- From: Marius Kleidl <ietf@mariuskleidl.net>
- Date: Mon, 27 Apr 2026 16:53:03 +0200
- To: "Roberto Polli" <robipolli@gmail.com>, "RFC Errata System" <rfc-editor@rfc-editor.org>
- Cc: "Lucas Pardue" <lucas@lucaspardue.com>, httpbis-ads@ietf.org, "Mark Nottingham" <mnot@mnot.net>, tpauly@apple.com, ietf-http-wg@w3.org
- Message-Id: <12e076f0-81db-48a8-bfc5-be16af1c7a70@app.fastmail.com>
Hi Roberto,
thank you for the additional context. It makes sense that different compression implementations can produce different output bytes. However, aligning the document with one implementation isn't the purpose of this errata. My main concern is that the SHA-256 and SHA-512 digests in the Repr-Digest header fields don't match the representation in the examples, which should be addressed as this RFC defines these header fields. I hope this helps understand my submission.
Best regards,
Marius Kleidl
On Mon, Apr 27, 2026, at 12:28, Roberto Polli wrote:
> Hi Marius,
>
> On Sat, 25 Apr 2026 at 23:34, RFC Errata System
> <rfc-editor@rfc-editor.org> wrote:
> >
> > The following errata report has been submitted for RFC9530,
> > "Digest Fields".
> >
> > --------------------------------------
> > You may review the report below and at:
> > https://www.rfc-editor.org/errata/eid8890
> >
> > --------------------------------------
> > Type: Technical
> > Reported by: Marius Kleidl <ietf@mariuskleidl.net>
> >
> > Section: B.4.
> >
> > Original Text
> > -------------
> > 8B 08 80 7B 22 68 65 6C 6C 6F
> > 22 3A 20 22 77 6F 72 6C 64 22
> > 7D 0A 03
> >
> > Corrected Text
> > --------------
> > 0B 09 80 7B 22 68 65 6C 6C 6F
> > 22 3A 20 22 77 6F 72 6C 64 22
> > 7D 0A 03
>
> IIRC we used Python's brotli implementation
> >>> brotli.compress(b'{"hello":"world"}')
> that returns:
>
> 0B 08 80 7B 22 ..
>
> so probably 8B -> 0B is an actual typo.
>
> >
> > Notes
> > -----
> > The Brotli representation provided in the examples in B.4 (Figure 18) and B.6 (Figure 21) aren't valid. Trying to decompress them via Node.js' zlib package and the brotli CLI fails:
> >
> > ```
> > $ node -e "require('zlib').brotliDecompressSync(Buffer.from('8b08807b2268656c6c6f223a2022776f726c64227d0a03','hex'))"
> > node:zlib:432
> > throw self[kError];
> > ^
> >
> > Error: unexpected end of file
> > [...]
> > code: 'Z_BUF_ERROR'
> > }
> > ```
> >
> > ```
> > $ echo 8b08807b2268656c6c6f223a2022776f726c64227d0a03 | xxd -r -p | brotli -d -c
> > corrupt input [con]
> > ```
> >
> > In addition, the SHA-256 over the bytes in the original text is MklYnI/SsUF/5X7enJ2TU+DFjodRObdKLFaPPLe/Kcw=, not d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk= as used by the RFC in the Repr-Digest header field. The SHA-512 digest in Figure 21 is similarly incorrect.
> >
>
> While I think it's OK to update the examples to match the brotli C
> implementation,
> I am not sure it's an actual erratum, and I will wait for feedback
> by the WG.
>
> > The correct text only differs in the first two bytes. With this change, the response content is a valid Brotli compression of `{"hello": "world"}\n`. The SHA-256 and SHA-512 digests in the Repr-Digest header fields then also match the representation's digests.
> >
> > Instructions:
> > -------------
> > This erratum is currently posted as "Reported". (If it is spam, it
> > will be removed shortly by the RFC Production Center.) Please
> > use "Reply All" to discuss whether it should be verified or
> > rejected. When a decision is reached, the verifying party
> > will log in to change the status and edit the report, if necessary.
> >
> > --------------------------------------
> > RFC9530 (draft-ietf-httpbis-digest-headers-13)
> > --------------------------------------
> > Title : Digest Fields
> > Publication Date : February 2024
> > Author(s) : R. Polli, L. Pardue
> > Category : PROPOSED STANDARD
> > Source : HTTP
> > Stream : IETF
> > Verifying Party : IESG
>
Received on Monday, 27 April 2026 16:59:46 UTC