draft-ietf-httpbis-digest-headers-10.txt   draft-ietf-httpbis-digest-headers-latest.txt 
HTTP Working Group R. Polli HTTP Working Group R. Polli
Internet-Draft Team Digitale, Italian Government Internet-Draft Team Digitale, Italian Government
Obsoletes: 3230 (if approved) L. Pardue Obsoletes: 3230 (if approved) L. Pardue
Intended status: Standards Track Cloudflare Intended status: Standards Track Cloudflare
Expires: December 21, 2022 June 19, 2022 Expires: December 24, 2022 June 22, 2022
Digest Fields Digest Fields
draft-ietf-httpbis-digest-headers-10 draft-ietf-httpbis-digest-headers-latest
Abstract Abstract
This document defines HTTP fields that support integrity digests. This document defines HTTP fields that support integrity digests.
The Content-Digest field can be used for the integrity of HTTP The Content-Digest field can be used for the integrity of HTTP
message content. The Repr-Digest field can be used for the integrity message content. The Repr-Digest field can be used for the integrity
of HTTP representations. Want-Content-Digest and Want-Repr-Digest of HTTP representations. Want-Content-Digest and Want-Repr-Digest
can be used to indicate a sender's interest and preferences for can be used to indicate a sender's interest and preferences for
receiving the respective Integrity fields. receiving the respective Integrity fields.
skipping to change at page 2, line 10 skipping to change at page 2, line 10
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 21, 2022. This Internet-Draft will expire on December 24, 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 26 skipping to change at page 3, line 26
B.7. POST Response does not Reference the Request URI . . . . 25 B.7. POST Response does not Reference the Request URI . . . . 25
B.8. POST Response Describes the Request Status . . . . . . . 26 B.8. POST Response Describes the Request Status . . . . . . . 26
B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27 B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 27
B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28 B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 28
B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29 B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 29
Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29 Appendix C. Examples of Want-Repr-Digest Solicited Digest . . . 29
C.1. Server Selects Client's Least Preferred Algorithm . . . . 30 C.1. Server Selects Client's Least Preferred Algorithm . . . . 30
C.2. Server Selects Algorithm Unsupported by Client . . . . . 30 C.2. Server Selects Algorithm Unsupported by Client . . . . . 30
C.3. Server Does Not Support Client Algorithm and Returns an C.3. Server Does Not Support Client Algorithm and Returns an
Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Error . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 31 Appendix D. Migrating from RFC 3230 . . . . . . . . . . . . . . 32
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32
Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34 G.1. Since draft-ietf-httpbis-digest-headers-08 . . . . . . . 34
G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34 G.2. Since draft-ietf-httpbis-digest-headers-07 . . . . . . . 34
G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34 G.3. Since draft-ietf-httpbis-digest-headers-06 . . . . . . . 34
G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34 G.4. Since draft-ietf-httpbis-digest-headers-05 . . . . . . . 34
G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34 G.5. Since draft-ietf-httpbis-digest-headers-04 . . . . . . . 34
G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35 G.6. Since draft-ietf-httpbis-digest-headers-03 . . . . . . . 35
G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35 G.7. Since draft-ietf-httpbis-digest-headers-02 . . . . . . . 35
G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35 G.8. Since draft-ietf-httpbis-digest-headers-01 . . . . . . . 35
G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35 G.9. Since draft-ietf-httpbis-digest-headers-00 . . . . . . . 35
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36
skipping to change at page 5, line 6 skipping to change at page 5, line 6
1.2. Concept Overview 1.2. Concept Overview
The HTTP fields defined in this document can be used for HTTP The HTTP fields defined in this document can be used for HTTP
integrity. Senders choose a hashing algorithm and calculate a digest integrity. Senders choose a hashing algorithm and calculate a digest
from an input related to the HTTP message, the algorithm identifier from an input related to the HTTP message, the algorithm identifier
and digest are transmitted in an HTTP field. Receivers can validate and digest are transmitted in an HTTP field. Receivers can validate
the digest for integrity purposes. Hashing algorithms are registered the digest for integrity purposes. Hashing algorithms are registered
in the "Hash Algorithms for HTTP Digest Fields" (see Section 5). in the "Hash Algorithms for HTTP Digest Fields" (see Section 5).
Selecting the data on which digests are calculated depends on the use Selecting the data on which digests are calculated depends on the use
case of HTTP messages. This document provides different headers for case of HTTP messages. This document provides different fields for
HTTP representation data and HTTP content. HTTP representation data and HTTP content.
There are use-cases where a simple digest of the HTTP content bytes There are use-cases where a simple digest of the HTTP content bytes
is required. The "Content-Digest" request and response header and is required. The "Content-Digest" request and response header and
trailer field is defined to support digests of content (Section 3.2 trailer field is defined to support digests of content (Section 6.4
of [HTTP]); see Section 2. of [HTTP]); see Section 2.
For more advanced use-cases, the "Repr-Digest" request and response For more advanced use-cases, the "Repr-Digest" request and response
header and trailer field (Section 3) is defined. It contains a header and trailer field (Section 3) is defined. It contains a
digest value computed by applying a hashing algorithm to selected digest value computed by applying a hashing algorithm to selected
representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on representation data (Section 3.2 of [HTTP]). Basing "Repr-Digest" on
the selected representation makes it straightforward to apply it to the selected representation makes it straightforward to apply it to
use-cases where the message content requires some sort of use-cases where the message content requires some sort of
manipulation to be considered as representation of the resource or manipulation to be considered as representation of the resource or
content conveys a partial representation of a resource, such as Range content conveys a partial representation of a resource, such as Range
Requests (see Section 14.2 of [HTTP]). Requests (see Section 14 of [HTTP]).
"Content-Digest" and "Repr-Digest" support hashing algorithm agility. "Content-Digest" and "Repr-Digest" support hashing algorithm agility.
The "Want-Content-Digest" and "Want-Repr-Digest" fields allow The "Want-Content-Digest" and "Want-Repr-Digest" fields allow
endpoints to express interest in "Content-Digest" and "Repr-Digest" endpoints to express interest in "Content-Digest" and "Repr-Digest"
respectively, and to express algorithm preferences in either. respectively, and to express algorithm preferences in either.
"Content-Digest" and "Repr-Digest" are collectively termed Integrity "Content-Digest" and "Repr-Digest" are collectively termed Integrity
fields. "Want-Content-Digest" and "Want-Repr-Digest" are fields. "Want-Content-Digest" and "Want-Repr-Digest" are
collectively termed Integrity preference fields. collectively termed Integrity preference fields.
skipping to change at page 24, line 33 skipping to change at page 24, line 33
Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=: Repr-Digest: sha-256=:4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=:
iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw==
Response with Digest of encoded response Response with Digest of encoded response
B.5. Client Provides Full Representation Data, Server Provides No B.5. Client Provides Full Representation Data, Server Provides No
Representation Data Representation Data
The request "Repr-Digest" field-value is calculated on the enclosed The request "Repr-Digest" field-value is calculated on the enclosed
payload. content.
The response "Repr-Digest" field-value depends on the representation The response "Repr-Digest" field-value depends on the representation
metadata header fields, including "Content-Encoding: br" even when metadata header fields, including "Content-Encoding: br" even when
the response does not contain content. the response does not contain content.
PUT /items/123 HTTP/1.1 PUT /items/123 HTTP/1.1
Host: foo.example Host: foo.example
Content-Type: application/json Content-Type: application/json
Content-Length: 18 Content-Length: 18
Accept-Encoding: br Accept-Encoding: br
 End of changes. 9 change blocks. 
9 lines changed or deleted 9 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/