idnits 2.17.1 draft-bryan-http-digest-algorithm-values-update-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 11, 2010) is 5218 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 3230 (Obsoleted by RFC 9530) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Bryan 3 Internet-Draft January 11, 2010 4 Intended status: Informational 5 Expires: July 15, 2010 7 Additional Hash Algorithms for HTTP Instance Digests 8 draft-bryan-http-digest-algorithm-values-update-04 10 Abstract 12 The IANA registry named "Hypertext Transfer Protocol (HTTP) Digest 13 Algorithm Values" defines values for digest algorithms used by 14 Instance Digests in HTTP. Instance Digests in HTTP provide a digest, 15 also known as a checksum or hash, of an entire representation of the 16 current state of a resource. This draft adds new values to the 17 registry and updates previous values. 19 Status of this Memo 21 This Internet-Draft is submitted to IETF in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF), its areas, and its working groups. Note that 26 other groups may also distribute working documents as Internet- 27 Drafts. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 The list of current Internet-Drafts can be accessed at 35 http://www.ietf.org/ietf/1id-abstracts.txt. 37 The list of Internet-Draft Shadow Directories can be accessed at 38 http://www.ietf.org/shadow.html. 40 This Internet-Draft will expire on July 15, 2010. 42 Copyright Notice 44 Copyright (c) 2010 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.1. Examples . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3 62 2.1. Previous Registrations Updated . . . . . . . . . . . . . . 3 63 2.2. New Registrations . . . . . . . . . . . . . . . . . . . . . 4 64 3. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 65 4. Changes compared to RFC 3230 . . . . . . . . . . . . . . . . . 4 66 5. Normative References . . . . . . . . . . . . . . . . . . . . . 4 67 Appendix A. Acknowledgements and Contributors . . . . . . . . . . 5 68 Appendix B. Document History . . . . . . . . . . . . . . . . . . . 5 69 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 5 71 1. Introduction 73 The IANA registry named "Hypertext Transfer Protocol (HTTP) Digest 74 Algorithm Values" defines values for digest algorithms used by 75 Instance Digests in HTTP. 77 Note: This is unrelated to HTTP Digest Authentication. Instance 78 Digests in HTTP provide a digest, also known as a checksum or hash, 79 of an entire representation of the current state of a resource. 81 The registry was created by [RFC3230] in 2002. This draft adds new 82 values to the registry and updates previous values which had 83 redundant or outdated references. 85 [[ Discussion of this draft should take place on IETF HTTP WG mailing 86 list at ietf-http-wg@w3.org or directly to the author. ]] 88 1.1. Examples 90 Examples of Instance Digest for SHA-256: 92 Digest: SHA-256=MWVkMWQxYTRiMzk5MDQ0MzI3NGU5NDEyZTk5OWY1ZGFmNzgyZTJlO 93 DYzYjRjYzFhOTlmNTQwYzI2M2QwM2U2MQ== 95 2. IANA Considerations 97 This document makes use of the IANA registry named "Hypertext 98 Transfer Protocol (HTTP) Digest Algorithm Values" specified in 99 [RFC3230]. 101 2.1. Previous Registrations Updated 103 Accordingly, IANA has updated the following registrations: 105 Digest Algorithm: MD5 106 Description: The MD5 algorithm, as specified in [RFC1321]. The 107 output of this algorithm is encoded using the base64 encoding 108 [RFC4648]. 109 Reference: [RFC1321] [RFC4648] 111 Digest Algorithm: SHA 112 Description: The SHA-1 algorithm [FIPS-180-3]. The output of this 113 algorithm is encoded using the base64 encoding [RFC4648]. 114 Reference: [FIPS-180-3] [RFC4648] 116 2.2. New Registrations 118 Accordingly, IANA has made the following registrations: 120 Digest Algorithm: SHA-256 121 Description: The SHA-256 algorithm [FIPS-180-3]. The output of 122 this algorithm is encoded using the base64 encoding [RFC4648]. 123 Reference: [FIPS-180-3] [RFC4648] 125 Digest Algorithm: SHA-512 126 Description: The SHA-512 algorithm [FIPS-180-3]. The output of 127 this algorithm is encoded using the base64 encoding [RFC4648]. 128 Reference: [FIPS-180-3] [RFC4648] 130 3. Security Considerations 132 Same as [RFC3230]. 134 4. Changes compared to RFC 3230 136 All previous values to the registry are still valid. 138 The reference for base64 encoding has been updated for both MD5 and 139 SHA. 141 The reference for SHA has been updated. 143 The SHA-256 and SHA-512 algorithms have been added to the registry. 145 5. Normative References 147 [FIPS-180-3] 148 National Institute of Standards and Technology (NIST), 149 "Secure Hash Standard (SHS)", FIPS PUB 180-3, 150 October 2008. 152 [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, 153 April 1992. 155 [RFC3230] Mogul, J. and A. Van Hoff, "Instance Digests in HTTP", 156 RFC 3230, January 2002. 158 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 159 Encodings", RFC 4648, October 2006. 161 Appendix A. Acknowledgements and Contributors 163 Thanks to Mark Nottingham, Eran Hammer-Lahav, Nils Maier, Lisa 164 Dusseault, Alfred Hoenes, Pasi Eronen, Gonzalo Camarillo, and Radia 165 Perlman. 167 Appendix B. Document History 169 [[ to be removed by the RFC editor before publication as an RFC. ]] 171 Known issues concerning this draft: 172 o None known. 174 -04 : December 10, 2009. 175 o General Area Review Team (Gen-ART) review nits. 177 -03 : October 21, 2009. 178 o Make things look a bit nicer. 180 -02 : October 15, 2009. 181 o New title. 182 o "Note: This is unrelated to HTTP Digest Authentication." 183 o Remove SHA-224 and SHA-384. 184 o "Changes compared to RFC 3230" section added. 186 -01 : October 07, 2009. 187 o Update previous values that are outdated. 188 o RFC 4648 for Base64 encoding. 190 -00 : September 08, 2009. 191 o Initial draft. 193 Author's Address 195 Anthony Bryan 196 Pompano Beach, FL 197 USA 199 Email: anthonybryan@gmail.com 200 URI: http://www.metalinker.org