HTTP K. Vijayvargiya Internet-Draft Individual Contributor Intended status: Standards Track 1 May 2026 Expires: 2 November 2026 The HTTP FETCH-ONCE Method draft-vijayvargiya-http-fetch-once-00 Abstract This document defines the HTTP FETCH-ONCE method. It allows a client to retrieve a resource and ensures that the resource is immediately deleted or invalidated after retrieval. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 2 November 2026. Copyright Notice Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Vijayvargiya Expires 2 November 2026 [Page 1] Internet-Draft FETCH-ONCE May 2026 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Method Definition . . . . . . . . . . . . . . . . . . . . . . 2 3. Security Considerations . . . . . . . . . . . . . . . . . . . 2 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 2 5. Normative References . . . . . . . . . . . . . . . . . . . . 2 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction Applications often require one-time access to sensitive data such as tokens or temporary links. Existing HTTP methods require multiple requests. FETCH-ONCE provides a single atomic operation that retrieves and invalidates a resource in one step. 2. Method Definition The FETCH-ONCE method retrieves the target resource and then deletes or invalidates it immediately after access. The server MUST ensure that the operation is atomic so that only one client can successfully retrieve any given resource. 3. Security Considerations Servers MUST ensure atomic behavior to prevent multiple retrievals. Implementations should consider race conditions and ensure that concurrent FETCH-ONCE requests for the same resource result in only one successful retrieval. 4. IANA Considerations This document requests that IANA register the FETCH-ONCE method in the "HTTP Method Registry" maintained at . 5. Normative References [RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, Ed., "HTTP Semantics", STD 97, RFC 9110, DOI 10.17487/RFC9110, June 2022, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Vijayvargiya Expires 2 November 2026 [Page 2] Internet-Draft FETCH-ONCE May 2026 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . Author's Address Ketan Vijayvargiya Individual Contributor Email: Ketan.vijay1818@gmail.com Vijayvargiya Expires 2 November 2026 [Page 3]