RFC 9931 - Security Considerations for Optimistic Protocol Transitions in HTTP/1.1
- Status: Proposed Standard
- Published: March 2026
- Stream: IETF
- Updates: RFC 9112, RFC 9298
- Errata: No Errata
Abstract
In HTTP/1.1, a client can request a transition to a new protocol on the existing connection. This document discusses the security considerations that apply to data sent by the client before that request is confirmed, and it adds new requirements to RFC 9112 and RFC 9298 to avoid related security issues.
Related Resources
- Official Text: RFC 9931
- Official Page: RFC 9931 DataTracker
- Errata: RFC Editor Errata