🔗 Standards Compliance in Squid
Synopsis
Squid behaviour is governed by a great many International standards and requirements. Below is a list of the standards to which Squid is expected to obey and an indication of whether we believe it does.
:inforrmation_source: This list was updated 2022-06-09. Details are believed to be accurate for the current release 5.6 or later.
this list is known to be incomplete. If you are aware of anything important which has been omitted please report it as a website bug.
🔗 Formal Certifications
At this point there are none on record. We are looking for information and possibly sponsorship to obtain any certifications which are required for use in your network.
🔗 IEFT RFC standards
| RFC | Name | Status | Â |
|---|---|---|---|
|
rfc 959 (IEN 149) |
FILE TRANSFER PROTOCOL (FTP) |  |
 |
| rfc 1035 | DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION | |
client only |
| rfc 1157 | A Simple Network Management Protocol (SNMP) | Â |
version 2c |
| rfc 1413 | Identification Protocol (IDENT) | |
note bug Bug:2853 |
| rfc 1436 | The Internet Gopher Protocol«BR»(a distributed document search and retrieval protocol) | |
client and gateway to HTTP |
| rfc 1902 | Structure of Management Information«BR»for Version 2 of the«BR»Simple Network Management Protocol (SNMPv2) |  |  |
| rfc 1905 | Protocol Operations«BR»for Version 2 of the«BR»Simple Network Management Protocol (SNMPv2) |  |  |
| rfc 1945 | Hypertext Transfer Protocol – HTTP/1.0 | |
 |
| rfc 2169 | A Trivial Convention for using HTTP in URN Resolution | |
 |
| rfc 2181 | Clarifications to the DNS Specification | |
 |
| rfc 2186 | Internet Cache Protocol (ICP), version 2 | |
 |
| rfc 2187 | Application of Internet Cache Protocol (ICP), version 2 | |
 |
| rfc 2227 | Simple Hit-Metering and Usage-Limiting for HTTP | Â | Â |
| rfc 2295 | Transparent Content Negotiation in HTTP | Â | Â |
| rfc 2296 | HTTP Remote Variant Selection Algorithm – RVSA/1.0 |  |
 |
| rfc 2310 | The Safe Response Header Field | |
Specifications for this feature are deprecated. |
| rfc 2428 | FTP Extensions for IPv6 and NATs | |
since Squid 3.1 |
| rfc 2518 | HTTP Extensions for Distributed Authoring – WEBDAV | |
since Squid 3.1 |
| rfc 2722 | Traffic Flow Measurement: Architecture | |
 |
| rfc 2756 | Hyper Text Caching Protocol (HTCP/0.0) | |
 |
| rfc 2774 | An HTTP Extension Framework | |
 |
| rfc 2817 | Upgrading to TLS Within HTTP/1.1 | |
 |
| rfc 2964 | Use of HTTP State Management | Â | Â |
| rfc 2965 | HTTP State Management Mechanism | Â | Â |
| rfc 3225 | Indicating Resolver Support of DNSSEC | |
no-support conditional compliance. |
| rfc 3226 | DNSSEC and IPv6 A6 aware server/resolver message size requirements | Â | Â |
| rfc 3253 | Versioning Extensions to WebDAV«BR»(Web Distributed Authoring and Versioning) | |
since Squid 3.1 |
| rfc 3310 | Hypertext Transfer Protocol (HTTP) Digest Authentication«BR»Using Authentication and Key Agreement (AKA) |  |  |
| rfc 3493 | Basic Socket Interface Extensions for IPv6 | |
 |
| rfc 3507 | Internet Content Adaptation Protocol (ICAP) | Â | client only, PRECACHE vectors only |
| rfc 3596 | DNS Extensions to Support IP Version 6 | |
 |
| rfc 3744 | Web Distributed Authoring and Versioning (WebDAV) >Access Control Protocol |
|
since Squid 3.1 |
| rfc 3875 | The Common Gateway Interface (CGI) Version 1.1 | |
cachemgr.cgi |
| rfc 3986 | Uniform Resource Identifier (URI): Generic Syntax |  |
since Squid-4.12. still uses rc1738 encoder on some URI segments and helper protocol. Merge Request SquidPr:335 |
| rfc 4001 | Textual Conventions for Internet Network Addresses | |
 |
| rfc 4266 | The gopher URI Scheme | |
Removed in Squid-6 |
| rfc 4288 | The telnet URI Scheme | |
 |
| rfc 4291 | IP Version 6 Addressing Architecture | |
 |
| rfc 4559 | SPNEGO-based Kerberos and NTLM HTTP Authentication«BR»in Microsoft Windows |  |  |
| rfc 4918 | HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV) | Â | Â |
| rfc 6266 | Use of the Content-Disposition Header Field in the«BR»Hypertext Transfer Protocol (HTTP) | |
 |
| rfc 6540 «BR»(BCP 177) | IPv6 Support Required for All IP-Capable Nodes | |
 |
| rfc 6570 | URI Template | |
 |
| rfc 6585 | Additional HTTP Status Codes | |
 |
| rfc 6762 | Multicast DNS | |
client only |
| rfc 6750 | The OAuth 2.0 Authorization Framework: Bearer Token Usage | |
Merge Request SquidPr:30 |
| rfc 6874 | Representing IPv6 Zone Identifiers in«BR»Address Literals and Uniform Resource Identifiers | |
 |
| rfc 7236 | Initial Hypertext Transfer Protocol (HTTP)«BR»Authentication Scheme Registrations | almost | missing support for Bearer and OAuth schemes |
| rfc 7237 | Initial Hypertext Transfer Protocol (HTTP) Method Registrations | |
 |
| rfc 7239 | Forwarded HTTP Extension | |
Merges Request SquidPr:55 |
| rfc 7240 | Prefer HTTP Extension | |
conditional; proxy MUST relay unless listed in Connection header. |
| rfc 7486 | HTTP Origin-Bound Authentication (HOBA) | |
 |
| rfc 7541 | HPACK: Header Compression for HTTP/2 | |
see Features/HTTP2 and Merge Request SquidPr:893 |
| rfc 7595 | Guidelines and Registration Procedures for URI Schemes | |
Missing prohibition of example: URI scheme |
| rfc 7616 | HTTP Digest Access Authentication | |
Missing support for several Digest features |
| rfc 7617 | The ‘Basic’ HTTP Authentication Scheme | |
missing new charset support. |
| rfc 7639 | The ALPN HTTP Header Field | |
 |
| rfc 7725 | An HTTP Status Code to Report Legal Obstacles | |
 |
| rfc 7838 | HTTP Alternative Services | |
 |
| rfc 7858 | Specification for DNS over Transport Layer Security (TLS) | |
 |
| rfc 8120 | Mutual Authentication Protocol for HTTP | |
 |
| rfc 8164 | Opportunistic Security for HTTP/2 | |
 |
| rfc 8187 | Indicating Character Encoding and Language for HTTP Header Field Parameters | |
 |
| rfc 8188 | Encrypted Content-Encoding for HTTP | |
 |
| rfc 8246 | HTTP Immutable Responses | |
partial. see bug Bug:4774 |
| rfc 8297 | An HTTP Status Code for Indicating Hints | |
 |
| rfc 8336 | The ORIGIN HTTP/2 Frame | |
 |
| rfc 8441 | Bootstrapping !WebSockets with HTTP/2 | |
 |
| rfc 8470 | Using Early Data in HTTP | |
Merge Request SquidPr:873 |
| rfc 8586 | Loop Detection in Content Delivery Networks (CDNs) | |
from Squid-5. |
| rfc 8615 | Well-Known Uniform Resource Identifiers (URIs) | |
 |
| rfc 8673 | HTTP Random Access and Live Content | |
 |
| rfc 8942 | HTTP Client Hints | |
 |
| rfc 8999 | Version-Independent Properties of QUIC | |
Merge Request SquidPr:919 |
| rfc 9000 | QUIC: A UDP-Based Multiplexed and Secure Transport | |
Merge Request SquidPr:919 |
| rfc 9001 | Using TLS to Secure QUIC | |
 |
| rfc 9002 | QUIC Loss Detection and Congestion Control | |
 |
| rfc 9110 «BR»(STD 97) | HTTP Semantics | |
some conditional features, see Features/HTTP11 |
| rfc 9111 «BR»(STD 98) | HTTP Caching | |
conditional, see Features/HTTP11 |
| rfc 9112 «BR»(STD 99) | HTTP/1.1 | almost | see Features/HTTP11 |
| rfc 9113 | HTTP/2 | |
HTTP/1.x relay and no-support conditional compliance. see Features/HTTP2 and Merge Request SquidPr:893 |
| rfc 9114 | HTTP/3 | |
 |
| rfc 9163 | Expect-CT Extension for HTTP | |
 |
| rfc 9205 «BR»(BCP 56) | Building Protocols with HTTP |  |  |
| rfc 9209 | The Proxy-Status HTTP Response Header Field | |
Squid-4 |
| rfc 9211 | The Cache-Status HTTP Response Header Field | |
conditional |
| rfc 9213 | Targeted HTTP Cache Control | |
 |
| rfc 9218 | Extensible Prioritization Scheme for HTTP | |
 |
| rfc 9220 | Bootstrapping !WebSockets with HTTP/3 | |
 |
| rfc 9230 | Oblivious DNS over HTTPS | |
HTTPS relay only |
| rfc 9292 | Binary Representation of HTTP Messages | |
 |
| rfc 9421 | HTTP Message Signatures | |
 |
| rfc 9530 | Digest Fields | |
 |
| rfc 9532 | HTTP Proxy-Status Parameter for Next-Hop Aliases | |
 |
| rfc 9651 | Structured Field Values for HTTP | |
 |
🔗 IETF Drafts
| wccp v1 | WCCP 1.0 | |
| wccp v2 | WCCP 2.0 | almost |
| wccp v2 r1 | WCCP 2.0 rev 1 | partial |
| CARP | Microsoft CARP peering algorithm | Â |
| draft-ietf-radext-digest-auth | RADIUS Extension for Digest Authentication | Â |
🔗 ISO standards
| ISO-8859-1 | Latin alphabet No. 1 | |
🔗 Non-standard Protocols
| PROXY | The PROXY protocol, Versions 1 & 2 | |