The relevant BNF from RFC7230 is:
field-name = token
token = 1*tchar
tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" /
"." / "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
The character set is visible USASCII.
RFC 7230 is more recent than your question, but in the relevant particulars, it does not change what was formerly said by RFC 2616.
There’s a very strong convention for field names which is much more restrictive than what the RFC allows, and this is enforced to various degrees in various implementations. Field Names usually follow a pattern of a sequence of [ASCII / NUMERAL] words with the first letter (only) of each word being capitalised. The words are separated with a single hyphen.
So, for example “HttpUrlConnection” was supposed to be an HTTP Header name (rather than a java token), you’d call it ‘Http-Url-Connection’.
I dimly remember once tracking a bug down to some implementation being strict enough not to admit multiple capitals in one word (which happened to be an acronym). I.e. it pays to follow this more restricted format very strictly.
-
Non ASCII character sets play no part in field-names, though they may be used in field values.
-
Escaping in field names is not supported by the standard. Escaping of values is not hte concern of the HTTP or MIME standards, but you could choose to reuse the standard URL encoding method for encoding a set of name value pairs.