Interop for HTTP Signature Auth

Hi HTTP enthusiasts,

I'm happy to report that today we accomplished
bidirectional interop between two independent
implementations of HTTP Signature Auth, Google
QUICHE in C++ [1] and François's in Go [2]. Both
have publicly accessible servers: François has one
that accepts any public key [3] and then we both have
ones that you'll need to send us public keys for [4, 5].
I suggest trying François's server first, it displays
better debug information than mine :-) This also
helped us make minor editorial fixes to the document,
which we've shipped as -06 [6].

My sincere thanks to François for working on this.
We look forward to working with anyone else
interested in interop here.

Cheers,
David

[1] https://github.com/google/quiche
[2] https://github.com/francoismichel/http-signature-auth-go
[3]
https://httpsignature.francoismichel.be/signature/insecure/draft-ietf-httpbis-unprompted-auth-05
[4]
https://httpsignature.francoismichel.be/signature/draft-ietf-httpbis-unprompted-auth-05
[5] https://masque.uno:4321/
[6]
https://www.ietf.org/archive/id/draft-ietf-httpbis-unprompted-auth-06.html

Received on Wednesday, 24 January 2024 00:56:27 UTC