| draft-ietf-httpbis-digest-headers-10.txt | draft-ietf-httpbis-digest-headers-latest.txt | |||
|---|---|---|---|---|
| HTTP Working Group R. Polli | HTTP Working Group R. Polli | |||
| Internet-Draft Team Digitale, Italian Government | Internet-Draft Team Digitale, Italian Government | |||
| Obsoletes: 3230 (if approved) L. Pardue | Obsoletes: 3230 (if approved) L. Pardue | |||
| Intended status: Standards Track Cloudflare | Intended status: Standards Track Cloudflare | |||
| Expires: December 21, 2022 June 19, 2022 | Expires: December 24, 2022 June 22, 2022 | |||
| Digest Fields | Digest Fields | |||
| draft-ietf-httpbis-digest-headers-10 | draft-ietf-httpbis-digest-headers-latest | |||
| Abstract | Abstract | |||
| This document defines HTTP fields that support integrity digests. | This document defines HTTP fields that support integrity digests. | |||
| The Content-Digest field can be used for the integrity of HTTP | The Content-Digest field can be used for the integrity of HTTP | |||
| message content. The Repr-Digest field can be used for the integrity | message content. The Repr-Digest field can be used for the integrity | |||
| of HTTP representations. Want-Content-Digest and Want-Repr-Digest | of HTTP representations. Want-Content-Digest and Want-Repr-Digest | |||
| can be used to indicate a sender's interest and preferences for | can be used to indicate a sender's interest and preferences for | |||
| receiving the respective Integrity fields. | receiving the respective Integrity fields. | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 21, 2022. | This Internet-Draft will expire on December 24, 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 26 ¶ | skipping to change at page 3, line 26 ¶ | |||
| B.7. POST Response does not Reference the Request URI . . . . 25 | B.7. POST Response does not Reference the Request URI . . . . 25 | |||
| B.8. POST Response Describes the Request Status . . . . . . . 26 | B.8. POST Response Describes the Request Status . . . . . . . 26 | |||
| B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27 | B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27 | |||
| B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28 | B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28 | |||
| B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29 | B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29 | |||
| Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29 | Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29 | |||
| C.1. Server Selects Client's Least Preferred Algorithm . . . . 30 | C.1. Server Selects Client's Least Preferred Algorithm . . . . 30 | |||
| C.2. Server Selects Algorithm Unsupported by Client . . . . . 30 | C.2. Server Selects Algorithm Unsupported by Client . . . . . 30 | |||
| C.3. Server Does Not Support Client Algorithm and Returns an | C.3. Server Does Not Support Client Algorithm and Returns an | |||
| Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31 | Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31 | |||
| Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 31 | Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 32 | |||
| Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 | Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 | Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34 | G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34 | |||
| G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34 | G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34 | |||
| G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34 | G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34 | |||
| G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34 | G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34 | |||
| G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34 | G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34 | |||
| G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35 | G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35 | |||
| G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35 | G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35 | |||
| G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35 | G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35 | |||
| G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35 | G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| skipping to change at page 5, line 6 ¶ | skipping to change at page 5, line 6 ¶ | |||
| 1.2. Concept Overview | 1.2. Concept Overview | |||
| The HTTP fields defined in this document can be used for HTTP | The HTTP fields defined in this document can be used for HTTP | |||
| integrity. Senders choose a hashing algorithm and calculate a digest | integrity. Senders choose a hashing algorithm and calculate a digest | |||
| from an input related to the HTTP message, the algorithm identifier | from an input related to the HTTP message, the algorithm identifier | |||
| and digest are transmitted in an HTTP field. Receivers can validate | and digest are transmitted in an HTTP field. Receivers can validate | |||
| the digest for integrity purposes. Hashing algorithms are registered | the digest for integrity purposes. Hashing algorithms are registered | |||
| in the "Hash Algorithms for HTTP Digest Fields" (see Section 5). | in the "Hash Algorithms for HTTP Digest Fields" (see Section 5). | |||
| Selecting the data on which digests are calculated depends on the use | Selecting the data on which digests are calculated depends on the use | |||
| case of HTTP messages. This document provides different headers for | case of HTTP messages. This document provides different fields for | |||
| HTTP representation data and HTTP content. | HTTP representation data and HTTP content. | |||
| There are use-cases where a simple digest of the HTTP content bytes | There are use-cases where a simple digest of the HTTP content bytes | |||
| is required. The "Content-Digest" request and response header and | is required. The "Content-Digest" request and response header and | |||
| trailer field is defined to support digests of content (Section 3.2 | trailer field is defined to support digests of content (Section 6.4 | |||
| of [HTTP]); see Section 2. | of [HTTP]); see Section 2. | |||
| For more advanced use-cases, the "Repr-Digest" request and response | For more advanced use-cases, the "Repr-Digest" request and response | |||
| header and trailer field (Section 3) is defined. It contains a | header and trailer field (Section 3) is defined. It contains a | |||
| digest value computed by applying a hashing algorithm to selected | digest value computed by applying a hashing algorithm to selected | |||
| representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on | representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on | |||
| the selected representation makes it straightforward to apply it to | the selected representation makes it straightforward to apply it to | |||
| use-cases where the message content requires some sort of | use-cases where the message content requires some sort of | |||
| manipulation to be considered as representation of the resource or | manipulation to be considered as representation of the resource or | |||
| content conveys a partial representation of a resource, such as Range | content conveys a partial representation of a resource, such as Range | |||
| Requests (see Section 14.2 of [HTTP]). | Requests (see Section 14 of [HTTP]). | |||
| "Content-Digest" and "Repr-Digest" support hashing algorithm agility. | "Content-Digest" and "Repr-Digest" support hashing algorithm agility. | |||
| The "Want-Content-Digest" and "Want-Repr-Digest" fields allow | The "Want-Content-Digest" and "Want-Repr-Digest" fields allow | |||
| endpoints to express interest in "Content-Digest" and "Repr-Digest" | endpoints to express interest in "Content-Digest" and "Repr-Digest" | |||
| respectively, and to express algorithm preferences in either. | respectively, and to express algorithm preferences in either. | |||
| "Content-Digest" and "Repr-Digest" are collectively termed Integrity | "Content-Digest" and "Repr-Digest" are collectively termed Integrity | |||
| fields. "Want-Content-Digest" and "Want-Repr-Digest" are | fields. "Want-Content-Digest" and "Want-Repr-Digest" are | |||
| collectively termed Integrity preference fields. | collectively termed Integrity preference fields. | |||
| skipping to change at page 24, line 33 ¶ | skipping to change at page 24, line 33 ¶ | |||
| Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=: | Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=: | |||
| iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | |||
| Response with Digest of encoded response | Response with Digest of encoded response | |||
| B.5. Client Provides Full Representation Data, Server Provides No | B.5. Client Provides Full Representation Data, Server Provides No | |||
| Representation Data | Representation Data | |||
| The request "Repr-Digest" field-value is calculated on the enclosed | The request "Repr-Digest" field-value is calculated on the enclosed | |||
| payload. | content. | |||
| The response "Repr-Digest" field-value depends on the representation | The response "Repr-Digest" field-value depends on the representation | |||
| metadata header fields, including "Content-Encoding: br" even when | metadata header fields, including "Content-Encoding: br" even when | |||
| the response does not contain content. | the response does not contain content. | |||
| PUT /items/123 HTTP/1.1 | PUT /items/123 HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Content-Length: 18 | Content-Length: 18 | |||
| Accept-Encoding: br | Accept-Encoding: br | |||
| End of changes. 9 change blocks. | ||||
| 9 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||