draft-ietf-httpbis-digest-headers-10.txt | draft-ietf-httpbis-digest-headers-latest.txt | |||
---|---|---|---|---|
HTTP Working Group R. Polli | HTTP Working Group R. Polli | |||
Internet-Draft Team Digitale, Italian Government | Internet-Draft Team Digitale, Italian Government | |||
Obsoletes: 3230 (if approved) L. Pardue | Obsoletes: 3230 (if approved) L. Pardue | |||
Intended status: Standards Track Cloudflare | Intended status: Standards Track Cloudflare | |||
Expires: December 21, 2022 June 19, 2022 | Expires: December 24, 2022 June 22, 2022 | |||
Digest Fields | Digest Fields | |||
draft-ietf-httpbis-digest-headers-10 | draft-ietf-httpbis-digest-headers-latest | |||
Abstract | Abstract | |||
This document defines HTTP fields that support integrity digests. | This document defines HTTP fields that support integrity digests. | |||
The Content-Digest field can be used for the integrity of HTTP | The Content-Digest field can be used for the integrity of HTTP | |||
message content. The Repr-Digest field can be used for the integrity | message content. The Repr-Digest field can be used for the integrity | |||
of HTTP representations. Want-Content-Digest and Want-Repr-Digest | of HTTP representations. Want-Content-Digest and Want-Repr-Digest | |||
can be used to indicate a sender's interest and preferences for | can be used to indicate a sender's interest and preferences for | |||
receiving the respective Integrity fields. | receiving the respective Integrity fields. | |||
skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on December 21, 2022. | This Internet-Draft will expire on December 24, 2022. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
skipping to change at page 3, line 26 ¶ | skipping to change at page 3, line 26 ¶ | |||
B.7. POST Response does not Reference the Request URI . . . . 25 | B.7. POST Response does not Reference the Request URI . . . . 25 | |||
B.8. POST Response Describes the Request Status . . . . . . . 26 | B.8. POST Response Describes the Request Status . . . . . . . 26 | |||
B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27 | B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27 | |||
B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28 | B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28 | |||
B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29 | B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29 | |||
Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29 | Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29 | |||
C.1. Server Selects Client's Least Preferred Algorithm . . . . 30 | C.1. Server Selects Client's Least Preferred Algorithm . . . . 30 | |||
C.2. Server Selects Algorithm Unsupported by Client . . . . . 30 | C.2. Server Selects Algorithm Unsupported by Client . . . . . 30 | |||
C.3. Server Does Not Support Client Algorithm and Returns an | C.3. Server Does Not Support Client Algorithm and Returns an | |||
Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31 | Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31 | |||
Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 31 | Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 32 | |||
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 | Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 | Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34 | G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34 | |||
G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34 | G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34 | |||
G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34 | G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34 | |||
G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34 | G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34 | |||
G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34 | G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34 | |||
G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35 | G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35 | |||
G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35 | G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35 | |||
G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35 | G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35 | |||
G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35 | G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
skipping to change at page 5, line 6 ¶ | skipping to change at page 5, line 6 ¶ | |||
1.2. Concept Overview | 1.2. Concept Overview | |||
The HTTP fields defined in this document can be used for HTTP | The HTTP fields defined in this document can be used for HTTP | |||
integrity. Senders choose a hashing algorithm and calculate a digest | integrity. Senders choose a hashing algorithm and calculate a digest | |||
from an input related to the HTTP message, the algorithm identifier | from an input related to the HTTP message, the algorithm identifier | |||
and digest are transmitted in an HTTP field. Receivers can validate | and digest are transmitted in an HTTP field. Receivers can validate | |||
the digest for integrity purposes. Hashing algorithms are registered | the digest for integrity purposes. Hashing algorithms are registered | |||
in the "Hash Algorithms for HTTP Digest Fields" (see Section 5). | in the "Hash Algorithms for HTTP Digest Fields" (see Section 5). | |||
Selecting the data on which digests are calculated depends on the use | Selecting the data on which digests are calculated depends on the use | |||
case of HTTP messages. This document provides different headers for | case of HTTP messages. This document provides different fields for | |||
HTTP representation data and HTTP content. | HTTP representation data and HTTP content. | |||
There are use-cases where a simple digest of the HTTP content bytes | There are use-cases where a simple digest of the HTTP content bytes | |||
is required. The "Content-Digest" request and response header and | is required. The "Content-Digest" request and response header and | |||
trailer field is defined to support digests of content (Section 3.2 | trailer field is defined to support digests of content (Section 6.4 | |||
of [HTTP]); see Section 2. | of [HTTP]); see Section 2. | |||
For more advanced use-cases, the "Repr-Digest" request and response | For more advanced use-cases, the "Repr-Digest" request and response | |||
header and trailer field (Section 3) is defined. It contains a | header and trailer field (Section 3) is defined. It contains a | |||
digest value computed by applying a hashing algorithm to selected | digest value computed by applying a hashing algorithm to selected | |||
representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on | representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on | |||
the selected representation makes it straightforward to apply it to | the selected representation makes it straightforward to apply it to | |||
use-cases where the message content requires some sort of | use-cases where the message content requires some sort of | |||
manipulation to be considered as representation of the resource or | manipulation to be considered as representation of the resource or | |||
content conveys a partial representation of a resource, such as Range | content conveys a partial representation of a resource, such as Range | |||
Requests (see Section 14.2 of [HTTP]). | Requests (see Section 14 of [HTTP]). | |||
"Content-Digest" and "Repr-Digest" support hashing algorithm agility. | "Content-Digest" and "Repr-Digest" support hashing algorithm agility. | |||
The "Want-Content-Digest" and "Want-Repr-Digest" fields allow | The "Want-Content-Digest" and "Want-Repr-Digest" fields allow | |||
endpoints to express interest in "Content-Digest" and "Repr-Digest" | endpoints to express interest in "Content-Digest" and "Repr-Digest" | |||
respectively, and to express algorithm preferences in either. | respectively, and to express algorithm preferences in either. | |||
"Content-Digest" and "Repr-Digest" are collectively termed Integrity | "Content-Digest" and "Repr-Digest" are collectively termed Integrity | |||
fields. "Want-Content-Digest" and "Want-Repr-Digest" are | fields. "Want-Content-Digest" and "Want-Repr-Digest" are | |||
collectively termed Integrity preference fields. | collectively termed Integrity preference fields. | |||
skipping to change at page 24, line 33 ¶ | skipping to change at page 24, line 33 ¶ | |||
Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=: | Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=: | |||
iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | |||
Response with Digest of encoded response | Response with Digest of encoded response | |||
B.5. Client Provides Full Representation Data, Server Provides No | B.5. Client Provides Full Representation Data, Server Provides No | |||
Representation Data | Representation Data | |||
The request "Repr-Digest" field-value is calculated on the enclosed | The request "Repr-Digest" field-value is calculated on the enclosed | |||
payload. | content. | |||
The response "Repr-Digest" field-value depends on the representation | The response "Repr-Digest" field-value depends on the representation | |||
metadata header fields, including "Content-Encoding: br" even when | metadata header fields, including "Content-Encoding: br" even when | |||
the response does not contain content. | the response does not contain content. | |||
PUT /items/123 HTTP/1.1 | PUT /items/123 HTTP/1.1 | |||
Host: foo.example | Host: foo.example | |||
Content-Type: application/json | Content-Type: application/json | |||
Content-Length: 18 | Content-Length: 18 | |||
Accept-Encoding: br | Accept-Encoding: br | |||
End of changes. 9 change blocks. | ||||
9 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |