Interop for HTTP Signature Auth from David Schinazi on 2024-01-24 (ietf-http-wg@w3.org from January to March 2024)

From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Tue, 23 Jan 2024 16:56:08 -0800
To: HTTP Working Group <ietf-http-wg@w3.org>
Cc: François Michel <francois.michel@uclouvain.be>, Jonathan Hoyland <jonathan.hoyland@gmail.com>, David Oliver <david@guardianproject.info>
Message-ID: <CAPDSy+6+GEKYmd6WqCeJfeSvMJkf9CnXidmo2XMY2NYKcz1+-w@mail.gmail.com>

Hi HTTP enthusiasts,

I'm happy to report that today we accomplished
bidirectional interop between two independent
implementations of HTTP Signature Auth, Google
QUICHE in C++ [1] and François's in Go [2]. Both
have publicly accessible servers: François has one
that accepts any public key [3] and then we both have
ones that you'll need to send us public keys for [4, 5].
I suggest trying François's server first, it displays
better debug information than mine :-) This also
helped us make minor editorial fixes to the document,
which we've shipped as -06 [6].

My sincere thanks to François for working on this.
We look forward to working with anyone else
interested in interop here.

Cheers,
David

[1] https://github.com/google/quiche
[2] https://github.com/francoismichel/http-signature-auth-go
[3]
https://httpsignature.francoismichel.be/signature/insecure/draft-ietf-httpbis-unprompted-auth-05
[4]
https://httpsignature.francoismichel.be/signature/draft-ietf-httpbis-unprompted-auth-05
[5] https://masque.uno:4321/
[6]
https://www.ietf.org/archive/id/draft-ietf-httpbis-unprompted-auth-06.html

Received on Wednesday, 24 January 2024 00:56:27 UTC