- From: Justin Richer <jricher@mit.edu>
- Date: Sat, 11 Sep 2021 12:01:28 +0000
- To: "Roy T. Fielding" <fielding@gbiv.com>
- CC: HTTP Working Group <ietf-http-wg@w3.org>
Via can already be excluded by simply not signing it. Are you suggesting that we explicitly say that it should not be signed, for the reasons you mention? -Justin ________________________________________ From: Roy T. Fielding [fielding@gbiv.com] Sent: Friday, September 10, 2021 6:22 PM To: Justin Richer Cc: HTTP Working Group Subject: Re: Partial signatures on the Via header > On Sep 10, 2021, at 12:54 PM, Justin Richer <jricher@mit.edu> wrote: > > One of the foundational goals of the HTTP Message Signatures draft is that a signed message can be reasonably robust against expected transformations by intermediaries. The editors want some feedback from the experts in the community on a particular transformation: > > It seems that a fairly common case is for an intermediary to add a Via header to a message as it’s passed through. Yes, that's the entire purpose of the Via field. In particular, it describes the message path as it was received by that intermediary. It has no security or integrity purpose, whatsoever, since each intermediary has complete control over the field contents (including not sending them at all, replacing names with pseudonyms, etc.). A signature would be counterproductive. I suggest that Via be excluded from your draft's message signature. ....Roy
Received on Saturday, 11 September 2021 12:02:07 UTC