4. Security Considerations (安全考虑)

Since transmitting HTTP Datagrams using QUIC DATAGRAM frames requires sending the HTTP/3 SETTINGS_H3_DATAGRAM setting, it "sticks out". In other words, probing clients can learn whether a server supports HTTP Datagrams over QUIC DATAGRAM frames. As some servers might wish to obfuscate the fact that they offer application services that use HTTP Datagrams, it's best for all implementations that support this feature to always send this setting; see Section 2.1.1.

由于使用 QUIC DATAGRAM frames (QUIC DATAGRAM 帧) 传输 HTTP Datagrams 需要发送 HTTP/3 SETTINGS_H3_DATAGRAM 设置, 它会 "stick out" (脱颖而出)。换句话说, 探测客户端可以了解服务器是否支持通过 QUIC DATAGRAM frames 传输 HTTP Datagrams。由于某些服务器可能希望混淆它们提供使用 HTTP Datagrams 的应用程序服务这一事实, 因此支持此功能的所有实现最好始终发送此设置; 请参阅第 2.1.1 节。

Since use of the Capsule Protocol is restricted to new HTTP upgrade tokens, it is not directly accessible from Web Platform APIs (such as those commonly accessed via JavaScript in web browsers).

由于 Capsule Protocol (封装协议) 的使用仅限于新的 HTTP upgrade tokens (HTTP 升级令牌), 因此无法从 Web Platform APIs (Web 平台 APIs) 直接访问它 (例如通常通过 web browsers (Web 浏览器) 中的 JavaScript 访问的那些 APIs)。

Definitions of new HTTP upgrade tokens that use the Capsule Protocol need to include a security analysis that considers the impact of HTTP Datagrams and Capsules in the context of their protocol.

使用 Capsule Protocol 的新 HTTP upgrade tokens 的定义需要包含安全性分析, 该分析考虑 HTTP Datagrams 和 Capsules 在其协议上下文中的影响。

---