I like the general idea.  However, it might be better to use a record type for the request and response, putting the mandatory information, e.g. the request URL, HTTP version, and verb, in the record's slots, and putting everything else in a dictionary slot.  Also, almost everything you mentioned that isn't mandatory is in the headers, so perhaps just keep a dictionary of headers and provide procedures for extracting information like content type, cookies, parameters, etc. from the headers and URL.  This is what I did in my Scheme web server.

Reifying the response seems like a good idea.  I haven't done that, but it would facilitate chaining handlers, e.g. to add authentication, compression, or logging.  I would use the same approach there, i.e. use a record type, store mandatory fields and perhaps a few optional ones in slots, and putting the rest in a dictionary slot.

 I like the conditions.  It's great to nail those down right away.