- From: Lucas Pardue <lucaspardue.24.7@gmail.com>
- Date: Wed, 8 Mar 2023 07:09:19 +0000
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CALGR9oaTceN=hTVL2CnDb4Ft9h2Vs6cdQ9iULWOJRMbYxUobLw@mail.gmail.com>
Hi HTTP WG, We're not yet quite done finalizing the HTTP Digest Fields spec [1] but we're on track. If you recall, we spent a bit of time in the process reworking the design to cover use cases for simple Content-Digest, while maintaining the more-advanced Repr-Digest (for representations). That's where the WG consensus is and should stay IMO. But there's a third class of use case that neither of those fields support very well - validating the integrity of a thing after content coding has been removed. This sort of situation can be hit when, for example, an HTTP layer helpfully does some transparent decode and presents the "real" bytes to an application. In such a case, it would be nice for the peer to send the "identity digest" of the thing, so you can just pipe the presented bytes into an algorithm and compare the digests. This was something earlier drafts supported by signalling via the algorithm identifier, which was discussed quite a lot before being removed and punted [2]. In the meantime, our technical design has evolved and I've published a spec that proposes something that better aligns, the Identity-Digest field, see forwarded attachment. Cheers Lucas [1] - https://datatracker.ietf.org/doc/draft-ietf-httpbis-digest-headers [2] - https://github.com/httpwg/http-extensions/issues/885 ---------- Forwarded message --------- From: <internet-drafts@ietf.org> Date: Wed, Mar 8, 2023 at 6:47 AM Subject: New Version Notification for draft-pardue-http-identity-digest-01.txt To: Lucas Pardue <lucaspardue.24.7@gmail.com> A new version of I-D, draft-pardue-http-identity-digest-01.txt has been successfully submitted by Lucas Pardue and posted to the IETF repository. Name: draft-pardue-http-identity-digest Revision: 01 Title: HTTP Identity Digest Document date: 2023-03-08 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-pardue-http-identity-digest-01.txt Status: https://datatracker.ietf.org/doc/draft-pardue-http-identity-digest/ Html: https://www.ietf.org/archive/id/draft-pardue-http-identity-digest-01.html Htmlized: https://datatracker.ietf.org/doc/html/draft-pardue-http-identity-digest Diff: https://author-tools.ietf.org/iddiff?url2=draft-pardue-http-identity-digest-01 Abstract: The Repr-Digest and Content-Digest integrity fields are subject to HTTP content coding considerations. There are some use cases that benefit from the unambiguous exchange of integrity digests of unencoded representation. The Identity-Digest and Want-Identity- Digest fields complement existing integrity fields for this purpose. The IETF Secretariat
Received on Wednesday, 8 March 2023 07:09:43 UTC