
                        Users of HTTP that require confidentiality for header
                        fields can use values with entropy sufficient to make
                        guessing infeasible.  However, this is impractical as a
                        general solution because it forces all users of HTTP to
                        take steps to mitigate attacks.  It would impose new
                        constraints on how HTTP is used.
                    </t>
                    <t>
                        Rather than impose constraints on users of HTTP, an
                        implementation of HPACK can instead constrain how
                        compression is applied in order to limit the potential
                        for header table probing.
                    </t>
                    <t>
                        An ideal solution segregates access to the header table
                        based on the entity that is constructing header fields.
                        Header field values that are added to the table are
                        attributed to an entity, and only the entity that
                        created an particular value can extract that value.
                    </t>
                    <t>
                        To improve compression performance of this option,
                        certain entries might be tagged as being public.  For
                        example, a web browser might make the values of the
                        Accept-Encoding header field available in all requests.
                    </t>
                    <t>
                        An encoder without good knowledge of the provenance of
                        header fields might instead introduce a penalty for bad
                        guesses, such that attempts to guess a header field
                        value results in all values being removed from
                        consideration in all future requests, effectively
                        preventing further guesses.
                        <list style="hanging">
                            <t hangText="Note:">
                                Simply removing values from the header table can
                                be ineffectual if the attacker has a reliable
                                way of causing values to be reinstalled.  For
                                example, a request to load an image in a web
                                browser typically includes the Cookie header
                                field (a potentially highly valued target for
                                this sort of attack), and web sites can easily
                                force an image to be loaded, thereby refreshing
                                the entry in the header table.
                            </t>
                        </list>
                    </t>
                    <t>
                        This response might be made inversely proportional to
                        the length of the header field.  Marking as inaccessible
                        might occur for shorter values more quickly or with
                        higher probability than for longer values.
                    </t>
                    <t>
                        Implementations might also choose to protect certain
                        header fields that are known to be highly valued, such
                        as the Authorization or Cookie header fields, by
                        disabling or further limiting compression.
                    </t>
                </section>

                <section title="Never Indexed Literals">
                    <t>
                        Refusing to generate an indexed representation for a
                        header field is only effective if compression is avoided
                        on all hops.  The <xref
                        target="literal.header.never.indexed">never indexed
                        literal</xref> can be used to signal to intermediaries
                        that a particular value was intentionally sent as a
                        literal.  An intermediary MUST NOT re-encode a value
                        that uses the never indexed literal as an indexed
                        representation.
                    </t>
                </section>
            </section>

            <section title="Static Huffman Encoding">
                <t>
                    There is currently no known threat taking advantage of the
                    use of a fixed Huffman encoding. A study has shown that
                    using a fixed Huffman encoding table created an information
                    leakage, however this same study concluded that an attacker
                    could not take advantage of this information leakage to
                    recover any meaningful amount of information (see <xref
                    target="PETAL"/>).
                </t>
            </section>

            <section title="Memory Consumption">
                <t>
                    An attacker can try to cause an endpoint to exhaust its
                    memory. HPACK is designed to limit both the peak and state
                    amounts of memory allocated by an endpoint.
                </t>
                <t>
                    The amount of memory used by the compressor state is limited
                    by the decoder using the value of the HTTP/2 setting
                    SETTINGS_HEADER_TABLE_SIZE (see <xref target="HTTP2"
                    x:fmt="of" x:rel="#SettingValues"/>). This limit takes into
                    account both the size of the data stored in the header
                    table, plus a small allowance for overhead.
                </t>
                <t>
                    A decoder can limit the amount of state memory used by
                    setting an appropriate value for the setting
                    SETTINGS_HEADER_TABLE_SIZE.  An encoder can limit the amount
                    of state memory it uses by signaling lower header table size
                    than the decoder allows (see <xref
                    target="encoding.context.update"/>).
                </t>
                <t>
                    The amount of temporary memory consumed by an encoder or
                    decoder can be limited by processing header fields
                    sequentially.  An implementation does not need to retain a
                    complete set of header fields.  Note however that it might
                    be necessary for an application to retain a complete header
                    set for other reasons; even though HPACK does not force this
                    to occur, application constraints might make this necessary.
                </t>
            </section>

            <section title="Implementation Limits">
                <t>
                    An implementation of HPACK needs to ensure that large values
                    for integers, long encoding for integers, or long string
                    literals do not create security weaknesses.
                </t>
                <t>
                    An implementation has to set a limit for the values it
                    accepts for integers, as well as for the encoded length (see
                    <xref target="integer.representation"/>).  In the same way,
                    it has to set a limit to the length it accepts for string
                    literals (see <xref
                    target="string.literal.representation"/>).
                </t>
            </section>

        </section>

        <section title="Acknowledgements">
            <t>
                This document includes substantial input from the following
                individuals:
                <list style="symbols">
                    <t>
                        Mike Bishop, Jeff Pinner, Julian Reschke, Martin Thomson
                        (substantial editorial contributions).
                    </t>
                    <t>
                        Johnny Graettinger (Huffman code statistics).
                    </t>
                </list>
            </t>
        </section>
    </middle>

    <back>
        <references title="Normative References">
            <reference anchor="HTTP2">
                <front>
                    <title>Hypertext Transfer Protocol version 2</title>
                    <author initials="M." surname="Belshe" fullname="Mike Belshe">
                        <organization>Twist</organization>
                    </author>
                    <author initials="R." surname="Peon" fullname="Roberto Peon">
                        <organization>Google</organization>
                    </author>
                    <author initials="M." surname="Thomson" fullname="Martin Thomson" role="editor">
                        <organization>Mozilla</organization>
                    </author>
                    <date month="June" year="2014"/>
                </front>
                <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-http2-13"/>
                <x:source href="refs/draft-ietf-httpbis-http2-13.xml"/>
            </reference>

            <reference anchor="RFC7230">
              <front>
                <title>
                    Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and
                    Routing
                </title>
                <author fullname="Roy T. Fielding" initials="R." role="editor" surname="Fielding">
                  <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
                  <address><email>fielding@gbiv.com</email></address>
                </author>
                <author fullname="Julian F. Reschke" initials="J. F." role="editor" surname="Reschke">
                  <organization abbrev="greenbytes">greenbytes GmbH</organization>
                  <address><email>julian.reschke@greenbytes.de</email></address>
                </author>
                <date month="June" year="2014" />
              </front>
              <seriesInfo name="RFC" value="7230" />
              <x:source href="refs/rfc7230.xml"
                basename="https://svn.tools.ietf.org/svn/wg/httpbis/specs/rfc7230"/>
            </reference>

            <reference anchor="RFC2119">
              <front>
                <title>
                  Key words for use in RFCs to Indicate Requirement Levels
                </title>
                <author initials="S." surname="Bradner" fullname="Scott Bradner">
                  <organization>Harvard University</organization>
                  <address><email>sob@harvard.edu</email></address>
                </author>
                <date month="March" year="1997"/>
              </front>
              <seriesInfo name="BCP" value="14"/>
              <seriesInfo name="RFC" value="2119"/>
            </reference>

        </references>

        <references title="Informative References">
            <reference anchor="SPDY">
                <front>
                    <title>SPDY Protocol</title>
                    <author initials="M." surname="Belshe" fullname="Mike Belshe">
                        <organization>Twist</organization>
                    </author>
                    <author initials="R." surname="Peon" fullname="Roberto Peon">
                        <organization>Google</organization>
                    </author>
                    <date month="February" year="2012"/>
                </front>
                <seriesInfo name="Internet-Draft" value="draft-mbelshe-httpbis-spdy-00"/>
            </reference>
            <reference anchor="ORIGIN">
                <front>
                    <title>The Web Origin Concept</title>
                    <author initials="A." surname="Barth" fullname="Adam Barth"/>
                    <date month="December" year="2011"/>
                </front>
                <seriesInfo name="RFC" value="6454"/>
            </reference>
            <reference anchor="DEFLATE">
                <front>
                    <title>DEFLATE Compressed Data Format Specification version 1.3</title>
                    <author initials="P." surname="Deutsch" fullname="L. Peter Deutsch">
                        <organization>Aladdin Enterprises</organization>
                    </author>
                    <date month="May" year="1996"/>
                </front>
                <seriesInfo name="RFC" value="1951"/>
            </reference>
            <reference anchor="CRIME" target="https://docs.google.com/a/twist.com/presentation/d/11eBmGiHbYcHR9gL5nDyZChu_-lCa2GizeuOfaLU2HOU/edit#slide=id.g1eb6c1b5_3_6">
                <front>
                    <title>The CRIME Attack</title>
                    <author initials="J." surname="Rizzo" fullname="Juliano Rizzo"></author>
                    <author initials="T." surname="Duong" fullname="Thai Duong"></author>
                    <date month="September" year="2012"/>
                </front>
            </reference>
            <reference anchor="SPDY-DESC-1" target="https://www.ietf.org/proceedings/83/slides/slides-83-httpbis-3">
                <front>
                    <title>
                        IETF83: SPDY and What to Consider for HTTP/2.0
                    </title>
                    <author initials="M." surname="Belshe" fullname="Mike Belshe">
                    </author>
                    <date month="March" year="2012"/>
                </front>
            </reference>
            <reference anchor="SPDY-DESC-2" target="https://bitsup.blogspot.com/2011/09/spdy-what-i-like-about-you.html">
                <front>
                    <title>SPDY: What I Like About You</title>
                    <author initials="P." surname="McManus" fullname="Patrick McManus">
                    </author>
                    <date month="September" year="2011"/>
                </front>
            </reference>

            <reference anchor="HUFFMAN" target="https://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=4051119">
                <front>
                    <title>A Method for the Construction of Minimum Redundancy
                    Codes</title>
                    <author surname="Huffman" initials="D. A." fullname="David A. Huffman"/>
                    <date month="September" year="1952"/>
                </front>
                <seriesInfo name="Proceedings of the Institute of Radio Engineers" value="Volume 40, Number 9, pp. 1098-1101"/>
            </reference>

            <reference anchor="CANONICAL" target="https://dl.acm.org/citation.cfm?id=363991">
                <front>
                    <title>Generating a canonical prefix encoding</title>
                    <author surname="Schwartz" initials="E. S." fullname="Eugene. S. Schwartz"/>
                    <author surname="Kallick" initials="B." fullname="Bruce Kallick"/>
                    <date month="March" year="1964"/>
                </front>
                <seriesInfo name="Communications of the ACM" value="Volume 7 Issue 3, pp. 166-169"/>
            </reference>

            <reference anchor="PETAL" target="http://www.pdl.cmu.edu/PDL-FTP/associated/CMU-PDL-13-106.pdf">
                <front>
                    <title>PETAL: Preset Encoding Table Information
                    Leakage</title>
                    <author surname="Tan" initials="J." fullname="Jiaqi Tan"/>
                    <author surname="Nahata" initials="J."
                        fullname="Jayvardhan Nahata"/>
                    <date month="April" year="2013"/>
                </front>
            </reference>
        </references>


        <section title="Change Log (to be removed by RFC Editor before publication">
            <section title="Since draft-ietf-httpbis-header-compression-07"
                anchor="changes.since.draft-ietf-httpbis-header-compression-07">
                <t><list style="symbols">
                    <t>
                        Removed old text on index value of 0.
                    </t>
                    <t>
                        Added clarification for signalling of maximum table size
                        after a SETTINGS_HEADER_TABLE_SIZE update.
                    </t>
                    <t>
                        Rewrote security considerations.
                    </t>
                    <t>
                        Many editorial clarifications or improvements.
                    </t>
                    <t>
                        Added convention section.
                    </t>
                    <t>
                        Reworked document's outline.
                    </t>
                    <t>
                        Updated static table. Entry 16 has now "gzip, deflate"
                        for value.
                    </t>
                    <t>
                        Updated Huffman table, using data set provided by
                        Google.
                    </t>
                </list></t>
            </section>
            <section title="Since draft-ietf-httpbis-header-compression-06"
                anchor="changes.since.draft-ietf-httpbis-header-compression-06">
                <t><list style="symbols">
                    <t>
                        Updated format to include literal headers that must
                        never be compressed.
                    </t>
                    <t>
                        Updated security considerations.
                    </t>
                    <t>
                        Moved integer encoding examples to the appendix.
                    </t>
                    <t>
                        Updated Huffman table.
                    </t>
                    <t>
                        Updated static header table (adding and removing status
                        values).
                    </t>
                    <t>
                        Updated examples.
                    </t>
                </list></t>
            </section>
            <section title="Since draft-ietf-httpbis-header-compression-05"
                anchor="changes.since.draft-ietf-httpbis-header-compression-05">
                <t><list style="symbols">
                    <t>
                        Regenerated examples.
                    </t>
                    <t>
                        Only one Huffman table for requests and responses.
                    </t>
                    <t>
                        Added maximum size for header table, independent of
                        SETTINGS_HEADER_TABLE_SIZE.
                    </t>
                    <t>
                        Added pseudo-code for integer decoding.
                    </t>
                    <t>
                        Improved examples (removing unnecessary removals).
                    </t>
                </list></t>
            </section>
            <section title="Since draft-ietf-httpbis-header-compression-04"
                anchor="changes.since.draft-ietf-httpbis-header-compression-04">
                <t><list style="symbols">
                    <t>
                        Updated examples: take into account changes in the spec,
                        and show more features.
                    </t>
                    <t>
                        Use 'octet' everywhere instead of having both 'byte' and
                        'octet'.
                    </t>
                    <t>
                        Added reference set emptying.
                    </t>
                    <t>
                        Editorial changes and clarifications.
                    </t>
                    <t>
                        Added "host" header to the static table.
                    </t>
                    <t>
                        Ordering for list of values (either NULL- or
                        comma-separated).
                    </t>
                </list></t>
            </section>

            <section title="Since draft-ietf-httpbis-header-compression-03"
                anchor="changes.since.draft-ietf-httpbis-header-compression-03">
                <t><list style="symbols">
                    <t>
                        A large number of editorial changes; changed the
                        description of evicting/adding new entries.
                    </t>
                    <t>
                        Removed substitution indexing
                    </t>
                    <t>
                        Changed 'initial headers' to 'static headers', as per
                        issue #258
                    </t>
                    <t>
                        Merged 'request' and 'response' static headers, as per
                        issue #259
                    </t>
                    <t>
                        Changed text to indicate that new headers are added at
                        index 0 and expire from the largest index, as per issue
                        #233
                    </t>
                </list></t>
            </section>
            <section title="Since draft-ietf-httpbis-header-compression-02">
                <t><list style="symbols">
                    <t>
                        Corrected error in integer encoding pseudocode.
                    </t>
                </list></t>
            </section>

            <section title="Since draft-ietf-httpbis-header-compression-01">
                <t>
                    <list style="symbols">
                        <t>
                            Refactored of Header Encoding Section: split
                            definitions and processing rule.
                        </t>
                        <t>
                            Backward incompatible change: Updated reference set
                            management as per issue #214. This changes how the
                            interaction between the reference set and eviction
                            works. This also changes the working of the
                            reference set in some specific cases.
                        </t>
                        <t>
                            Backward incompatible change: modified initial
                            header list, as per issue #188.
                        </t>
                        <t>
                            Added example of 32 octets entry structure (issue
                            #191).
                        </t>
                        <t>
                            Added Header Set Completion section.  Reflowed some
                            text. Clarified some writing which was akward.
                            Added text about duplicate header entry encoding.
                            Clarified some language w.r.t Header Set.  Changed
                            x-my-header to mynewheader. Added text in the
                            HeaderEmission section indicating that the
                            application may also be able to free up memory more
                            quickly.  Added information in Security
                            Considerations section.
                        </t>
                    </list>
                </t>
            </section>
            <section title="Since draft-ietf-httpbis-header-compression-00">
                <t>
                    <list>
                        <t>Fixed bug/omission in integer representation
                        algorithm.</t>
                        <t>Changed the document title.</t>
                        <t>Header matching text rewritten.</t>
                        <t>Changed the definition of header emission.</t>
                        <t>Changed the name of the setting which dictates how
                        much memory the compression context should use.</t>
                        <t>Removed "specific use cases" section</t>
                        <t>Corrected erroneous statement about what index can be
                        contained in one octet</t>
                        <t>Added descriptions of opcodes</t>
                        <t>Removed security claims from introduction.</t>
                    </list>
                </t>
            </section>
        </section>
        <section title="Static Table" anchor="static.table">
            <t>
                The static table consists of an unchangeable ordered list of
                (name, value) pairs. The first entry in the table is always
                represented by the index len(header table) + 1, and the last
                entry in the table is represented by the index len(header table)
                + len(static table).
            </t>
            <t>
                The static table was created by listing the most common
                header fields that are valid for messages exchanged inside a
                HTTP/2 connection. For header fields with a few frequent
                values, an entry was added for each of these frequent values.
                For other header fields, an entry was added with an empty
                value.
            </t>
            <t>
                The following table lists the pre-defined header fields that
                make-up the static table.
            </t>
            <texttable title="Static Table Entries"
                anchor="static.table.entries">
                <!-- An easy way to renumber these in vim, with mark a and b
                     delimiting the table entries:
                      :let @a=1 | 'a,'bs/>[0-9 ][0-9 ]*</\='>'.(@a+setreg('a',@a+1)).'<'/
                -->
                <ttcol>Index</ttcol>
                <ttcol>Header Name</ttcol>
                <ttcol>Header Value</ttcol>

                <c>1</c><c>:authority</c><c></c>
                <c>2</c><c>:method</c><c>GET</c>
                <c>3</c><c>:method</c><c>POST</c>
                <c>4</c><c>:path</c><c>/</c>
                <c>5</c><c>:path</c><c>/index.html</c>
                <c>6</c><c>:scheme</c><c>http</c>
                <c>7</c><c>:scheme</c><c>https</c>
                <c>8</c><c>:status</c><c>200</c>
                <c>9</c><c>:status</c><c>204</c>
                <c>10</c><c>:status</c><c>206</c>
                <c>11</c><c>:status</c><c>304</c>
                <c>12</c><c>:status</c><c>400</c>
                <c>13</c><c>:status</c><c>404</c>
                <c>14</c><c>:status</c><c>500</c>
                <c>15</c><c>accept-charset</c><c></c>
                <c>16</c><c>accept-encoding</c><c>gzip, deflate</c>
                <c>17</c><c>accept-language</c><c></c>
                <c>18</c><c>accept-ranges</c><c></c>
                <c>19</c><c>accept</c><c></c>
                <c>20</c><c>access-control-allow-origin</c><c></c>
                <c>21</c><c>age</c><c></c>
                <c>22</c><c>allow</c><c></c>
                <c>23</c><c>authorization</c><c></c>
                <c>24</c><c>cache-control</c><c></c>
                <c>25</c><c>content-disposition</c><c></c>
                <c>26</c><c>content-encoding</c><c></c>
                <c>27</c><c>content-language</c><c></c>
                <c>28</c><c>content-length</c><c></c>
                <c>29</c><c>content-location</c><c></c>
                <c>30</c><c>content-range</c><c></c>
                <c>31</c><c>content-type</c><c></c>
                <c>32</c><c>cookie</c><c></c>
                <c>33</c><c>date</c><c></c>
                <c>34</c><c>etag</c><c></c>
                <c>35</c><c>expect</c><c></c>
                <c>36</c><c>expires</c><c></c>
                <c>37</c><c>from</c><c></c>
                <c>38</c><c>host</c><c></c>
                <c>39</c><c>if-match</c><c></c>
                <c>40</c><c>if-modified-since</c><c></c>
                <c>41</c><c>if-none-match</c><c></c>
                <c>42</c><c>if-range</c><c></c>
                <c>43</c><c>if-unmodified-since</c><c></c>
                <c>44</c><c>last-modified</c><c></c>
                <c>45</c><c>link</c><c></c>
                <c>46</c><c>location</c><c></c>
                <c>47</c><c>max-forwards</c><c></c>
                <c>48</c><c>proxy-authenticate</c><c></c>
                <c>49</c><c>proxy-authorization</c><c></c>
                <c>50</c><c>range</c><c></c>
                <c>51</c><c>referer</c><c></c>
                <c>52</c><c>refresh</c><c></c>
                <c>53</c><c>retry-after</c><c></c>
                <c>54</c><c>server</c><c></c>
                <c>55</c><c>set-cookie</c><c></c>
                <c>56</c><c>strict-transport-security</c><c></c>
                <c>57</c><c>transfer-encoding</c><c></c>
                <c>58</c><c>user-agent</c><c></c>
                <c>59</c><c>vary</c><c></c>
                <c>60</c><c>via</c><c></c>
                <c>61</c><c>www-authenticate</c><c></c>
            </texttable>
            <t>
                <xref target="static.table.entries"/> gives the index of each
                entry in the static table.  The full index of each entry, to be
                used for encoding a reference to this entry, is computed by
                adding the number of entries in the header table to this index.
            </t>
        </section>

        <section title="Huffman Code" anchor="huffman.code">
            <t>
                The following Huffman code is used when encoding string literals
                with a Huffman coding (see <xref
                    target="string.literal.representation"/>).
            </t>
            <t>
                This Huffman code was generated from statistics obtained on a
                large sample of HTTP headers. It is a canonical Huffman code
                <xref target="CANONICAL"/> with some tweaking to ensure that no
                symbol has a unique code length.
            </t>
            <t>
                Each row in the table defines the code used to represent a
                symbol:
                <list style="hanging">
                    <t hangText="sym:">
                        The symbol to be represented. It is the decimal value of
                        an octet, possibly prepended with its ASCII
                        representation. A specific symbol, "EOS", is used to
                        indicate the end of a string literal.
                    </t>
                    <t hangText="code as bits:">
                        The Huffman code for the symbol represented as a base-2
                        integer, aligned on the most significant bit (MSB).
                    </t>
                    <t hangText="code as hex:">
                        The Huffman code for the symbol, represented as a
                        hexadecimal integer, aligned on the least significant
                        bit (LSB).
                    </t>
                    <t hangText="len:">
                        The number of bits for the code representing the symbol.
                    </t>
                </list>
            </t>
            <t>
                As an example, the code for the symbol 47 (corresponding to the
                ASCII character "/") consists in the 6 bits "0", "1", "1", "0",
                "0", "0". This corresponds to the value 0x18 (in hexadecimal)
                encoded on 6 bits.
            </t>
            <figure>
                <artwork><![CDATA[
                                                    code
                       code as bits                as hex    len
     sym              aligned to MSB               aligned    in
                                                   to LSB    bits
    (  0)  |11111111|11000                             1ff8  [13]
    (  1)  |11111111|11111111|1011000                7fffd8  [23]
    (  2)  |11111111|11111111|11111110|0010         fffffe2  [28]
    (  3)  |11111111|11111111|11111110|0011         fffffe3  [28]
    (  4)  |11111111|11111111|11111110|0100         fffffe4  [28]
    (  5)  |11111111|11111111|11111110|0101         fffffe5  [28]
    (  6)  |11111111|11111111|11111110|0110         fffffe6  [28]
    (  7)  |11111111|11111111|11111110|0111         fffffe7  [28]
    (  8)  |11111111|11111111|11111110|1000         fffffe8  [28]
    (  9)  |11111111|11111111|11101010               ffffea  [24]
    ( 10)  |11111111|11111111|11111111|111100      3ffffffc  [30]
    ( 11)  |11111111|11111111|11111110|1001         fffffe9  [28]
    ( 12)  |11111111|11111111|11111110|1010         fffffea  [28]
    ( 13)  |11111111|11111111|11111111|111101      3ffffffd  [30]
    ( 14)  |11111111|11111111|11111110|1011         fffffeb  [28]
    ( 15)  |11111111|11111111|11111110|1100         fffffec  [28]
    ( 16)  |11111111|11111111|11111110|1101         fffffed  [28]
    ( 17)  |11111111|11111111|11111110|1110         fffffee  [28]
    ( 18)  |11111111|11111111|11111110|1111         fffffef  [28]
    ( 19)  |11111111|11111111|11111111|0000         ffffff0  [28]
    ( 20)  |11111111|11111111|11111111|0001         ffffff1  [28]
    ( 21)  |11111111|11111111|11111111|0010         ffffff2  [28]
    ( 22)  |11111111|11111111|11111111|111110      3ffffffe  [30]
    ( 23)  |11111111|11111111|11111111|0011         ffffff3  [28]
    ( 24)  |11111111|11111111|11111111|0100         ffffff4  [28]
    ( 25)  |11111111|11111111|11111111|0101         ffffff5  [28]
    ( 26)  |11111111|11111111|11111111|0110         ffffff6  [28]
    ( 27)  |11111111|11111111|11111111|0111         ffffff7  [28]
    ( 28)  |11111111|11111111|11111111|1000         ffffff8  [28]
    ( 29)  |11111111|11111111|11111111|1001         ffffff9  [28]
    ( 30)  |11111111|11111111|11111111|1010         ffffffa  [28]
    ( 31)  |11111111|11111111|11111111|1011         ffffffb  [28]
' ' ( 32)  |010100                                       14  [ 6]
'!' ( 33)  |11111110|00                                 3f8  [10]
'"' ( 34)  |11111110|01                                 3f9  [10]
'#' ( 35)  |11111111|1010                               ffa  [12]
'$' ( 36)  |11111111|11001                             1ff9  [13]
'%' ( 37)  |010101                                       15  [ 6]
'&' ( 38)  |11111000                                     f8  [ 8]
''' ( 39)  |11111111|010                                7fa  [11]
'(' ( 40)  |11111110|10                                 3fa  [10]
')' ( 41)  |11111110|11                                 3fb  [10]
'*' ( 42)  |11111001                                     f9  [ 8]
'+' ( 43)  |11111111|011                                7fb  [11]
',' ( 44)  |11111010                                     fa  [ 8]
'-' ( 45)  |010110                                       16  [ 6]
'.' ( 46)  |010111                                       17  [ 6]
'/' ( 47)  |011000                                       18  [ 6]
'0' ( 48)  |00000                                         0  [ 5]
'1' ( 49)  |00001                                         1  [ 5]
'2' ( 50)  |00010                                         2  [ 5]
'3' ( 51)  |011001                                       19  [ 6]
'4' ( 52)  |011010                                       1a  [ 6]
'5' ( 53)  |011011                                       1b  [ 6]
'6' ( 54)  |011100                                       1c  [ 6]
'7' ( 55)  |011101                                       1d  [ 6]
'8' ( 56)  |011110                                       1e  [ 6]
'9' ( 57)  |011111                                       1f  [ 6]
':' ( 58)  |1011100                                      5c  [ 7]
';' ( 59)  |11111011                                     fb  [ 8]
'<' ( 60)  |11111111|1111100                           7ffc  [15]
'=' ( 61)  |100000                                       20  [ 6]
'>' ( 62)  |11111111|1011                               ffb  [12]
'?' ( 63)  |11111111|00                                 3fc  [10]
'@' ( 64)  |11111111|11010                             1ffa  [13]
'A' ( 65)  |100001                                       21  [ 6]
'B' ( 66)  |1011101                                      5d  [ 7]
'C' ( 67)  |1011110                                      5e  [ 7]
'D' ( 68)  |1011111                                      5f  [ 7]
'E' ( 69)  |1100000                                      60  [ 7]
'F' ( 70)  |1100001                                      61  [ 7]
'G' ( 71)  |1100010                                      62  [ 7]
'H' ( 72)  |1100011                                      63  [ 7]
'I' ( 73)  |1100100                                      64  [ 7]
'J' ( 74)  |1100101                                      65  [ 7]
'K' ( 75)  |1100110                                      66  [ 7]
'L' ( 76)  |1100111                                      67  [ 7]
'M' ( 77)  |1101000                                      68  [ 7]
'N' ( 78)  |1101001                                      69  [ 7]
'O' ( 79)  |1101010                                      6a  [ 7]
'P' ( 80)  |1101011                                      6b  [ 7]
'Q' ( 81)  |1101100                                      6c  [ 7]
'R' ( 82)  |1101101                                      6d  [ 7]
'S' ( 83)  |1101110                                      6e  [ 7]
'T' ( 84)  |1101111                                      6f  [ 7]
'U' ( 85)  |1110000                                      70  [ 7]
'V' ( 86)  |1110001                                      71  [ 7]
'W' ( 87)  |1110010                                      72  [ 7]
'X' ( 88)  |11111100                                     fc  [ 8]
'Y' ( 89)  |1110011                                      73  [ 7]
'Z' ( 90)  |11111101                                     fd  [ 8]
'[' ( 91)  |11111111|11011                             1ffb  [13]
'\' ( 92)  |11111111|11111110|000                     7fff0  [19]
']' ( 93)  |11111111|11100                             1ffc  [13]
'^' ( 94)  |11111111|111100                            3ffc  [14]
'_' ( 95)  |100010                                       22  [ 6]
'`' ( 96)  |11111111|1111101                           7ffd  [15]
'a' ( 97)  |00011                                         3  [ 5]
'b' ( 98)  |100011                                       23  [ 6]
'c' ( 99)  |00100                                         4  [ 5]
'd' (100)  |100100                                       24  [ 6]
'e' (101)  |00101                                         5  [ 5]
'f' (102)  |100101                                       25  [ 6]
'g' (103)  |100110                                       26  [ 6]
'h' (104)  |100111                                       27  [ 6]
'i' (105)  |00110                                         6  [ 5]
'j' (106)  |1110100                                      74  [ 7]
'k' (107)  |1110101                                      75  [ 7]
'l' (108)  |101000                                       28  [ 6]
'm' (109)  |101001                                       29  [ 6]
'n' (110)  |101010                                       2a  [ 6]
'o' (111)  |00111                                         7  [ 5]
'p' (112)  |101011                                       2b  [ 6]
'q' (113)  |1110110                                      76  [ 7]
'r' (114)  |101100                                       2c  [ 6]
's' (115)  |01000                                         8  [ 5]
't' (116)  |01001                                         9  [ 5]
'u' (117)  |101101                                       2d  [ 6]
'v' (118)  |1110111                                      77  [ 7]
'w' (119)  |1111000                                      78  [ 7]
'x' (120)  |1111001                                      79  [ 7]
'y' (121)  |1111010                                      7a  [ 7]
'z' (122)  |1111011                                      7b  [ 7]
'{' (123)  |11111111|1111110                           7ffe  [15]
'|' (124)  |11111111|100                                7fc  [11]
'}' (125)  |11111111|111101                            3ffd  [14]
'~' (126)  |11111111|11101                             1ffd  [13]
    (127)  |11111111|11111111|11111111|1100         ffffffc  [28]
    (128)  |11111111|11111110|0110                    fffe6  [20]
    (129)  |11111111|11111111|010010                 3fffd2  [22]
    (130)  |11111111|11111110|0111                    fffe7  [20]
    (131)  |11111111|11111110|1000                    fffe8  [20]
    (132)  |11111111|11111111|010011                 3fffd3  [22]
    (133)  |11111111|11111111|010100                 3fffd4  [22]
    (134)  |11111111|11111111|010101                 3fffd5  [22]
    (135)  |11111111|11111111|1011001                7fffd9  [23]
    (136)  |11111111|11111111|010110                 3fffd6  [22]
    (137)  |11111111|11111111|1011010                7fffda  [23]
    (138)  |11111111|11111111|1011011                7fffdb  [23]
    (139)  |11111111|11111111|1011100                7fffdc  [23]
    (140)  |11111111|11111111|1011101                7fffdd  [23]
    (141)  |11111111|11111111|1011110                7fffde  [23]
    (142)  |11111111|11111111|11101011               ffffeb  [24]
    (143)  |11111111|11111111|1011111                7fffdf  [23]
    (144)  |11111111|11111111|11101100               ffffec  [24]
    (145)  |11111111|11111111|11101101               ffffed  [24]
    (146)  |11111111|11111111|010111                 3fffd7  [22]
    (147)  |11111111|11111111|1100000                7fffe0  [23]
    (148)  |11111111|11111111|11101110               ffffee  [24]
    (149)  |11111111|11111111|1100001                7fffe1  [23]
    (150)  |11111111|11111111|1100010                7fffe2  [23]
    (151)  |11111111|11111111|1100011                7fffe3  [23]
    (152)  |11111111|11111111|1100100                7fffe4  [23]
    (153)  |11111111|11111110|11100                  1fffdc  [21]
    (154)  |11111111|11111111|011000                 3fffd8  [22]
    (155)  |11111111|11111111|1100101                7fffe5  [23]
    (156)  |11111111|11111111|011001                 3fffd9  [22]
    (157)  |11111111|11111111|1100110                7fffe6  [23]
    (158)  |11111111|11111111|1100111                7fffe7  [23]
    (159)  |11111111|11111111|11101111               ffffef  [24]
    (160)  |11111111|11111111|011010                 3fffda  [22]
    (161)  |11111111|11111110|11101                  1fffdd  [21]
    (162)  |11111111|11111110|1001                    fffe9  [20]
    (163)  |11111111|11111111|011011                 3fffdb  [22]
    (164)  |11111111|11111111|011100                 3fffdc  [22]
    (165)  |11111111|11111111|1101000                7fffe8  [23]
    (166)  |11111111|11111111|1101001                7fffe9  [23]
    (167)  |11111111|11111110|11110                  1fffde  [21]
    (168)  |11111111|11111111|1101010                7fffea  [23]
    (169)  |11111111|11111111|011101                 3fffdd  [22]
    (170)  |11111111|11111111|011110                 3fffde  [22]
    (171)  |11111111|11111111|11110000               fffff0  [24]
    (172)  |11111111|11111110|11111                  1fffdf  [21]
    (173)  |11111111|11111111|011111                 3fffdf  [22]
    (174)  |11111111|11111111|1101011                7fffeb  [23]
    (175)  |11111111|11111111|1101100                7fffec  [23]
    (176)  |11111111|11111111|00000                  1fffe0  [21]
    (177)  |11111111|11111111|00001                  1fffe1  [21]
    (178)  |11111111|11111111|100000                 3fffe0  [22]
    (179)  |11111111|11111111|00010                  1fffe2  [21]
    (180)  |11111111|11111111|1101101                7fffed  [23]
    (181)  |11111111|11111111|100001                 3fffe1  [22]
    (182)  |11111111|11111111|1101110                7fffee  [23]
    (183)  |11111111|11111111|1101111                7fffef  [23]
    (184)  |11111111|11111110|1010                    fffea  [20]
    (185)  |11111111|11111111|100010                 3fffe2  [22]
    (186)  |11111111|11111111|100011                 3fffe3  [22]
    (187)  |11111111|11111111|100100                 3fffe4  [22]
    (188)  |11111111|11111111|1110000                7ffff0  [23]
    (189)  |11111111|11111111|100101                 3fffe5  [22]
    (190)  |11111111|11111111|100110                 3fffe6  [22]
    (191)  |11111111|11111111|1110001                7ffff1  [23]
    (192)  |11111111|11111111|11111000|00           3ffffe0  [26]
    (193)  |11111111|11111111|11111000|01           3ffffe1  [26]
    (194)  |11111111|11111110|1011                    fffeb  [20]
    (195)  |11111111|11111110|001                     7fff1  [19]
    (196)  |11111111|11111111|100111                 3fffe7  [22]
    (197)  |11111111|11111111|1110010                7ffff2  [23]
    (198)  |11111111|11111111|101000                 3fffe8  [22]
    (199)  |11111111|11111111|11110110|0            1ffffec  [25]
    (200)  |11111111|11111111|11111000|10           3ffffe2  [26]
    (201)  |11111111|11111111|11111000|11           3ffffe3  [26]
    (202)  |11111111|11111111|11111001|00           3ffffe4  [26]
    (203)  |11111111|11111111|11111011|110          7ffffde  [27]
    (204)  |11111111|11111111|11111011|111          7ffffdf  [27]
    (205)  |11111111|11111111|11111001|01           3ffffe5  [26]
    (206)  |11111111|11111111|11110001               fffff1  [24]
    (207)  |11111111|11111111|11110110|1            1ffffed  [25]
    (208)  |11111111|11111110|010                     7fff2  [19]
    (209)  |11111111|11111111|00011                  1fffe3  [21]
    (210)  |11111111|11111111|11111001|10           3ffffe6  [26]
    (211)  |11111111|11111111|11111100|000          7ffffe0  [27]
    (212)  |11111111|11111111|11111100|001          7ffffe1  [27]
    (213)  |11111111|11111111|11111001|11           3ffffe7  [26]
    (214)  |11111111|11111111|11111100|010          7ffffe2  [27]
    (215)  |11111111|11111111|11110010               fffff2  [24]
    (216)  |11111111|11111111|00100                  1fffe4  [21]
    (217)  |11111111|11111111|00101                  1fffe5  [21]
    (218)  |11111111|11111111|11111010|00           3ffffe8  [26]
    (219)  |11111111|11111111|11111010|01           3ffffe9  [26]
    (220)  |11111111|11111111|11111111|1101         ffffffd  [28]
    (221)  |11111111|11111111|11111100|011          7ffffe3  [27]
    (222)  |11111111|11111111|11111100|100          7ffffe4  [27]
    (223)  |11111111|11111111|11111100|101          7ffffe5  [27]
    (224)  |11111111|11111110|1100                    fffec  [20]
    (225)  |11111111|11111111|11110011               fffff3  [24]
    (226)  |11111111|11111110|1101                    fffed  [20]
    (227)  |11111111|11111111|00110                  1fffe6  [21]
    (228)  |11111111|11111111|101001                 3fffe9  [22]
    (229)  |11111111|11111111|00111                  1fffe7  [21]
    (230)  |11111111|11111111|01000                  1fffe8  [21]
    (231)  |11111111|11111111|1110011                7ffff3  [23]
    (232)  |11111111|11111111|101010                 3fffea  [22]
    (233)  |11111111|11111111|101011                 3fffeb  [22]
    (234)  |11111111|11111111|11110111|0            1ffffee  [25]
    (235)  |11111111|11111111|11110111|1            1ffffef  [25]
    (236)  |11111111|11111111|11110100               fffff4  [24]
    (237)  |11111111|11111111|11110101               fffff5  [24]
    (238)  |11111111|11111111|11111010|10           3ffffea  [26]
    (239)  |11111111|11111111|1110100                7ffff4  [23]
    (240)  |11111111|11111111|11111010|11           3ffffeb  [26]
    (241)  |11111111|11111111|11111100|110          7ffffe6  [27]
    (242)  |11111111|11111111|11111011|00           3ffffec  [26]
    (243)  |11111111|11111111|11111011|01           3ffffed  [26]
    (244)  |11111111|11111111|11111100|111          7ffffe7  [27]
    (245)  |11111111|11111111|11111101|000          7ffffe8  [27]
    (246)  |11111111|11111111|11111101|001          7ffffe9  [27]
    (247)  |11111111|11111111|11111101|010          7ffffea  [27]
    (248)  |11111111|11111111|11111101|011          7ffffeb  [27]
    (249)  |11111111|11111111|11111111|1110         ffffffe  [28]
    (250)  |11111111|11111111|11111101|100          7ffffec  [27]
    (251)  |11111111|11111111|11111101|101          7ffffed  [27]
    (252)  |11111111|11111111|11111101|110          7ffffee  [27]
    (253)  |11111111|11111111|11111101|111          7ffffef  [27]
    (254)  |11111111|11111111|11111110|000          7fffff0  [27]
    (255)  |11111111|11111111|11111011|10           3ffffee  [26]
EOS (256)  |11111111|11111111|11111111|111111      3fffffff  [30]
]]></artwork>
            </figure>
        </section>


        <section title="Examples" anchor="examples">
            <t>
                A number of examples are worked through here, covering integer
                encoding, header field representation, and the encoding of whole
                sets of header fields, for both requests and responses, and with
                and without Huffman coding.
            </t>

            <section title="Integer Representation Examples"
                anchor="integer.representation.examples">
                <t>
                    This section shows the representation of integer values in
                    details (see <xref target="integer.representation"/>).
                </t>
                <section title="Example 1: Encoding 10 Using a 5-bit Prefix"
                    anchor="integer.representation.example1">
                    <t>
                        The value 10 is to be encoded with a 5-bit prefix.
                        <list style="symbols">
                            <t>
                                10 is less than 31 (2<x:sup>5</x:sup> - 1) and
                                is represented using the 5-bit prefix.
                            </t>
                        </list>
                    </t>
                    <figure>
                        <artwork><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| X | X | X | 0 | 1 | 0 | 1 | 0 |   10 stored on 5 bits
+---+---+---+---+---+---+---+---+
]]></artwork>
                    </figure>
                </section>

                <section title="Example 2: Encoding 1337 Using a 5-bit Prefix"
                    anchor="integer.representation.example2">
                    <t>
                        The value I=1337 is to be encoded with a 5-bit prefix.
                        <list>
                            <t>
                                1337 is greater than 31 (2<x:sup>5</x:sup> - 1).
                            </t>
                            <t>
                                <list>
                                    <t>The 5-bit prefix is filled with its max
                                    value (31).</t>
                                </list>
                            </t>
                            <t>I = 1337 - (2<x:sup>5</x:sup> - 1) = 1306.</t>
                            <t>
                                <list>
                                    <t>I (1306) is greater than or equal to 128,
                                    the while loop body executes:</t>
                                    <t>
                                        <list>
                                            <t>I % 128 == 26</t>
                                            <t>26 + 128 == 154</t>
                                            <t>154 is encoded in 8 bits as:
                                            10011010</t>
                                            <t>I is set to 10 (1306 / 128 ==
                                            10)</t>
                                            <t>I is no longer greater than or
                                            equal to 128, the while loop
                                            terminates.</t>
                                        </list>
                                    </t>
                                    <t>
                                        I, now 10, is encoded on 8 bits as:
                                        00001010.
                                    </t>
                                </list>
                            </t>

                            <t>The process ends.</t>
                        </list>

                    </t>
                    <figure>
                        <artwork><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| X | X | X | 1 | 1 | 1 | 1 | 1 |  Prefix = 31, I = 1306
| 1 | 0 | 0 | 1 | 1 | 0 | 1 | 0 |  1306>=128, encode(154), I=1306/128
| 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 |  10<128, encode(10), done
+---+---+---+---+---+---+---+---+
]]></artwork>
                    </figure>
                </section>

                <section title="Example 3: Encoding 42 Starting at an Octet Boundary"
                    anchor="integer.representation.example3">
                    <t>
                        The value 42 is to be encoded starting at an
                        octet-boundary. This implies that a 8-bit prefix is
                        used.
                        <list style="symbols">
                            <t>
                                42 is less than 255 (2<x:sup>8</x:sup> - 1) and
                                is represented using the 8-bit prefix.
                            </t>
                        </list>
                    </t>
                    <figure>
                        <artwork><![CDATA[
  0   1   2   3   4   5   6   7
+---+---+---+---+---+---+---+---+
| 0 | 0 | 1 | 0 | 1 | 0 | 1 | 0 |   42 stored on 8 bits
+---+---+---+---+---+---+---+---+
]]></artwork>
                    </figure>
                </section>
            </section>

<!-- example-start -->
<section title="Header Field Representation Examples"
    anchor="header.field.representation.examples">
    <t>
        This section shows several independent representation examples.
    </t>
    <section title="Literal Header Field with Indexing">
        <t>
            The header field representation uses a literal name and a literal
            value. The header field is added to the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[custom-key: custom-header]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[400a 6375 7374 6f6d 2d6b 6579 0d63 7573 | @.custom-key.cus
746f 6d2d 6865 6164 6572                | tom-header]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[40                                      | == Literal indexed ==
0a                                      |   Literal name (len = 10)
6375 7374 6f6d 2d6b 6579                | custom-key
0d                                      |   Literal value (len = 13)
6375 7374 6f6d 2d68 6561 6465 72        | custom-header
                                        | -> custom-key: custom-head\
                                        |   er]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  55) custom-key: custom-header
      Table size:  55]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[custom-key: custom-header]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Literal Header Field without Indexing">
        <t>
            The header field representation uses an indexed name and a literal
            value. The header field is not added to the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:path: /sample/path]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[040c 2f73 616d 706c 652f 7061 7468      | ../sample/path]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[04                                      | == Literal not indexed ==
                                        |   Indexed name (idx = 4)
                                        |     :path
0c                                      |   Literal value (len = 12)
2f73 616d 706c 652f 7061 7468           | /sample/path
                                        | -> :path: /sample/path]]></artwork>
            </figure>
        </t>
        <t>
          Header table (after decoding): empty.
      </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:path: /sample/path]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Literal Header Field never Indexed">
        <t>
            The header field representation uses a literal name and a literal
            value. The header field is not added to the header table, and must
            use the same representation if re-encoded by an intermediary.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[password: secret]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[1008 7061 7373 776f 7264 0673 6563 7265 | ..password.secre
74                                      | t]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[10                                      | == Literal never indexed ==
08                                      |   Literal name (len = 8)
7061 7373 776f 7264                     | password
06                                      |   Literal value (len = 6)
7365 6372 6574                          | secret
                                        | -> password: secret]]></artwork>
            </figure>
        </t>
        <t>
          Header table (after decoding): empty.
      </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[password: secret]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Indexed Header Field">
        <t>
            The header field representation uses an indexed header field, from
            the static table. Upon using it, the static table entry is copied
            into the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[82                                      | .]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[82                                      | == Indexed - Add ==
                                        |   idx = 2
                                        | -> :method: GET]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  42) :method: GET
      Table size:  42]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Indexed Header Field from Static Table">
        <t>
            The header field representation uses an indexed header field, from
            the static table. In this example, the HTTP/2 setting
            SETTINGS_HEADER_TABLE_SIZE is set to 0, therefore, the entry is not
            copied into the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[82                                      | .]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[82                                      | == Indexed - Add ==
                                        |   idx = 2
                                        | -> :method: GET]]></artwork>
            </figure>
        </t>
        <t>
          Header table (after decoding): empty.
      </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET]]></artwork>
            </figure>
        </t>
    </section>

</section>
<section title="Request Examples without Huffman Coding"
    anchor="request.examples.without.huffman.coding">
    <t>
        This section shows several consecutive header sets, corresponding to
        HTTP requests, on the same connection.
    </t>
    <section title="First Request">
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8287 8644 0f77 7777 2e65 7861 6d70 6c65 | ...D.www.example
2e63 6f6d                               | .com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[82                                      | == Indexed - Add ==
                                        |   idx = 2
                                        | -> :method: GET
87                                      | == Indexed - Add ==
                                        |   idx = 7
                                        | -> :scheme: http
86                                      | == Indexed - Add ==
                                        |   idx = 6
                                        | -> :path: /
44                                      | == Literal indexed ==
                                        |   Indexed name (idx = 4)
                                        |     :authority
0f                                      |   Literal value (len = 15)
7777 772e 6578 616d 706c 652e 636f 6d   | www.example.com
                                        | -> :authority: www.example\
                                        |   .com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  57) :authority: www.example.com
[  2] (s =  38) :path: /
[  3] (s =  43) :scheme: http
[  4] (s =  42) :method: GET
      Table size: 180]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Second Request">
        <t>
            This request takes advantage of the differential encoding of header
            sets.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com
cache-control: no-cache]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] :authority: www.example.com
[  2] :path: /
[  3] :scheme: http
[  4] :method: GET]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[5c08 6e6f 2d63 6163 6865                | \.no-cache]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[5c                                      | == Literal indexed ==
                                        |   Indexed name (idx = 28)
                                        |     cache-control
08                                      |   Literal value (len = 8)
6e6f 2d63 6163 6865                     | no-cache
                                        | -> cache-control: no-cache]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  53) cache-control: no-cache
[  2] (s =  57) :authority: www.example.com
[  3] (s =  38) :path: /
[  4] (s =  43) :scheme: http
[  5] (s =  42) :method: GET
      Table size: 233]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[cache-control: no-cache
:authority: www.example.com
:path: /
:scheme: http
:method: GET]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Third Request">
        <t>
            This request has not enough headers in common with the previous
            request to take advantage of the differential encoding. Therefore,
            the reference set is emptied before encoding the header fields.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: https
:path: /index.html
:authority: www.example.com
custom-key: custom-value]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] cache-control: no-cache
[  2] :authority: www.example.com
[  3] :path: /
[  4] :scheme: http
[  5] :method: GET]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[3085 8c8b 8440 0a63 7573 746f 6d2d 6b65 | 0....@.custom-ke
790c 6375 7374 6f6d 2d76 616c 7565      | y.custom-value]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[30                                      | == Empty reference set ==
                                        |   idx = 0
                                        |   flag = 1
85                                      | == Indexed - Add ==
                                        |   idx = 5
                                        | -> :method: GET
8c                                      | == Indexed - Add ==
                                        |   idx = 12
                                        | -> :scheme: https
8b                                      | == Indexed - Add ==
                                        |   idx = 11
                                        | -> :path: /index.html
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> :authority: www.example\
                                        |   .com
40                                      | == Literal indexed ==
0a                                      |   Literal name (len = 10)
6375 7374 6f6d 2d6b 6579                | custom-key
0c                                      |   Literal value (len = 12)
6375 7374 6f6d 2d76 616c 7565           | custom-value
                                        | -> custom-key: custom-valu\
                                        |   e]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  54) custom-key: custom-value
[  2] (s =  48) :path: /index.html
[  3] (s =  44) :scheme: https
[  4] (s =  53) cache-control: no-cache
[  5] (s =  57) :authority: www.example.com
[  6] (s =  38) :path: /
[  7] (s =  43) :scheme: http
[  8] (s =  42) :method: GET
      Table size: 379]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: https
:path: /index.html
:authority: www.example.com
custom-key: custom-value]]></artwork>
            </figure>
        </t>
    </section>

</section>
<section title="Request Examples with Huffman Coding"
    anchor="request.examples.with.huffman.coding">
    <t>
        This section shows the same examples as the previous section, but using
        Huffman encoding for the literal values.
    </t>
    <section title="First Request">
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8287 8644 8cf1 e3c2 e5f2 3a6b a0ab 90f4 | ...D......:k....
ff                                      | .]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[82                                      | == Indexed - Add ==
                                        |   idx = 2
                                        | -> :method: GET
87                                      | == Indexed - Add ==
                                        |   idx = 7
                                        | -> :scheme: http
86                                      | == Indexed - Add ==
                                        |   idx = 6
                                        | -> :path: /
44                                      | == Literal indexed ==
                                        |   Indexed name (idx = 4)
                                        |     :authority
8c                                      |   Literal value (len = 15)
                                        |     Huffman encoded:
f1e3 c2e5 f23a 6ba0 ab90 f4ff           | .....:k.....
                                        |     Decoded:
                                        | www.example.com
                                        | -> :authority: www.example\
                                        |   .com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  57) :authority: www.example.com
[  2] (s =  38) :path: /
[  3] (s =  43) :scheme: http
[  4] (s =  42) :method: GET
      Table size: 180]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Second Request">
        <t>
            This request takes advantage of the differential encoding of header
            sets.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: http
:path: /
:authority: www.example.com
cache-control: no-cache]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] :authority: www.example.com
[  2] :path: /
[  3] :scheme: http
[  4] :method: GET]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[5c86 a8eb 1064 9cbf                     | \....d..]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[5c                                      | == Literal indexed ==
                                        |   Indexed name (idx = 28)
                                        |     cache-control
86                                      |   Literal value (len = 8)
                                        |     Huffman encoded:
a8eb 1064 9cbf                          | ...d..
                                        |     Decoded:
                                        | no-cache
                                        | -> cache-control: no-cache]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  53) cache-control: no-cache
[  2] (s =  57) :authority: www.example.com
[  3] (s =  38) :path: /
[  4] (s =  43) :scheme: http
[  5] (s =  42) :method: GET
      Table size: 233]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[cache-control: no-cache
:authority: www.example.com
:path: /
:scheme: http
:method: GET]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Third Request">
        <t>
            This request has not enough headers in common with the previous
            request to take advantage of the differential encoding. Therefore,
            the reference set is emptied before encoding the header fields.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: https
:path: /index.html
:authority: www.example.com
custom-key: custom-value]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] cache-control: no-cache
[  2] :authority: www.example.com
[  3] :path: /
[  4] :scheme: http
[  5] :method: GET]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[3085 8c8b 8440 8825 a849 e95b a97d 7f89 | 0....@.%.I.[.}..
25a8 49e9 5bb8 e8b4 bf                  | %.I.[....]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[30                                      | == Empty reference set ==
                                        |   idx = 0
                                        |   flag = 1
85                                      | == Indexed - Add ==
                                        |   idx = 5
                                        | -> :method: GET
8c                                      | == Indexed - Add ==
                                        |   idx = 12
                                        | -> :scheme: https
8b                                      | == Indexed - Add ==
                                        |   idx = 11
                                        | -> :path: /index.html
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> :authority: www.example\
                                        |   .com
40                                      | == Literal indexed ==
88                                      |   Literal name (len = 10)
                                        |     Huffman encoded:
25a8 49e9 5ba9 7d7f                     | %.I.[.}.
                                        |     Decoded:
                                        | custom-key
89                                      |   Literal value (len = 12)
                                        |     Huffman encoded:
25a8 49e9 5bb8 e8b4 bf                  | %.I.[....
                                        |     Decoded:
                                        | custom-value
                                        | -> custom-key: custom-valu\
                                        |   e]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  54) custom-key: custom-value
[  2] (s =  48) :path: /index.html
[  3] (s =  44) :scheme: https
[  4] (s =  53) cache-control: no-cache
[  5] (s =  57) :authority: www.example.com
[  6] (s =  38) :path: /
[  7] (s =  43) :scheme: http
[  8] (s =  42) :method: GET
      Table size: 379]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:method: GET
:scheme: https
:path: /index.html
:authority: www.example.com
custom-key: custom-value]]></artwork>
            </figure>
        </t>
    </section>

</section>
<section title="Response Examples without Huffman Coding"
    anchor="response.examples.without.huffman.coding">
    <t>
        This section shows several consecutive header sets, corresponding to
        HTTP responses, on the same connection. The HTTP/2 setting
        SETTINGS_HEADER_TABLE_SIZE is set to the value of 256 octets, causing
        some evictions to occur.
    </t>
    <section title="First Response">
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 302
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[4803 3330 3259 0770 7269 7661 7465 631d | H.302Y.privatec.
4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2032 303a 3133 3a32 3120 474d 5471 1768 |  20:13:21 GMTq.h
7474 7073 3a2f 2f77 7777 2e65 7861 6d70 | ttps://www.examp
6c65 2e63 6f6d                          | le.com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[48                                      | == Literal indexed ==
                                        |   Indexed name (idx = 8)
                                        |     :status
03                                      |   Literal value (len = 3)
3330 32                                 | 302
                                        | -> :status: 302
59                                      | == Literal indexed ==
                                        |   Indexed name (idx = 25)
                                        |     cache-control
07                                      |   Literal value (len = 7)
7072 6976 6174 65                       | private
                                        | -> cache-control: private
63                                      | == Literal indexed ==
                                        |   Indexed name (idx = 35)
                                        |     date
1d                                      |   Literal value (len = 29)
4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2032 303a 3133 3a32 3120 474d 54        |  20:13:21 GMT
                                        | -> date: Mon, 21 Oct 2013 \
                                        |   20:13:21 GMT
71                                      | == Literal indexed ==
                                        |   Indexed name (idx = 49)
                                        |     location
17                                      |   Literal value (len = 23)
6874 7470 733a 2f2f 7777 772e 6578 616d | https://www.exam
706c 652e 636f 6d                       | ple.com
                                        | -> location: https://www.e\
                                        |   xample.com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  63) location: https://www.example.com
[  2] (s =  65) date: Mon, 21 Oct 2013 20:13:21 GMT
[  3] (s =  52) cache-control: private
[  4] (s =  42) :status: 302
      Table size: 222]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:status: 302
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Second Response">
        <t>
            The (":status", "302") header field is evicted from the header table
            to free space to allow adding the (":status", "200") header field,
            copied from the static table into the header table. The (":status",
            "302") header field doesn't need to be removed from the reference
            set as it is evicted from the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 200
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] location: https://www.example.com
[  2] date: Mon, 21 Oct 2013 20:13:21 GMT
[  3] cache-control: private
[  4] :status: 302]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8c                                      | .]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[8c                                      | == Indexed - Add ==
                                        |   idx = 12
                                        | - evict: :status: 302
                                        | -> :status: 200]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  42) :status: 200
[  2] (s =  63) location: https://www.example.com
[  3] (s =  65) date: Mon, 21 Oct 2013 20:13:21 GMT
[  4] (s =  52) cache-control: private
      Table size: 222]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:status: 200
location: https://www.example.com
date: Mon, 21 Oct 2013 20:13:21 GMT
cache-control: private]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Third Response">
        <t>
            Several header fields are evicted from the header table during the
            processing of this header set. Before evicting a header belonging to
            the reference set, it is emitted, by coding it twice as an Indexed
            Representation. The first representation removes the header field
            from the reference set, the second one adds it again to the
            reference set, also emitting it.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 200
cache-control: private
date: Mon, 21 Oct 2013 20:13:22 GMT
location: https://www.example.com
content-encoding: gzip
set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] :status: 200
[  2] location: https://www.example.com
[  3] date: Mon, 21 Oct 2013 20:13:21 GMT
[  4] cache-control: private]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8484 431d 4d6f 6e2c 2032 3120 4f63 7420 | ..C.Mon, 21 Oct
3230 3133 2032 303a 3133 3a32 3220 474d | 2013 20:13:22 GM
545e 0467 7a69 7084 8483 837b 3866 6f6f | T^.gzip....{8foo
3d41 5344 4a4b 4851 4b42 5a58 4f51 5745 | =ASDJKHQKBZXOQWE
4f50 4955 4158 5157 454f 4955 3b20 6d61 | OPIUAXQWEOIU; ma
782d 6167 653d 3336 3030 3b20 7665 7273 | x-age=3600; vers
696f 6e3d 31                            | ion=1]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[84                                      | == Indexed - Remove ==
                                        |   idx = 4
                                        | -> cache-control: private
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> cache-control: private
43                                      | == Literal indexed ==
                                        |   Indexed name (idx = 3)
                                        |     date
1d                                      |   Literal value (len = 29)
4d6f 6e2c 2032 3120 4f63 7420 3230 3133 | Mon, 21 Oct 2013
2032 303a 3133 3a32 3220 474d 54        |  20:13:22 GMT
                                        | - evict: cache-control: pr\
                                        |   ivate
                                        | -> date: Mon, 21 Oct 2013 \
                                        |   20:13:22 GMT
5e                                      | == Literal indexed ==
                                        |   Indexed name (idx = 30)
                                        |     content-encoding
04                                      |   Literal value (len = 4)
677a 6970                               | gzip
                                        | - evict: date: Mon, 21 Oct\
                                        |    2013 20:13:21 GMT
                                        | -> content-encoding: gzip
84                                      | == Indexed - Remove ==
                                        |   idx = 4
                                        | -> location: https://www.e\
                                        |   xample.com
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> location: https://www.e\
                                        |   xample.com
83                                      | == Indexed - Remove ==
                                        |   idx = 3
                                        | -> :status: 200
83                                      | == Indexed - Add ==
                                        |   idx = 3
                                        | -> :status: 200
7b                                      | == Literal indexed ==
                                        |   Indexed name (idx = 59)
                                        |     set-cookie
38                                      |   Literal value (len = 56)
666f 6f3d 4153 444a 4b48 514b 425a 584f | foo=ASDJKHQKBZXO
5157 454f 5049 5541 5851 5745 4f49 553b | QWEOPIUAXQWEOIU;
206d 6178 2d61 6765 3d33 3630 303b 2076 |  max-age=3600; v
6572 7369 6f6e 3d31                     | ersion=1
                                        | - evict: location: https:/\
                                        |   /www.example.com
                                        | - evict: :status: 200
                                        | -> set-cookie: foo=ASDJKHQ\
                                        |   KBZXOQWEOPIUAXQWEOIU; ma\
                                        |   x-age=3600; version=1]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\
                 =3600; version=1
[  2] (s =  52) content-encoding: gzip
[  3] (s =  65) date: Mon, 21 Oct 2013 20:13:22 GMT
      Table size: 215]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[cache-control: private
date: Mon, 21 Oct 2013 20:13:22 GMT
content-encoding: gzip
location: https://www.example.com
:status: 200
set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1]]></artwork>
            </figure>
        </t>
    </section>

</section>
<section title="Response Examples with Huffman Coding"
    anchor="response.examples.with.huffman.coding">
    <t>
        This section shows the same examples as the previous section, but using
        Huffman encoding for the literal values. The HTTP/2 setting
        SETTINGS_HEADER_TABLE_SIZE is set to the value of 256 octets, causing
        some evictions to occur. The eviction mechanism uses the length of the
        decoded literal values, so the same evictions occurs as in the previous
        section.
    </t>
    <section title="First Response">
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 302
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            Reference set: empty.
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[4882 6402 5985 aec3 771a 4b63 96d0 7abe | H.d.Y...w.Kc..z.
9410 54d4 44a8 2005 9504 0b81 66e0 82a6 | ..T.D. .....f...
2d1b ff71 919d 29ad 1718 63c7 8f0b 97c8 | -..q..)...c.....
e9ae 82ae 43d3                          | ....C.]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[48                                      | == Literal indexed ==
                                        |   Indexed name (idx = 8)
                                        |     :status
82                                      |   Literal value (len = 3)
                                        |     Huffman encoded:
6402                                    | d.
                                        |     Decoded:
                                        | 302
                                        | -> :status: 302
59                                      | == Literal indexed ==
                                        |   Indexed name (idx = 25)
                                        |     cache-control
85                                      |   Literal value (len = 7)
                                        |     Huffman encoded:
aec3 771a 4b                            | ..w.K
                                        |     Decoded:
                                        | private
                                        | -> cache-control: private
63                                      | == Literal indexed ==
                                        |   Indexed name (idx = 35)
                                        |     date
96                                      |   Literal value (len = 29)
                                        |     Huffman encoded:
d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f
e082 a62d 1bff                          | ...-..
                                        |     Decoded:
                                        | Mon, 21 Oct 2013 20:13:21 \
                                        | GMT
                                        | -> date: Mon, 21 Oct 2013 \
                                        |   20:13:21 GMT
71                                      | == Literal indexed ==
                                        |   Indexed name (idx = 49)
                                        |     location
91                                      |   Literal value (len = 23)
                                        |     Huffman encoded:
9d29 ad17 1863 c78f 0b97 c8e9 ae82 ae43 | .)...c.........C
d3                                      | .
                                        |     Decoded:
                                        | https://www.example.com
                                        | -> location: https://www.e\
                                        |   xample.com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  63) location: https://www.example.com
[  2] (s =  65) date: Mon, 21 Oct 2013 20:13:21 GMT
[  3] (s =  52) cache-control: private
[  4] (s =  42) :status: 302
      Table size: 222]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:status: 302
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Second Response">
        <t>
            The (":status", "302") header field is evicted from the header table
            to free space to allow adding the (":status", "200") header field,
            copied from the static table into the header table. The (":status",
            "302") header field doesn't need to be removed from the reference
            set as it is evicted from the header table.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 200
cache-control: private
date: Mon, 21 Oct 2013 20:13:21 GMT
location: https://www.example.com]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] location: https://www.example.com
[  2] date: Mon, 21 Oct 2013 20:13:21 GMT
[  3] cache-control: private
[  4] :status: 302]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8c                                      | .]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[8c                                      | == Indexed - Add ==
                                        |   idx = 12
                                        | - evict: :status: 302
                                        | -> :status: 200]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  42) :status: 200
[  2] (s =  63) location: https://www.example.com
[  3] (s =  65) date: Mon, 21 Oct 2013 20:13:21 GMT
[  4] (s =  52) cache-control: private
      Table size: 222]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[:status: 200
location: https://www.example.com
date: Mon, 21 Oct 2013 20:13:21 GMT
cache-control: private]]></artwork>
            </figure>
        </t>
    </section>

    <section title="Third Response">
        <t>
            Several header fields are evicted from the header table during the
            processing of this header set. Before evicting a header belonging to
            the reference set, it is emitted, by coding it twice as an Indexed
            Representation. The first representation removes the header field
            from the reference set, the second one adds it again to the
            reference set, also emitting it.
        </t>
        <t>
            <figure>
                <preamble>Header set to encode:</preamble>
                <artwork>
<![CDATA[:status: 200
cache-control: private
date: Mon, 21 Oct 2013 20:13:22 GMT
location: https://www.example.com
content-encoding: gzip
set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Reference set:</preamble>
                <artwork>
<![CDATA[[  1] :status: 200
[  2] location: https://www.example.com
[  3] date: Mon, 21 Oct 2013 20:13:21 GMT
[  4] cache-control: private]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Hex dump of encoded data:</preamble>
                <artwork>
<![CDATA[8484 4396 d07a be94 1054 d444 a820 0595 | ..C..z...T.D. ..
040b 8166 e084 a62d 1bff 5e83 9bd9 ab84 | ...f...-..^.....
8483 837b ad94 e782 1dd7 f2e6 c7b3 35df | ...{..........5.
dfcd 5b39 60d5 af27 087f 3672 c1ab 270f | ..[9`..'..6r..'.
b529 1f95 8731 6065 c003 ed4e e5b1 063d | .)...1`e...N...=
5007                                    | P.]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoding process:</preamble>
                <artwork>
<![CDATA[84                                      | == Indexed - Remove ==
                                        |   idx = 4
                                        | -> cache-control: private
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> cache-control: private
43                                      | == Literal indexed ==
                                        |   Indexed name (idx = 3)
                                        |     date
96                                      |   Literal value (len = 29)
                                        |     Huffman encoded:
d07a be94 1054 d444 a820 0595 040b 8166 | .z...T.D. .....f
e084 a62d 1bff                          | ...-..
                                        |     Decoded:
                                        | Mon, 21 Oct 2013 20:13:22 \
                                        | GMT
                                        | - evict: cache-control: pr\
                                        |   ivate
                                        | -> date: Mon, 21 Oct 2013 \
                                        |   20:13:22 GMT
5e                                      | == Literal indexed ==
                                        |   Indexed name (idx = 30)
                                        |     content-encoding
83                                      |   Literal value (len = 4)
                                        |     Huffman encoded:
9bd9 ab                                 | ...
                                        |     Decoded:
                                        | gzip
                                        | - evict: date: Mon, 21 Oct\
                                        |    2013 20:13:21 GMT
                                        | -> content-encoding: gzip
84                                      | == Indexed - Remove ==
                                        |   idx = 4
                                        | -> location: https://www.e\
                                        |   xample.com
84                                      | == Indexed - Add ==
                                        |   idx = 4
                                        | -> location: https://www.e\
                                        |   xample.com
83                                      | == Indexed - Remove ==
                                        |   idx = 3
                                        | -> :status: 200
83                                      | == Indexed - Add ==
                                        |   idx = 3
                                        | -> :status: 200
7b                                      | == Literal indexed ==
                                        |   Indexed name (idx = 59)
                                        |     set-cookie
ad                                      |   Literal value (len = 56)
                                        |     Huffman encoded:
94e7 821d d7f2 e6c7 b335 dfdf cd5b 3960 | .........5...[9`
d5af 2708 7f36 72c1 ab27 0fb5 291f 9587 | ..'..6r..'..)...
3160 65c0 03ed 4ee5 b106 3d50 07        | 1`e...N...=P.
                                        |     Decoded:
                                        | foo=ASDJKHQKBZXOQWEOPIUAXQ\
                                        | WEOIU; max-age=3600; versi\
                                        | on=1
                                        | - evict: location: https:/\
                                        |   /www.example.com
                                        | - evict: :status: 200
                                        | -> set-cookie: foo=ASDJKHQ\
                                        |   KBZXOQWEOPIUAXQWEOIU; ma\
                                        |   x-age=3600; version=1]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Header Table (after decoding):</preamble>
                <artwork>
<![CDATA[[  1] (s =  98) set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age\
                 =3600; version=1
[  2] (s =  52) content-encoding: gzip
[  3] (s =  65) date: Mon, 21 Oct 2013 20:13:22 GMT
      Table size: 215]]></artwork>
            </figure>
        </t>
        <t>
            <figure>
                <preamble>Decoded header set:</preamble>
                <artwork>
<![CDATA[cache-control: private
date: Mon, 21 Oct 2013 20:13:22 GMT
content-encoding: gzip
location: https://www.example.com
:status: 200
set-cookie: foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1]]></artwork>
            </figure>
        </t>
    </section>

</section>
<!-- example-end -->
        </section>
    </back>
</rfc>
<!--
  vim:et:tw=78:sw=4:
 -->

PAFTECH AB 2003-20262026-04-23 04:27:38