Weekly github digest (HTTP Activity Summary)

Events without label "editorial"

Issues
------
* httpwg/http-extensions (+29/-3/💬43)
  29 issues created:
  - initial editorial comments (by m4mb01t4l14n0)
    https://github.com/httpwg/http-extensions/issues/2446 
  - signature identifiers (by martinthomson)
    https://github.com/httpwg/http-extensions/issues/2445 
  - Fix name (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2444 
  - Double-check security of reusing the signature key multiple times in one connection (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2443 
  - Support for DTLS? (by m4mb01t4l14n0)
    https://github.com/httpwg/http-extensions/issues/2442 
  - Require TLS 1.3 or TLS 1.2 with Extended Master Secret (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2441 
  - Signature hash algorithm is ambiguous (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2440 
  - Consider contextualizing signatures (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2439 
  - Discuss security properties of keys (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2438 
  - Describe server handling (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2437 
  - SF: Make the signature the primary value (by martinthomson)
    https://github.com/httpwg/http-extensions/issues/2436 
  - feedback from IETF115 (by m4mb01t4l14n0)
    https://github.com/httpwg/http-extensions/issues/2435 
  - Comments on the updated draft (by m4mb01t4l14n0)
    https://github.com/httpwg/http-extensions/issues/2434 
  - Intermediaries: suggest having the intermediary send the nonce as an alternative to validation (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2433 
  - New header field vs WWW-Authenticate (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2432 
  - Consider renaming "u" to "k" (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2431 
  - Signature optional (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2430 
  - Per-authenticator context labels (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2429 
  - Consider refining scope to the origin (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2428 
  - Explain use cases (by chris-wood)
    https://github.com/httpwg/http-extensions/issues/2427 
  - Make sure u= is not a tracking vector (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/issues/2426 
  - message-signatures: HTTP Signature Algorithms names (by reschke)
    https://github.com/httpwg/http-extensions/issues/2421 [signatures] 
  - empty next-hop-aliases? (by LPardue)
    https://github.com/httpwg/http-extensions/issues/2420 [alias-proxy-status] 
  - Support SM2/SM3 algorithms (by SunFulong)
    https://github.com/httpwg/http-extensions/issues/2419 
  - message-signatures: format of signature base (by reschke)
    https://github.com/httpwg/http-extensions/issues/2417 [signatures] 
  - message-signatures: ASCII restriction in field-value to byte sequence (by reschke)
    https://github.com/httpwg/http-extensions/issues/2415 [signatures] 
  - message-signatures: requirements on sf dictionary parsing (by reschke)
    https://github.com/httpwg/http-extensions/issues/2413 
  - message-signatures: obs-fold (by reschke)
    https://github.com/httpwg/http-extensions/issues/2411 [signatures] 
  - message-signatures: addition of leading or trailing whitespace to a field value (by reschke)
    https://github.com/httpwg/http-extensions/issues/2410 [signatures] 

  15 issues received 43 new comments:
  - #2432 New header field vs WWW-Authenticate (1 by tfpauly)
    https://github.com/httpwg/http-extensions/issues/2432 [unprompted-auth] 
  - #2421 message-signatures: HTTP Signature Algorithms names (6 by jricher, reschke)
    https://github.com/httpwg/http-extensions/issues/2421 [signatures] 
  - #2419 Support SM2/SM3 algorithms (3 by SunFulong, martinthomson)
    https://github.com/httpwg/http-extensions/issues/2419 
  - #2417 message-signatures: format of signature base (3 by jricher, reschke)
    https://github.com/httpwg/http-extensions/issues/2417 [signatures] 
  - #2415 message-signatures: ASCII restriction in field-value to byte sequence (2 by jricher, reschke)
    https://github.com/httpwg/http-extensions/issues/2415 [signatures] 
  - #2413 message-signatures: requirements on sf dictionary parsing (3 by jricher, reschke)
    https://github.com/httpwg/http-extensions/issues/2413 [signatures] 
  - #2411 message-signatures: obs-fold (1 by jricher)
    https://github.com/httpwg/http-extensions/issues/2411 [signatures] 
  - #2410 message-signatures: addition of leading or trailing whitespace to a field value (8 by jricher, martinthomson, mnot, reschke)
    https://github.com/httpwg/http-extensions/issues/2410 [signatures] 
  - #2389 Can 2 algorithms have the same preference? (2 by ioggstream, reschke)
    https://github.com/httpwg/http-extensions/issues/2389 [digest-headers] 
  - #2388 Newlines at the end of JSON bodies (8 by LPardue, reschke)
    https://github.com/httpwg/http-extensions/issues/2388 [digest-headers] 
  - #2387 Base-64 encoding bodies is unfortunate (1 by c799878)
    https://github.com/httpwg/http-extensions/issues/2387 [digest-headers] 
  - #2386 Inconsistent paths in appendix examples (1 by LPardue)
    https://github.com/httpwg/http-extensions/issues/2386 [digest-headers] 
  - #2385 No examples of encoding output any of the 6 "insecure" algorithms (1 by LPardue)
    https://github.com/httpwg/http-extensions/issues/2385 [digest-headers] 
  - #2293 Retry-able upload creations using Idempotency-Key (1 by awwright)
    https://github.com/httpwg/http-extensions/issues/2293 [resumable-upload] 
  - #1673 Alt-Svc and multi-CDN (2 by LPardue, sc0ttbeardsley)
    https://github.com/httpwg/http-extensions/issues/1673 [alt-svc] 

  3 issues closed:
  - Base-64 encoding bodies is unfortunate https://github.com/httpwg/http-extensions/issues/2387 [digest-headers] 
  - Long line in Repr-Digest example https://github.com/httpwg/http-extensions/issues/2226 [digest-headers] 
  - Inconsistent paths in appendix examples https://github.com/httpwg/http-extensions/issues/2386 [digest-headers] 



Pull requests
-------------
* httpwg/http-extensions (+9/-5/💬7)
  9 pull requests submitted:
  - Apply AD suggests WRT to Hash Algorithm registry (by LPardue)
    https://github.com/httpwg/http-extensions/pull/2448 
  - Clarify that hashing bytes are base-64 encoded and give examples (by LPardue)
    https://github.com/httpwg/http-extensions/pull/2447 
  - client-cert: genart review updates (by b---c)
    https://github.com/httpwg/http-extensions/pull/2425 [client-cert-field] 
  - Add draft-ietf-httpbis-unprompted-auth (by DavidSchinazi)
    https://github.com/httpwg/http-extensions/pull/2424 
  - use hex-encoding for brotli examples (by LPardue)
    https://github.com/httpwg/http-extensions/pull/2423 
  - Fix: #2384. Non-deterministic content coding beyond encryption. (by ioggstream)
    https://github.com/httpwg/http-extensions/pull/2422 
  - Address nits from OPS review (by jricher)
    https://github.com/httpwg/http-extensions/pull/2418 
  - message-signatures: remove duplicate "the" (by reschke)
    https://github.com/httpwg/http-extensions/pull/2414 
  - message-signatures: fix typo (by reschke)
    https://github.com/httpwg/http-extensions/pull/2412 

  4 pull requests received 7 new comments:
  - #2447 Clarify that hashing bytes are base-64 encoded and give examples (3 by LPardue, ioggstream)
    https://github.com/httpwg/http-extensions/pull/2447 
  - #2423 use hex-encoding for brotli examples (2 by LPardue, ioggstream)
    https://github.com/httpwg/http-extensions/pull/2423 
  - #2422 Fix: #2384. Non-deterministic content coding beyond encryption. (1 by ioggstream)
    https://github.com/httpwg/http-extensions/pull/2422 
  - #2406 client-cert: AD review feedback  (1 by b---c)
    https://github.com/httpwg/http-extensions/pull/2406 [client-cert-field] 

  5 pull requests merged:
  - use hex-encoding for brotli examples
    https://github.com/httpwg/http-extensions/pull/2423 
  - Add draft-ietf-httpbis-unprompted-auth
    https://github.com/httpwg/http-extensions/pull/2424 
  - Wrap all cases where repr-digest was 2 characters over
    https://github.com/httpwg/http-extensions/pull/2381 [digest-headers] 
  - client-cert: AD review feedback 
    https://github.com/httpwg/http-extensions/pull/2406 [client-cert-field] 
  - Specify algorithm selection is from a known subset
    https://github.com/httpwg/http-extensions/pull/2409 [signatures] 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/httpwg/http-core
* https://github.com/httpwg/http-extensions
* https://github.com/httpwg/http2-spec

Received on Sunday, 26 February 2023 07:36:45 UTC