Hi Demi, > HTTP Signatures (RFC 9412) are fine but lack one item: a serialization > format. Due to this I'm working with signature schemes that are more > adapted for Embedding, Counter-signatures, Multi-hop, and Archival: > > > https://github.com/cyberphone/cbor-everywhere/tree/main?tab=readme-ov-file#signed-http-requests > > It’s worth noting that trying to sign an abstract message > massively increases the room for implementations to err, often in > exploitable ways. See the numerous vulnerabilities in XML signature > implementations for examples, as well as various vulnerabilities in > Hashicorp Vault. Instead, one should sign the data as raw bytes, > and encapsulate it in a form that will pass through intermediates > unchanged. In the case of HTTP, this would correspond to wrapping > an HTTP request inside another. > Is this something that could be used instead? > -- > Sincerely, > Demi Marie Obenour (she/her/hers) Thanks for the suggestion. I totally agree that signing raw bytes is a lot cleaner from a security perspective, and may in fact be strictly necessary depending on the use case and threat model. On the other hand, RFC 9421 is pretty easy to implement, in particular without changes to one's HTTP stack. I suspect this is what makes it an attractive option for many situations. I'll try to check the temperature of folks on this this week. Best, Chris P. ..
Received on Saturday, 1 November 2025 14:25:41 UTC