Error space

draft-ietf-quic-http.md

@@ -363,6 +363,9 @@ Padding MUST NOT be used.  The flags defined are:
   Reserved (0x20):
   : Reserved for HTTP/2 compatibility.
 
+A HEADERS frame with the Reserved bits set MUST be treated as a connection error
+of type HTTP_MALFORMED_HEADERS.
+
 ~~~~~~~~~~
     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
@@ -381,9 +384,9 @@ The HEADERS frame payload has the following fields:
 
 The next frame on the same stream after a HEADERS frame without the EHB flag set 
 MUST be another HEADERS frame. A receiver MUST treat the receipt of any other 
-type of frame as a stream error. (Note that QUIC can intersperse data from other 
-streams between frames, or even during transmission of frames, so multiplexing 
-is not blocked by this requirement.) 
+type of frame as a stream error of type HTTP_INTERRUPTED_HEADERS. (Note that
+QUIC can intersperse data from other streams between frames, or even during
+transmission of frames, so multiplexing is not blocked by this requirement.) 
 
 A full header block is contained in a sequence of zero or more HEADERS frames 
 without EHB set, followed by a HEADERS frame with EHB set. 
@@ -435,6 +438,10 @@ The HEADERS frame payload has the following fields:
   stream (see {{!RFC7540}} Section 5.3). Add one to the value to obtain a 
   weight between 1 and 256.
 
+A PRIORITY frame MUST have a payload length of nine octets.  A PRIORITY frame
+of any other length MUST be treated as a connection error of type
+HTTP_MALFORMED_PRIORITY.
+
 ### RST_STREAM
 
 RST_STREAM frames do not exist, since QUIC provides stream lifecycle management.
@@ -505,11 +512,12 @@ it does not understand.
 SETTINGS frames always apply to a connection, never a single stream, and MUST 
 only be sent on the connection control stream (Stream 3). If an endpoint 
 receives an SETTINGS frame whose stream identifier field is anything other than 
-0x0, the endpoint MUST respond with a connection error. 
+0x0, the endpoint MUST respond with a connection error of type
+HTTP_SETTINGS_ON_WRONG_STREAM.
 
 The SETTINGS frame affects connection state. A badly formed or incomplete 
 SETTINGS frame MUST be treated as a connection error (Section 5.4.1) of type 
-PROTOCOL_ERROR.
+HTTP_MALFORMED_SETTINGS.
 
 #### Integer encoding
 
@@ -585,7 +593,7 @@ of that stream.
 
 If the sender of a SETTINGS frame with the REQUEST_ACK flag set does not 
 receive full acknowledgement within a reasonable amount of time, it MAY issue a 
-connection error ([RFC7540] Section 5.4.1) of type SETTINGS_TIMEOUT.  A full
+connection error ({{errors}}) of type HTTP_SETTINGS_TIMEOUT.  A full
 acknowledgement has occurred when:
 
  - All previous SETTINGS frames have been fully acknowledged,
@@ -631,6 +639,7 @@ TODOs:
    field in this case. 
  - No CONTINUATION -- HEADERS have EHB; do we need it here?
 
+
 ### PING
 
 PING frames do not exist, since QUIC provides equivalent functionality. Frame 
@@ -690,55 +699,132 @@ following payload:
 
 On message control streams, the SETTINGS_ACK frame carries no payload, and is
 strictly a synchronization marker for settings application.  See
-{{settings-synchronization}} for more detail.
+{{settings-synchronization}} for more detail.  A SETTINGS_ACK frame with a
+non-zero length MUST be treated as a connection error of type
+HTTP_MALFORMED_SETTINGS_ACK.
+
+On the connection control stream, the SETTINGS_ACK frame MUST have a length 
+which is a multiple of two octets. A SETTINGS_ACK frame of any other length MUST 
+be treated as a connection error of type HTTP_MALFORMED_SETTINGS_ACK. 
+
 
 # Error Handling {#errors}
 
+This section describes the specific error codes defined by HTTP and the mapping
+of HTTP/2 error codes into the QUIC error code space.
+
+## HTTP-Defined QUIC Error Codes {#http-error-codes}
+
+QUIC allocates error codes 0xB000-0xFFFF to application protocol definition.
+The following error codes are defined by HTTP for use in QUIC RST_STREAM,
+GOAWAY, and CONNECTION_CLOSE frames.
+
+HTTP_SETTINGS_TIMEOUT (0xB000):
+: After sending a SETTINGS frame which requested acknowledgement, the
+  acknowledgement was not completed (see {{settings-synchronization}}) in a
+  timely manner.
+
+HTTP_PUSH_REFUSED (0xB001):
+: The server has attempted to push content which the client will not accept
+  on this connection.
+
+HTTP_INTERNAL_ERROR (0xB002):
+: An internal error has occurred in the HTTP stack.
+
+HTTP_PUSH_ALREADY_IN_CACHE (0xB003):
+: The server has attempted to push content which the client has cached.
+
+HTTP_REQUEST_CANCELLED (0xB004):
+: The client no longer needs the requested data.
+
+HTTP_HPACK_DECOMPRESSION_FAILED (0xB005):
+: HPACK failed to decompress a frame and cannot continue.
+
+HTTP_CONNECT_ERROR (0xB006):
+: The connection established in response to a CONNECT request was reset or
+  abnormally closed.
+
+HTTP_EXCESSIVE_LOAD (0xB007):
+: The endpoint detected that its peer is exhibiting a behavior that might be
+  generating excessive load.
+
+HTTP_VERSION_FALLBACK (0xB008):
+: The requested operation cannot be served over HTTP/QUIC.  The peer should
+  retry over HTTP/2.
+
+HTTP_MALFORMED_HEADERS (0xB009):
+: A HEADERS frame has been received with an invalid format.
+
+HTTP_MALFORMED_PRIORITY (0xB00A):
+: A HEADERS frame has been received with an invalid format.
+
+HTTP_MALFORMED_SETTINGS (0xB00B):
+: A HEADERS frame has been received with an invalid format.
+
+HTTP_MALFORMED_PUSH_PROMISE (0xB00C):
+: A HEADERS frame has been received with an invalid format.
+
+HTTP_MALFORMED_SETTINGS_ACK (0xB00D):
+: A HEADERS frame has been received with an invalid format.
+
+HTTP_INTERRUPTED_HEADERS (0xB00E):
+: A HEADERS frame without the End Header Block flag was followed by a frame
+  other than HEADERS.
+
+HTTP_SETTINGS_ON_WRONG_STREAM (0xB00F):
+: A SETTINGS frame was received on a request control stream.
+
+## Mapping HTTP/2 Error Codes
+
 The HTTP/2 error codes defined in Section 7 of {{!RFC7540}} map to QUIC error
 codes as follows:
 
 NO_ERROR (0x0):
-: Maps to QUIC_NO_ERROR
+: QUIC_NO_ERROR
 
 PROTOCOL_ERROR (0x1):
-: No single mapping?
+: No single mapping.  See new HTTP_MALFORMED_* error codes defined in
+  {{http-error-codes}}.
 
 INTERNAL_ERROR (0x2)
-: QUIC_INTERNAL_ERROR? (not currently defined in core protocol spec)
+: HTTP_INTERNAL_ERROR in {{http-error-codes}}.
 
 FLOW_CONTROL_ERROR (0x3):
-: QUIC_FLOW_CONTROL_RECEIVED_TOO_MUCH_DATA? (not currently defined in core
-  protocol spec)
+: Not applicable, since QUIC handles flow control.  Would provoke a
+  QUIC_FLOW_CONTROL_RECEIVED_TOO_MUCH_DATA from the QUIC layer.
 
 SETTINGS_TIMEOUT (0x4):
-: (depends on whether we support SETTINGS acks)
+: HTTP_SETTINGS_TIMEOUT in {{http-error-codes}}.
 
 STREAM_CLOSED (0x5):
-: QUIC_STREAM_DATA_AFTER_TERMINATION
+: Not applicable, since QUIC handles stream management.  Would provoke a
+  QUIC_STREAM_DATA_AFTER_TERMINATION from the QUIC layer.
 
 FRAME_SIZE_ERROR (0x6)
-: QUIC_INVALID_FRAME_DATA
+: No single mapping.  See new error codes defined in {{http-error-codes}}.
 
 REFUSED_STREAM (0x7):
-: ?
+: Not applicable, since QUIC handles stream management.  Would provoke a
+  QUIC_TOO_MANY_OPEN_STREAMS from the QUIC layer.
 
 CANCEL (0x8):
-: ?
+: HTTP_REQUEST_CANCELLED in {{http-error-codes}}.
 
 COMPRESSION_ERROR (0x9):
-: QUIC_DECOMPRESSION_FAILURE (not currently defined in core spec)
+: HTTP_HPACK_DECOMPRESSION_FAILEDin {{http-error-codes}}.
 
 CONNECT_ERROR (0xa):
-: ? (depends whether we decide to support CONNECT)
+: HTTP_CONNECT_ERROR in {{http-error-codes}}.
 
 ENHANCE_YOUR_CALM (0xb):
-: ?
+: HTTP_EXCESSIVE_LOAD in {{http-error-codes}}.
 
 INADEQUATE_SECURITY (0xc):
-: QUIC_HANDSHAKE_FAILED, QUIC_CRYPTO_NO_SUPPORT
+: Not applicable, since QUIC is assumed to provide sufficient security on all
+  connections.
 
 HTTP_1_1_REQUIRED (0xd):
-: ?
+: HTTP_VERSION_FALLBACK in {{http-error-codes}}.
 
 TODO: fill in missing error code mappings.
 

draft-ietf-quic-tls.md

@@ -1229,6 +1229,94 @@ SHOULD track redundant packets and treat excessive volumes of any non-productive
 packets as indicative of an attack.
 
 
+# Error codes {#errors}
+
+The portion of the QUIC error code space allocated for the crypto handshake is
+0x4000-0x7FFF.  The following error codes are defined when TLS is used for the
+crypto handshake:
+
+TLS_HANDSHAKE_FAILED (0x401c):
+: Crypto errors. Handshake failed.
+
+TLS_MESSAGE_OUT_OF_ORDER (0x401d):
+: Handshake message received out of order.
+
+TLS_TOO_MANY_ENTRIES (0x401e):
+: Handshake message contained too many entries.
+
+TLS_INVALID_VALUE_LENGTH (0x401f):
+: Handshake message contained an invalid value length.
+
+TLS_MESSAGE_AFTER_HANDSHAKE_COMPLETE (0x4020):
+: A handshake message was received after the handshake was complete.
+
+TLS_INVALID_RECORD_TYPE (0x4021):
+: A handshake message was received with an illegal record type.
+
+TLS_INVALID_PARAMETER (0x4022):
+: A handshake message was received with an illegal parameter.
+
+TLS_INVALID_CHANNEL_ID_SIGNATURE (0x4034):
+: An invalid channel id signature was supplied.
+
+TLS_MESSAGE_PARAMETER_NOT_FOUND (0x4023):
+: A handshake message was received with a mandatory parameter missing.
+
+TLS_MESSAGE_PARAMETER_NO_OVERLAP (0x4024):
+: A handshake message was received with a parameter that has no overlap with the 
+  local parameter. 
+
+TLS_MESSAGE_INDEX_NOT_FOUND (0x4025):
+: A handshake message was received that contained a parameter with too few values.
+
+TLS_UNSUPPORTED_PROOF_DEMAND (0x405e):
+: A demand for an unsupported proof type was received.
+
+TLS_INTERNAL_ERROR (0x4026):
+: An internal error occured in handshake processing.
+
+TLS_VERSION_NOT_SUPPORTED (0x4027):
+: A handshake handshake message specified an unsupported version.
+
+TLS_HANDSHAKE_STATELESS_REJECT (0x4048):
+: A handshake handshake message resulted in a stateless reject.
+
+TLS_NO_SUPPORT (0x4028):
+: There was no intersection between the crypto primitives supported by the peer 
+  and ourselves. 
+
+TLS_TOO_MANY_REJECTS (0x4029):
+: The server rejected our client hello messages too many times.
+
+TLS_PROOF_INVALID (0x402a):
+: The client rejected the server's certificate chain or signature.
+
+TLS_DUPLICATE_TAG (0x402b):
+: A handshake message was received with a duplicate tag.
+
+TLS_ENCRYPTION_LEVEL_INCORRECT (0x402c):
+: A handshake message was received with the wrong encryption level (i.e. it
+  should have been encrypted but was not.)
+
+TLS_SERVER_CONFIG_EXPIRED (0x402d):
+: The server config for a server has expired.
+
+TLS_SYMMETRIC_KEY_SETUP_FAILED (0x4035):
+: We failed to set up the symmetric keys for a connection.
+
+TLS_MESSAGE_WHILE_VALIDATING_CLIENT_HELLO (0x4036):
+: A handshake message arrived, but we are still validating the previous 
+  handshake message. 
+
+TLS_UPDATE_BEFORE_HANDSHAKE_COMPLETE (0x4041):
+: A server config update arrived before the handshake is complete.
+
+TLS_CLIENT_HELLO_TOO_LARGE (0x405a):
+: ClientHello cannot fit in one packet.
+
+
+
+
 # IANA Considerations
 
 This document has no IANA actions.  Yet.