- From: Roberto Polli <robipolli@gmail.com>
- Date: Fri, 22 Nov 2019 09:48:43 +0100
- To: Rob Sayre <sayrer@gmail.com>, Liam Dennehy <liam@wiemax.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
Hi Rob & co, Il giorno ven 22 nov 2019 alle ore 07:05 Rob Sayre <sayrer@gmail.com> ha scritto: > I saw the "HTTP Signing" presentation in the SECDISPATCH meeting on YouTube[1], and it seems like it's going to end up in this WG. Interesting thread: the video is at https://www.youtube.com/watch?v=CYBhLQ0-fwE&t=3000 > I'd like to suggest adopting something very similar to AWSv4. iiuc the approach of draft-cavage and signed-exchange is very similar and the signed-exchange workgroup made a lot of progresses. AWSv4 seems to me quite limited and IMHO if you expand it you'll eventually end with draft-cavage or http-signatures. > I've implemented the server side of AWSv4 [...] > it's possible to use off-the-shelf AWSv4 client SDKs, make up your own "service" name, and implement the server side of the protocol Understand, though AWS can change that sdk in the future as that's tied to their infrastructure. > [1] https://www.youtube.com/watch?v=CYBhLQ0-fwE > [2] https://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html Regards, R.
Received on Friday, 22 November 2019 08:48:56 UTC