| < draft-ietf-httpbis-digest-headers-06.txt | draft-ietf-httpbis-digest-headers-07.txt > | |||
|---|---|---|---|---|
| HTTP R. Polli | HTTP R. Polli | |||
| Internet-Draft Team Digitale, Italian Government | Internet-Draft Team Digitale, Italian Government | |||
| Obsoletes: 3230 (if approved) L. Pardue | Obsoletes: 3230 (if approved) L. Pardue | |||
| Intended status: Standards Track Cloudflare | Intended status: Standards Track Cloudflare | |||
| Expires: 31 March 2022 27 September 2021 | Expires: 20 May 2022 16 November 2021 | |||
| Digest Fields | Digest Fields | |||
| draft-ietf-httpbis-digest-headers-06 | draft-ietf-httpbis-digest-headers-07 | |||
| Abstract | Abstract | |||
| This document defines HTTP fields that support integrity checksums. | This document defines HTTP fields that support integrity checksums. | |||
| The Digest field can be used for the integrity of HTTP | The Digest field can be used for the integrity of HTTP | |||
| representations. The Content-Digest field can be used for the | representations. The Content-Digest field can be used for the | |||
| integrity of HTTP message content. Want-Digest and Want-Content- | integrity of HTTP message content. Want-Digest and Want-Content- | |||
| Digest can be used to indicate a sender's desire to receive integrity | Digest can be used to indicate a sender's desire to receive integrity | |||
| fields respectively. | fields respectively. | |||
| skipping to change at page 2, line 4 ¶ | skipping to change at page 2, line 4 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 31 March 2022. | This Internet-Draft will expire on 20 May 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 2, line 30 ¶ | skipping to change at page 2, line 30 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Document Structure . . . . . . . . . . . . . . . . . . . 4 | 1.1. Document Structure . . . . . . . . . . . . . . . . . . . 4 | |||
| 1.2. Concept Overview . . . . . . . . . . . . . . . . . . . . 4 | 1.2. Concept Overview . . . . . . . . . . . . . . . . . . . . 4 | |||
| 1.3. Replacing RFC 3230 . . . . . . . . . . . . . . . . . . . 5 | 1.3. Replacing RFC 3230 . . . . . . . . . . . . . . . . . . . 5 | |||
| 1.4. Notational Conventions . . . . . . . . . . . . . . . . . 6 | 1.4. Notational Conventions . . . . . . . . . . . . . . . . . 6 | |||
| 2. Representation Digest . . . . . . . . . . . . . . . . . . . . 6 | 2. Representation Digest . . . . . . . . . . . . . . . . . . . . 6 | |||
| 3. The Digest Field . . . . . . . . . . . . . . . . . . . . . . 7 | 3. The Digest Field . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 4. The Content-Digest Field . . . . . . . . . . . . . . . . . . 8 | 4. The Content-Digest Field . . . . . . . . . . . . . . . . . . 8 | |||
| 5. Want-Digest and Want-Content-Digest Fields . . . . . . . . . 8 | 5. Want-Digest and Want-Content-Digest Fields . . . . . . . . . 9 | |||
| 6. Digest Algorithm Values . . . . . . . . . . . . . . . . . . . 9 | 6. Digest Algorithm Values . . . . . . . . . . . . . . . . . . . 9 | |||
| 7. Using Digest in State-Changing Requests . . . . . . . . . . . 13 | 7. Using Digest in State-Changing Requests . . . . . . . . . . . 12 | |||
| 7.1. Digest and Content-Location in Responses . . . . . . . . 13 | 7.1. Digest and Content-Location in Responses . . . . . . . . 13 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | |||
| 8.1. Digest Does Not Protect the Full HTTP Message . . . . . . 13 | 8.1. Digest Does Not Protect the Full HTTP Message . . . . . . 13 | |||
| 8.2. Digest for End-to-End Integrity . . . . . . . . . . . . . 14 | 8.2. Digest for End-to-End Integrity . . . . . . . . . . . . . 14 | |||
| 8.3. Usage in Signatures . . . . . . . . . . . . . . . . . . . 14 | 8.3. Usage in Signatures . . . . . . . . . . . . . . . . . . . 14 | |||
| 8.4. Usage in Trailer Fields . . . . . . . . . . . . . . . . . 15 | 8.4. Usage in Trailer Fields . . . . . . . . . . . . . . . . . 15 | |||
| 8.5. Usage with Encryption . . . . . . . . . . . . . . . . . . 15 | 8.5. Usage with Encryption . . . . . . . . . . . . . . . . . . 15 | |||
| 8.6. Algorithm Agility . . . . . . . . . . . . . . . . . . . . 15 | 8.6. Algorithm Agility . . . . . . . . . . . . . . . . . . . . 15 | |||
| 8.7. Duplicate digest-algorithm in field value . . . . . . . . 16 | 8.7. Duplicate digest-algorithm in field value . . . . . . . . 16 | |||
| 8.8. Resource exhaustion . . . . . . . . . . . . . . . . . . . 16 | 8.8. Resource exhaustion . . . . . . . . . . . . . . . . . . . 16 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 9.1. Establish the HTTP Digest Algorithm Values Registry . . . 16 | 9.1. Establish the HTTP Digest Algorithm Values Registry . . . 16 | |||
| 9.2. Obsolete "contentMD5" token in Digest Algorithm . . . . . 17 | 9.2. Obsolete "contentMD5" token in Digest Algorithm . . . . . 16 | |||
| 9.3. Changes Compared to RFC3230 . . . . . . . . . . . . . . . 17 | 9.3. Changes Compared to RFC3230 . . . . . . . . . . . . . . . 17 | |||
| 9.4. Changes Compared to RFC5843 . . . . . . . . . . . . . . . 17 | 9.4. Changes Compared to RFC5843 . . . . . . . . . . . . . . . 17 | |||
| 9.5. Want-Digest Field Registration . . . . . . . . . . . . . 17 | 9.5. Want-Digest Field Registration . . . . . . . . . . . . . 17 | |||
| 9.6. Digest Field Registration . . . . . . . . . . . . . . . . 18 | 9.6. Digest Field Registration . . . . . . . . . . . . . . . . 17 | |||
| 9.7. Want-Content-Digest Field Registration . . . . . . . . . 18 | 9.7. Want-Content-Digest Field Registration . . . . . . . . . 17 | |||
| 9.8. Content-Digest Field Registration . . . . . . . . . . . . 18 | 9.8. Content-Digest Field Registration . . . . . . . . . . . . 18 | |||
| 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 10.1. Normative References . . . . . . . . . . . . . . . . . . 18 | 10.1. Normative References . . . . . . . . . . . . . . . . . . 18 | |||
| 10.2. Informative References . . . . . . . . . . . . . . . . . 20 | 10.2. Informative References . . . . . . . . . . . . . . . . . 20 | |||
| Appendix A. Resource Representation and Representation-Data . . 22 | Appendix A. Resource Representation and Representation-Data . . 21 | |||
| Appendix B. Examples of Unsolicited Digest . . . . . . . . . . . 24 | Appendix B. Examples of Unsolicited Digest . . . . . . . . . . . 23 | |||
| B.1. Server Returns Full Representation Data . . . . . . . . . 24 | B.1. Server Returns Full Representation Data . . . . . . . . . 23 | |||
| B.2. Server Returns No Representation Data . . . . . . . . . . 24 | B.2. Server Returns No Representation Data . . . . . . . . . . 24 | |||
| B.3. Server Returns Partial Representation Data . . . . . . . 25 | B.3. Server Returns Partial Representation Data . . . . . . . 24 | |||
| B.4. Client and Server Provide Full Representation Data . . . 25 | B.4. Client and Server Provide Full Representation Data . . . 25 | |||
| B.5. Client Provides Full Representation Data, Server Provides | B.5. Client Provides Full Representation Data, Server Provides | |||
| No Representation Data . . . . . . . . . . . . . . . . . 26 | No Representation Data . . . . . . . . . . . . . . . . . 26 | |||
| B.6. Client and Server Provide Full Representation Data, Client | B.6. Client and Server Provide Full Representation Data . . . 26 | |||
| Uses id-sha-256. . . . . . . . . . . . . . . . . . . . . 27 | ||||
| B.7. POST Response does not Reference the Request URI . . . . 27 | B.7. POST Response does not Reference the Request URI . . . . 27 | |||
| B.8. POST Response Describes the Request Status . . . . . . . 28 | B.8. POST Response Describes the Request Status . . . . . . . 28 | |||
| B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 29 | B.9. Digest with PATCH . . . . . . . . . . . . . . . . . . . . 28 | |||
| B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 30 | B.10. Error responses . . . . . . . . . . . . . . . . . . . . . 29 | |||
| B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 30 | B.11. Use with Trailer Fields and Transfer Coding . . . . . . . 30 | |||
| Appendix C. Examples of Want-Digest Solicited Digest . . . . . . 31 | Appendix C. Examples of Want-Digest Solicited Digest . . . . . . 30 | |||
| C.1. Server Selects Client's Least Preferred Algorithm . . . . 31 | C.1. Server Selects Client's Least Preferred Algorithm . . . . 31 | |||
| C.2. Server Selects Algorithm Unsupported by Client . . . . . 32 | C.2. Server Selects Algorithm Unsupported by Client . . . . . 31 | |||
| C.3. Server Does Not Support Client Algorithm and Returns an | C.3. Server Does Not Support Client Algorithm and Returns an | |||
| Error . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | Error . . . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| Appendix D. Changes from RFC3230 . . . . . . . . . . . . . . . . 32 | Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 32 | |||
| D.1. Deprecate Negotiation of Content-MD5 . . . . . . . . . . 33 | ||||
| D.2. Obsolete Digest Field Parameters . . . . . . . . . . . . 33 | ||||
| Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 33 | ||||
| FAQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 | FAQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 35 | Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 | Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| Since draft-ietf-httpbis-digest-headers-06 . . . . . . . . . . 35 | ||||
| Since draft-ietf-httpbis-digest-headers-05 . . . . . . . . . . 36 | Since draft-ietf-httpbis-digest-headers-05 . . . . . . . . . . 36 | |||
| Since draft-ietf-httpbis-digest-headers-04 . . . . . . . . . . 37 | Since draft-ietf-httpbis-digest-headers-04 . . . . . . . . . . 36 | |||
| Since draft-ietf-httpbis-digest-headers-03 . . . . . . . . . . 37 | Since draft-ietf-httpbis-digest-headers-03 . . . . . . . . . . 36 | |||
| Since draft-ietf-httpbis-digest-headers-02 . . . . . . . . . . 37 | Since draft-ietf-httpbis-digest-headers-02 . . . . . . . . . . 36 | |||
| Since draft-ietf-httpbis-digest-headers-01 . . . . . . . . . . 37 | Since draft-ietf-httpbis-digest-headers-01 . . . . . . . . . . 37 | |||
| Since draft-ietf-httpbis-digest-headers-00 . . . . . . . . . . 38 | Since draft-ietf-httpbis-digest-headers-00 . . . . . . . . . . 37 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37 | |||
| 1. Introduction | 1. Introduction | |||
| HTTP does not define a means to protect the integrity of | HTTP does not define a means to protect the integrity of | |||
| representations. When HTTP messages are transferred between | representations. When HTTP messages are transferred between | |||
| endpoints, the protocol might choose to make use of features of the | endpoints, the protocol might choose to make use of features of the | |||
| lower layer in order to provide some integrity protection; for | lower layer in order to provide some integrity protection; for | |||
| instance, TCP checksums or TLS records [RFC2818]. | instance, TCP checksums or TLS records [RFC2818]. | |||
| This document defines two digest integrity mechanisms for HTTP. | This document defines two digest integrity mechanisms for HTTP. | |||
| skipping to change at page 4, line 34 ¶ | skipping to change at page 4, line 28 ¶ | |||
| * Section 3 defines the Digest request and response header and | * Section 3 defines the Digest request and response header and | |||
| trailer field, | trailer field, | |||
| * Section 4 defines the Content-Digest request and response header | * Section 4 defines the Content-Digest request and response header | |||
| and trailer field, | and trailer field, | |||
| * Section 5 defines the Want-Digest and Want-Content-Digest request | * Section 5 defines the Want-Digest and Want-Content-Digest request | |||
| and response header and trailer field, | and response header and trailer field, | |||
| * Section 6 and Appendix D.1 describe algorithms and their relation | * Section 6 describes algorithms and their relation to Digest, | |||
| to Digest, | ||||
| * Section 7 details computing representation digests, | * Section 7 details computing representation digests, | |||
| * Appendix D.2 obsoletes Digest field parameters, and | ||||
| * Appendix B and Appendix C provide examples of using Digest and | * Appendix B and Appendix C provide examples of using Digest and | |||
| Want-Digest. | Want-Digest. | |||
| 1.2. Concept Overview | 1.2. Concept Overview | |||
| This document defines the Digest request and response header and | This document defines the Digest request and response header and | |||
| trailer field; see Section 3. At a high level, the value contains a | trailer field; see Section 3. At a high level, the value contains a | |||
| checksum, computed over selected representation data (Section 3.2 of | checksum, computed over selected representation data (Section 3.2 of | |||
| [SEMANTICS]), that the recipient can use to validate integrity. | [SEMANTICS]), that the recipient can use to validate integrity. | |||
| Basing Digest on the selected representation makes it straightforward | Basing Digest on the selected representation makes it straightforward | |||
| skipping to change at page 5, line 18 ¶ | skipping to change at page 5, line 12 ¶ | |||
| required, this document introduces the Content-Digest request and | required, this document introduces the Content-Digest request and | |||
| response header and trailer field; see Section 4. | response header and trailer field; see Section 4. | |||
| Digest and Content-Digest support algorithm agility. The Want-Digest | Digest and Content-Digest support algorithm agility. The Want-Digest | |||
| and Want-Content-Digest fields allows endpoints to express interest | and Want-Content-Digest fields allows endpoints to express interest | |||
| in Digest and Content-Digest respectively, and preference of | in Digest and Content-Digest respectively, and preference of | |||
| algorithms in either. | algorithms in either. | |||
| Digest field calculations are tied to the Content-Encoding and | Digest field calculations are tied to the Content-Encoding and | |||
| Content-Type header fields. Therefore, a given resource may have | Content-Type header fields. Therefore, a given resource may have | |||
| multiple different checksum values when transferred with HTTP. To | multiple different checksum values when transferred with HTTP. | |||
| allow both parties to exchange a simple checksum with no content | ||||
| codings (see Section 8.4.1 of [SEMANTICS]), two more digest- | ||||
| algorithms are added ("id-sha-256" and "id-sha-512"). | ||||
| Digest fields do not provide integrity for HTTP messages or fields. | Digest fields do not provide integrity for HTTP messages or fields. | |||
| However, they can be combined with other mechanisms that protect | However, they can be combined with other mechanisms that protect | |||
| metadata, such as digital signatures, in order to protect the phases | metadata, such as digital signatures, in order to protect the phases | |||
| of an HTTP exchange in whole or in part. | of an HTTP exchange in whole or in part. | |||
| This specification does not define means for authentication, | This specification does not define means for authentication, | |||
| authorization or privacy. | authorization or privacy. | |||
| 1.3. Replacing RFC 3230 | 1.3. Replacing RFC 3230 | |||
| Historically, the Content-MD5 header field provided an HTTP integrity | Historically, the Content-MD5 header field provided an HTTP integrity | |||
| mechanism but HTTP/1.1 ([RFC7231], Appendix B) obsoleted it due to | mechanism but HTTP/1.1 ([RFC7231], Appendix B) obsoleted it due to | |||
| inconsistent handling of partial responses. [RFC3230] defined the | inconsistent handling of partial responses. [RFC3230] defined the | |||
| concept of "instance" digests and a more flexible integrity scheme to | concept of "instance" digests and a more flexible integrity scheme to | |||
| help address issues with Content-MD5. It first introduced the Digest | help address issues with Content-MD5. It first introduced the Digest | |||
| and Want-Digest fields. HTTP terminology has evolved since [RFC3230] | and Want-Digest fields. HTTP terminology has evolved since [RFC3230] | |||
| was published. The concept of "instance" has been superseded by | was published. The concept of "instance" has been superseded by | |||
| selected representation. | selected representation. | |||
| This document replaces [RFC3230]. The Digest and Want-Digest field | This document replaces [RFC3230]. The changes described in the | |||
| definitions are updated to align with the terms and notational | following paragraphs are intended to be semantically compatible with | |||
| conventions in [SEMANTICS]. Changes are intended to be semantically | existing implementations where possible. | |||
| compatible with existing implementations but note that negotiation of | ||||
| Content-MD5 is deprecated Appendix D.1 and has been replaced by | The Digest and Want-Digest field definitions are updated to align | |||
| Content-Digest negotiation via Want-Content-Digest. Digest field | with the terms and notational conventions in [SEMANTICS]. | |||
| parameters are obsoleted Appendix D.2 and the algorithm table has | ||||
| been updated to reflect the current state of the art. | Negotiation of Content-MD5 is deprecated and has been replaced by | |||
| Content-Digest negotiation via Want-Content-Digest. | ||||
| Sections 4.1.1 and 4.2 of [RFC3230] defined field parameters. This | ||||
| document obsoletes the usage of parameters with Digest because this | ||||
| feature has not been widely deployed and complicates field-value | ||||
| processing. [RFC3230] intended field parameters to provide a common | ||||
| way to attach additional information to a representation-data-digest. | ||||
| However, if parameters are used as an input to validate the checksum, | ||||
| an attacker could alter them to steer the validation behavior. A | ||||
| digest-algorithm can still be parameterized by defining its own way | ||||
| to encode parameters into the representation-data-digest, in such a | ||||
| way as to mitigate security risks related to its computation. | ||||
| The algorithm table has been updated to reflect the current state of | ||||
| the art, (see Section 6). | ||||
| 1.4. Notational Conventions | 1.4. Notational Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This document uses the Augmented BNF defined in [RFC5234] and updated | This document uses the Augmented BNF defined in [RFC5234] and updated | |||
| skipping to change at page 7, line 19 ¶ | skipping to change at page 7, line 23 ¶ | |||
| 3. The Digest Field | 3. The Digest Field | |||
| The Digest field contains a comma-separated list of one or more | The Digest field contains a comma-separated list of one or more | |||
| representation digest values as defined in Section 2. It can be used | representation digest values as defined in Section 2. It can be used | |||
| in both requests and responses. | in both requests and responses. | |||
| Digest = 1#representation-data-digest | Digest = 1#representation-data-digest | |||
| For example: | For example: | |||
| Digest: id-sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | Digest: sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | |||
| AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | |||
| A Digest field MAY contain multiple representation-data-digest | A Digest field MAY contain multiple representation-data-digest | |||
| values. For example, a server may provide representation-data-digest | values. For example, a server may provide representation-data-digest | |||
| values using different algorithms, allowing it to support a | values using different algorithms, allowing it to support a | |||
| population of clients with different evolving capabilities; this is | population of clients with different evolving capabilities; this is | |||
| particularly useful in support of transitioning away from weaker | particularly useful in support of transitioning away from weaker | |||
| algorithms should the need arise (see Section 8.6). | algorithms should the need arise (see Section 8.6). | |||
| Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | |||
| id-sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | |||
| AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | ||||
| A recipient MAY ignore any or all of the representation-data-digests | A recipient MAY ignore any or all of the representation-data-digests | |||
| in a Digest field. This allows the recipient to choose which digest- | in a Digest field. This allows the recipient to choose which digest- | |||
| algorithm(s) to use for validation instead of verifying every | algorithm(s) to use for validation instead of verifying every | |||
| received representation-data-digest. | received representation-data-digest. | |||
| A sender MAY send a representation-data-digest using a digest- | A sender MAY send a representation-data-digest using a digest- | |||
| algorithm without knowing whether the recipient supports the digest- | algorithm without knowing whether the recipient supports the digest- | |||
| algorithm, or even knowing that the recipient will ignore it. | algorithm, or even knowing that the recipient will ignore it. | |||
| skipping to change at page 8, line 19 ¶ | skipping to change at page 8, line 23 ¶ | |||
| applying a digest-algorithm to the actual message content (see | applying a digest-algorithm to the actual message content (see | |||
| Section 6.4 of [SEMANTICS]). It can be used in both requests and | Section 6.4 of [SEMANTICS]). It can be used in both requests and | |||
| responses. | responses. | |||
| Content-Digest = 1#content-digest | Content-Digest = 1#content-digest | |||
| content-digest = digest-algorithm "=" | content-digest = digest-algorithm "=" | |||
| <encoded digest output> | <encoded digest output> | |||
| For example: | For example: | |||
| Content-Digest: id-sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | Content-Digest: sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | |||
| AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | |||
| A Content-Digest field MAY contain multiple content-digest values, | A Content-Digest field MAY contain multiple content-digest values, | |||
| similarly to Digest (see Section 3) | similarly to Digest (see Section 3) | |||
| Content-Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | Content-Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | |||
| id-sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | |||
| AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | ||||
| A recipient MAY ignore any or all of the content-digests in a | A recipient MAY ignore any or all of the content-digests in a | |||
| Content-Digest field. This allows the recipient to choose which | Content-Digest field. This allows the recipient to choose which | |||
| digest-algorithm(s) to use for validation instead of verifying every | digest-algorithm(s) to use for validation instead of verifying every | |||
| received content-digest. | received content-digest. | |||
| A sender MAY send a content-digest using a digest-algorithm without | A sender MAY send a content-digest using a digest-algorithm without | |||
| knowing whether the recipient supports the digest-algorithm, or even | knowing whether the recipient supports the digest-algorithm, or even | |||
| knowing that the recipient will ignore it. | knowing that the recipient will ignore it. | |||
| skipping to change at page 10, line 10 ¶ | skipping to change at page 10, line 18 ¶ | |||
| algorithm values. Registrations MUST include the following fields: | algorithm values. Registrations MUST include the following fields: | |||
| * Digest algorithm: the token value. The registry can be used to | * Digest algorithm: the token value. The registry can be used to | |||
| reserve token values | reserve token values | |||
| * Status: the status of the algorithm. Use "standard" for | * Status: the status of the algorithm. Use "standard" for | |||
| standardized algorithms without known problems; "experimental" or | standardized algorithms without known problems; "experimental" or | |||
| some other appropriate value | some other appropriate value | |||
| - e.g. according to the type and status of the primary document | - e.g. according to the type and status of the primary document | |||
| in which the algorithm is defined; "deprecated" when the | in which the algorithm is defined; "insecure" when the | |||
| algorithm is insecure or otherwise undesirable; "reserved" when | algorithm is insecure; "reserved" when Digest algorithm | |||
| Digest algorithm references a reserved token value | references a reserved token value | |||
| * Description: the description of the digest-algorithm and its | * Description: the description of the digest-algorithm and its | |||
| encoding | encoding | |||
| * Reference: a set of pointers to the primary documents defining the | * Reference: a set of pointers to the primary documents defining the | |||
| digest-algorithm | digest-algorithm | |||
| The associated encoding for new digest-algorithms MUST either be | The associated encoding for new digest-algorithms MUST either be | |||
| represented as a quoted string or MUST NOT include ";" or "," in the | represented as a quoted string or MUST NOT include ";" or "," in the | |||
| character sets used for the encoding. | character sets used for the encoding. | |||
| Deprecated digest algorithms MUST NOT be used. | Insecure digest algorithms MAY be used to preserve integrity against | |||
| accidental change, but MUST NOT be used in a potentially adversarial | ||||
| setting; for example, when signing the digest of content for | ||||
| authenticity. | ||||
| The registry is initialized with the tokens listed below. | The registry is initialized with the tokens listed below. | |||
| sha-512 | sha-512 | |||
| * Digest Algorithm: sha-512 | * Digest Algorithm: sha-512 | |||
| * Description: The SHA-512 algorithm [RFC6234]. The output of | * Description: The SHA-512 algorithm [RFC6234]. The output of | |||
| this algorithm is encoded using the base64 encoding [RFC4648]. | this algorithm is encoded using the base64 encoding [RFC4648]. | |||
| * Reference: [RFC6234], [RFC4648], this document. | * Reference: [RFC6234], [RFC4648], this document. | |||
| skipping to change at page 10, line 40 ¶ | skipping to change at page 11, line 4 ¶ | |||
| * Description: The SHA-512 algorithm [RFC6234]. The output of | * Description: The SHA-512 algorithm [RFC6234]. The output of | |||
| this algorithm is encoded using the base64 encoding [RFC4648]. | this algorithm is encoded using the base64 encoding [RFC4648]. | |||
| * Reference: [RFC6234], [RFC4648], this document. | * Reference: [RFC6234], [RFC4648], this document. | |||
| * Status: standard | * Status: standard | |||
| sha-256 | sha-256 | |||
| * Digest Algorithm: sha-256 | * Digest Algorithm: sha-256 | |||
| * Description: The SHA-256 algorithm [RFC6234]. The output of | * Description: The SHA-256 algorithm [RFC6234]. The output of | |||
| this algorithm is encoded using the base64 encoding [RFC4648]. | this algorithm is encoded using the base64 encoding [RFC4648]. | |||
| * Reference: [RFC6234], [RFC4648], this document. | * Reference: [RFC6234], [RFC4648], this document. | |||
| * Status: standard | * Status: standard | |||
| md5 | md5 | |||
| * Digest Algorithm: md5 | * Digest Algorithm: md5 | |||
| * Description: The MD5 algorithm, as specified in [RFC1321]. The | * Description: The MD5 algorithm, as specified in [RFC1321]. The | |||
| output of this algorithm is encoded using the base64 encoding | output of this algorithm is encoded using the base64 encoding | |||
| [RFC4648]. This digest-algorithm is now vulnerable to | [RFC4648]. This digest-algorithm is now vulnerable to | |||
| collision attacks. See [NO-MD5] and [CMU-836068]. | collision attacks. See [NO-MD5] and [CMU-836068]. | |||
| * Reference: [RFC1321], [RFC4648], this document. | * Reference: [RFC1321], [RFC4648], this document. | |||
| * Status: deprecated | * Status: insecure | |||
| sha | sha | |||
| * Digest Algorithm: sha | * Digest Algorithm: sha | |||
| * Description: The SHA-1 algorithm [RFC3174]. The output of this | * Description: The SHA-1 algorithm [RFC3174]. The output of this | |||
| algorithm is encoded using the base64 encoding [RFC4648]. This | algorithm is encoded using the base64 encoding [RFC4648]. This | |||
| digest-algorithm is now vulnerable to collision attacks. See | digest-algorithm is now vulnerable to collision attacks. See | |||
| [NO-SHA1] and [IACR-2020-014]. | [NO-SHA1] and [IACR-2020-014]. | |||
| * Reference: [RFC3174], [RFC6234], [RFC4648], this document. | * Reference: [RFC3174], [RFC6234], [RFC4648], this document. | |||
| * Status: deprecated | * Status: insecure | |||
| unixsum | unixsum | |||
| * Digest Algorithm: unixsum | * Digest Algorithm: unixsum | |||
| * Description: The algorithm computed by the UNIX "sum" command, | * Description: The algorithm computed by the UNIX "sum" command, | |||
| as defined by the Single UNIX Specification, Version 2 [UNIX]. | as defined by the Single UNIX Specification, Version 2 [UNIX]. | |||
| The output of this algorithm is an ASCII decimal-digit string | The output of this algorithm is an ASCII decimal-digit string | |||
| representing the 16-bit checksum, which is the first word of | representing the 16-bit checksum, which is the first word of | |||
| the output of the UNIX "sum" command. | the output of the UNIX "sum" command. | |||
| * Reference: [UNIX], this document. | * Reference: [UNIX], this document. | |||
| * Status: deprecated | * Status: insecure | |||
| unixcksum | unixcksum | |||
| * Digest Algorithm: unixcksum | * Digest Algorithm: unixcksum | |||
| * Description: The algorithm computed by the UNIX "cksum" | * Description: The algorithm computed by the UNIX "cksum" | |||
| command, as defined by the Single UNIX Specification, Version 2 | command, as defined by the Single UNIX Specification, Version 2 | |||
| [UNIX]. The output of this algorithm is an ASCII digit string | [UNIX]. The output of this algorithm is an ASCII digit string | |||
| representing the 32-bit CRC, which is the first word of the | representing the 32-bit CRC, which is the first word of the | |||
| output of the UNIX "cksum" command. | output of the UNIX "cksum" command. | |||
| * Reference: [UNIX], this document. | * Reference: [UNIX], this document. | |||
| * Status: deprecated | * Status: insecure | |||
| adler32 | adler32 | |||
| * Digest Algorithm: adler32 | * Digest Algorithm: adler32 | |||
| * Description: The ADLER32 algorithm is a checksum specified in | * Description: The ADLER32 algorithm is a checksum specified in | |||
| [RFC1950] "ZLIB Compressed Data Format". The 32-bit output is | [RFC1950] "ZLIB Compressed Data Format". The 32-bit output is | |||
| encoded in hexadecimal (using between 1 and 8 ASCII characters | encoded in hexadecimal (using between 1 and 8 ASCII characters | |||
| from 0-9, A-F, and a-f; leading 0's are allowed). For example, | from 0-9, A-F, and a-f; leading 0's are allowed). For example, | |||
| adler32=03da0195 and adler32=3DA0195 are both valid checksums | adler32=03da0195 and adler32=3DA0195 are both valid checksums | |||
| for the 4-byte message "Wiki". This algorithm is obsoleted and | for the 4-byte message "Wiki". This algorithm is obsoleted and | |||
| SHOULD NOT be used. | SHOULD NOT be used. | |||
| * Reference: [RFC1950], this document. | * Reference: [RFC1950], this document. | |||
| * Status: deprecated | * Status: insecure | |||
| crc32c | crc32c | |||
| * Digest Algorithm: crc32c | * Digest Algorithm: crc32c | |||
| * Description: The CRC32c algorithm is a 32-bit cyclic redundancy | * Description: The CRC32c algorithm is a 32-bit cyclic redundancy | |||
| check. It achieves a better hamming distance (for better | check. It achieves a better hamming distance (for better | |||
| error-detection performance) than many other 32-bit CRC | error-detection performance) than many other 32-bit CRC | |||
| functions. Other places it is used include iSCSI and SCTP. | functions. Other places it is used include iSCSI and SCTP. | |||
| The 32-bit output is encoded in hexadecimal (using between 1 | The 32-bit output is encoded in hexadecimal (using between 1 | |||
| and 8 ASCII characters from 0-9, A-F, and a-f; leading 0's are | and 8 ASCII characters from 0-9, A-F, and a-f; leading 0's are | |||
| allowed). For example, crc32c=0a72a4df and crc32c=A72A4DF are | allowed). For example, crc32c=0a72a4df and crc32c=A72A4DF are | |||
| both valid checksums for the 3-byte message "dog". | both valid checksums for the 3-byte message "dog". | |||
| * Reference: [RFC4960] appendix B, this document. | * Reference: [RFC4960] appendix B, this document. | |||
| * Status: deprecated. | * Status: insecure | |||
| To allow sender and recipient to provide a checksum which is | ||||
| independent from Content-Encoding, the following additional digest- | ||||
| algorithms are defined: | ||||
| id-sha-512 | ||||
| * Description: The sha-512 digest of the representation data of | ||||
| the resource when no content coding is applied | ||||
| * Reference: [RFC6234], [RFC4648], this document. | ||||
| * Status: standard | ||||
| id-sha-256 | ||||
| * Description: The sha-256 digest of the representation data of | ||||
| the resource when no content coding is applied | ||||
| * Reference: [RFC6234], [RFC4648], this document. | ||||
| * Status: standard | ||||
| 7. Using Digest in State-Changing Requests | 7. Using Digest in State-Changing Requests | |||
| When the representation enclosed in a state-changing request does not | When the representation enclosed in a state-changing request does not | |||
| describe the target resource, the representation digest MUST be | describe the target resource, the representation digest MUST be | |||
| computed on the representation-data. This is the only possible | computed on the representation-data. This is the only possible | |||
| choice because representation digest requires complete representation | choice because representation digest requires complete representation | |||
| metadata (see Section 2). | metadata (see Section 2). | |||
| In responses, | In responses, | |||
| skipping to change at page 14, line 20 ¶ | skipping to change at page 14, line 15 ¶ | |||
| 8.2. Digest for End-to-End Integrity | 8.2. Digest for End-to-End Integrity | |||
| Digest fields can help detect representation data or content | Digest fields can help detect representation data or content | |||
| modification due to implementation errors, undesired "transforming | modification due to implementation errors, undesired "transforming | |||
| proxies" (see Section 7.7 of [SEMANTICS]) or other actions as the | proxies" (see Section 7.7 of [SEMANTICS]) or other actions as the | |||
| data passes across multiple hops or system boundaries. Even a simple | data passes across multiple hops or system boundaries. Even a simple | |||
| mechanism for end-to-end representation data integrity is valuable | mechanism for end-to-end representation data integrity is valuable | |||
| because user-agent can validate that resource retrieval succeeded | because user-agent can validate that resource retrieval succeeded | |||
| before handing off to a HTML parser, video player etc. for parsing. | before handing off to a HTML parser, video player etc. for parsing. | |||
| Identity digest-algorithms (e.g. "id-sha-256" and "id-sha-512") are | ||||
| particularly useful for end-to-end integrity because they allow | ||||
| piecing together a resource from different sources with different | ||||
| HTTP messaging characteristics. For example, different servers that | ||||
| apply different content codings. | ||||
| Note that using digest fields alone does not provide end-to-end | Note that using digest fields alone does not provide end-to-end | |||
| integrity of HTTP messages over multiple hops, since metadata could | integrity of HTTP messages over multiple hops, since metadata could | |||
| be manipulated at any stage. Methods to protect metadata are | be manipulated at any stage. Methods to protect metadata are | |||
| discussed in Section 8.3. | discussed in Section 8.3. | |||
| 8.3. Usage in Signatures | 8.3. Usage in Signatures | |||
| Digital signatures are widely used together with checksums to provide | Digital signatures are widely used together with checksums to provide | |||
| the certain identification of the origin of a message [NIST800-32]. | the certain identification of the origin of a message [NIST800-32]. | |||
| Such signatures can protect one or more HTTP fields and there are | Such signatures can protect one or more HTTP fields and there are | |||
| skipping to change at page 15, line 31 ¶ | skipping to change at page 15, line 23 ¶ | |||
| the trailer section prevents digest validation, possibly leading to | the trailer section prevents digest validation, possibly leading to | |||
| processing of invalid data. | processing of invalid data. | |||
| Not every digest-algorithm is suitable for use in the trailer | Not every digest-algorithm is suitable for use in the trailer | |||
| section, some may require to pre-process the whole payload before | section, some may require to pre-process the whole payload before | |||
| sending a message (e.g. see [I-D.thomson-http-mice]). | sending a message (e.g. see [I-D.thomson-http-mice]). | |||
| 8.5. Usage with Encryption | 8.5. Usage with Encryption | |||
| Digest fields may expose details of encrypted payload when the | Digest fields may expose details of encrypted payload when the | |||
| checksum is computed on the unencrypted data. For example, the use | checksum is computed on the unencrypted data. | |||
| of the "id-sha-256" digest-algorithm in conjunction with the | ||||
| encrypted content-coding [RFC8188]. | ||||
| The checksum of an encrypted payload can change between different | The checksum of an encrypted payload can change between different | |||
| messages depending on the encryption algorithm used; in those cases | messages depending on the encryption algorithm used; in those cases | |||
| its value could not be used to provide a proof of integrity "at rest" | its value could not be used to provide a proof of integrity "at rest" | |||
| unless the whole (e.g. encoded) content is persisted. | unless the whole (e.g. encoded) content is persisted. | |||
| 8.6. Algorithm Agility | 8.6. Algorithm Agility | |||
| The security properties of digest-algorithms are not fixed. | The security properties of digest-algorithms are not fixed. | |||
| Algorithm Agility (see [RFC7696]) is achieved by providing | Algorithm Agility (see [RFC7696]) is achieved by providing | |||
| implementations with flexibility choose digest-algorithms from the | implementations with flexibility choose digest-algorithms from the | |||
| IANA Digest Algorithm Values registry in Section 9.1. | IANA Digest Algorithm Values registry in Section 9.1. | |||
| To help endpoints distinguish weaker algorithms from stronger ones, | To help endpoints distinguish weaker algorithms from stronger ones, | |||
| this document adds to the IANA Digest Algorithm Values registry a new | this document adds to the IANA Digest Algorithm Values registry a new | |||
| "Status" field containing the most recent appraisal of the digest- | "Status" field containing the most recent appraisal of the digest- | |||
| algorithm. | algorithm. | |||
| An endpoint might have a preference for algorithms, such as | An endpoint might have a preference for algorithms, such as | |||
| preferring "standard" algorithms over "deprecated" ones. Transition | preferring "standard" algorithms over "insecure" ones. Transition | |||
| from weak algorithms is supported by negotiation of digest-algorithm | from weak algorithms is supported by negotiation of digest-algorithm | |||
| using Want-Digest or Want-Content-Digest (see Section 5) or by | using Want-Digest or Want-Content-Digest (see Section 5) or by | |||
| sending multiple representation-data-digest values from which the | sending multiple representation-data-digest values from which the | |||
| receiver chooses. Endpoints are advised that sending multiple values | receiver chooses. Endpoints are advised that sending multiple values | |||
| consumes resources, which may be wasted if the receiver ignores them | consumes resources, which may be wasted if the receiver ignores them | |||
| (see Section 3). | (see Section 3). | |||
| 8.7. Duplicate digest-algorithm in field value | 8.7. Duplicate digest-algorithm in field value | |||
| An endpoint might receive multiple representation-data-digest values | An endpoint might receive multiple representation-data-digest values | |||
| skipping to change at page 17, line 26 ¶ | skipping to change at page 17, line 15 ¶ | |||
| * Reference: Section 9.2 of this document, Section 5 of [RFC3230]. | * Reference: Section 9.2 of this document, Section 5 of [RFC3230]. | |||
| * Status: obsoleted | * Status: obsoleted | |||
| 9.3. Changes Compared to RFC3230 | 9.3. Changes Compared to RFC3230 | |||
| The contentMD5 digest-algorithm token defined in Section 5 of | The contentMD5 digest-algorithm token defined in Section 5 of | |||
| [RFC3230] has been added to the HTTP Digest Algorithm Values Registry | [RFC3230] has been added to the HTTP Digest Algorithm Values Registry | |||
| with the "obsoleted" status. | with the "obsoleted" status. | |||
| All digest-algorithms defined in [RFC3230] are now "deprecated". | All digest-algorithms defined in [RFC3230] are now "insecure". | |||
| 9.4. Changes Compared to RFC5843 | 9.4. Changes Compared to RFC5843 | |||
| The digest-algorithm tokens for "MD5", "SHA", "SHA-256", "SHA-512" | The digest-algorithm tokens for "MD5", "SHA", "SHA-256", "SHA-512" | |||
| have been updated to lowercase. | have been updated to lowercase. | |||
| The status of "MD5" and "SHA" has been updated to "deprecated", and | The status of "MD5" and "SHA" has been updated to "insecure", and | |||
| their description has been modified accordingly. | their description has been modified accordingly. | |||
| The "id-sha-256" and "id-sha-512" algorithms have been added to the | ||||
| registry. | ||||
| 9.5. Want-Digest Field Registration | 9.5. Want-Digest Field Registration | |||
| This section registers the Want-Digest field in the "Hypertext | This section registers the Want-Digest field in the "Hypertext | |||
| Transfer Protocol (HTTP) Field Name Registry" [SEMANTICS]. | Transfer Protocol (HTTP) Field Name Registry" [SEMANTICS]. | |||
| Field name: Want-Digest | Field name: Want-Digest | |||
| Status: permanent | Status: permanent | |||
| Specification document(s): Section 5 of this document | Specification document(s): Section 5 of this document | |||
| skipping to change at page 21, line 48 ¶ | skipping to change at page 21, line 27 ¶ | |||
| [RFC7696] Housley, R., "Guidelines for Cryptographic Algorithm | [RFC7696] Housley, R., "Guidelines for Cryptographic Algorithm | |||
| Agility and Selecting Mandatory-to-Implement Algorithms", | Agility and Selecting Mandatory-to-Implement Algorithms", | |||
| BCP 201, RFC 7696, DOI 10.17487/RFC7696, November 2015, | BCP 201, RFC 7696, DOI 10.17487/RFC7696, November 2015, | |||
| <https://www.rfc-editor.org/rfc/rfc7696>. | <https://www.rfc-editor.org/rfc/rfc7696>. | |||
| [RFC7807] Nottingham, M. and E. Wilde, "Problem Details for HTTP | [RFC7807] Nottingham, M. and E. Wilde, "Problem Details for HTTP | |||
| APIs", RFC 7807, DOI 10.17487/RFC7807, March 2016, | APIs", RFC 7807, DOI 10.17487/RFC7807, March 2016, | |||
| <https://www.rfc-editor.org/rfc/rfc7807>. | <https://www.rfc-editor.org/rfc/rfc7807>. | |||
| [RFC8188] Thomson, M., "Encrypted Content-Encoding for HTTP", | ||||
| RFC 8188, DOI 10.17487/RFC8188, June 2017, | ||||
| <https://www.rfc-editor.org/rfc/rfc8188>. | ||||
| Appendix A. Resource Representation and Representation-Data | Appendix A. Resource Representation and Representation-Data | |||
| The following examples show how representation metadata, payload | The following examples show how representation metadata, payload | |||
| transformations and method impacts on the message and content. When | transformations and method impacts on the message and content. When | |||
| the content contains non-printable characters (e.g. when it is | the content contains non-printable characters (e.g. when it is | |||
| compressed) it is shown as a Base64-encoded string. | compressed) it is shown as a Base64-encoded string. | |||
| PUT /entries/1234 HTTP/1.1 | PUT /entries/1234 HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Content-Type: application/json | Content-Type: application/json | |||
| skipping to change at page 27, line 5 ¶ | skipping to change at page 26, line 30 ¶ | |||
| {"hello": "world"} | {"hello": "world"} | |||
| HTTP/1.1 204 No Content | HTTP/1.1 204 No Content | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Content-Encoding: br | Content-Encoding: br | |||
| Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo= | Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo= | |||
| Figure 18: Empty response with Digest | Figure 18: Empty response with Digest | |||
| B.6. Client and Server Provide Full Representation Data, Client Uses | B.6. Client and Server Provide Full Representation Data | |||
| id-sha-256. | ||||
| The response contains two digest values: | ||||
| * one with no content coding applied, which in this case | ||||
| accidentally matches the unencoded digest-value sent in the | ||||
| request; | ||||
| * one taking into account the Content-Encoding. | The response contains two digest values using different algorithms. | |||
| As the response body contains non-printable characters, it is | As the response body contains non-printable characters, it is | |||
| displayed as a base64-encoded string. | displayed as a base64-encoded string. | |||
| PUT /items/123 HTTP/1.1 | PUT /items/123 HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Accept-Encoding: br | Accept-Encoding: br | |||
| Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | |||
| {"hello": "world"} | {"hello": "world"} | |||
| Figure 19: PUT Request with Digest | Figure 19: PUT Request with Digest | |||
| HTTP/1.1 200 OK | HTTP/1.1 200 OK | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Content-Encoding: br | Content-Encoding: br | |||
| Content-Location: /items/123 | Content-Location: /items/123 | |||
| Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | Digest: sha-256=4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo=, | |||
| id-sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | sha-512=pxo7aYzcGI88pnDnoSmAnaOEVys0MABhgvHY9+VI+ElE6 | |||
| 0jBCwnMPyA/s3NF3ZO5oIWA7lf8ukk+\n5KJzm3p5og== | ||||
| iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | iwiAeyJoZWxsbyI6ICJ3b3JsZCJ9Aw== | |||
| Figure 20: Response with Digest of Encoded Content | Figure 20: Response with Digest of Encoded Content | |||
| B.7. POST Response does not Reference the Request URI | B.7. POST Response does not Reference the Request URI | |||
| The request Digest field-value is computed on the enclosed | The request Digest field-value is computed on the enclosed | |||
| representation (see Section 7). | representation (see Section 7). | |||
| skipping to change at page 28, line 20 ¶ | skipping to change at page 27, line 41 ¶ | |||
| Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | |||
| {"title": "New Title"} | {"title": "New Title"} | |||
| Figure 21: POST Request with Digest | Figure 21: POST Request with Digest | |||
| HTTP/1.1 201 Created | HTTP/1.1 201 Created | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Content-Location: /books/123 | Content-Location: /books/123 | |||
| Location: /books/123 | Location: /books/123 | |||
| Digest: id-sha-256=yxOAqEeoj+reqygSIsLpT0LhumrNkIds5uLKtmdLyYE= | Digest: sha-256=yxOAqEeoj+reqygSIsLpT0LhumrNkIds5uLKtmdLyYE= | |||
| { | { | |||
| "id": "123", | "id": "123", | |||
| "title": "New Title" | "title": "New Title" | |||
| } | } | |||
| Figure 22: Response with Digest of Resource | Figure 22: Response with Digest of Resource | |||
| Note that a 204 No Content response without content but with the same | Note that a 204 No Content response without content but with the same | |||
| Digest field-value would have been legitimate too. In that case, | Digest field-value would have been legitimate too. In that case, | |||
| skipping to change at page 29, line 4 ¶ | skipping to change at page 28, line 24 ¶ | |||
| by Location. | by Location. | |||
| POST /books HTTP/1.1 | POST /books HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Accept: application/json | Accept: application/json | |||
| Accept-Encoding: identity | Accept-Encoding: identity | |||
| Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | |||
| {"title": "New Title"} | {"title": "New Title"} | |||
| Figure 23: POST Request with Digest | Figure 23: POST Request with Digest | |||
| HTTP/1.1 201 Created | HTTP/1.1 201 Created | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Digest: id-sha-256=2LBp5RKZGpsSNf8BPXlXrX4Td4Tf5R5bZ9z7kdi5VvY= | Digest: sha-256=2LBp5RKZGpsSNf8BPXlXrX4Td4Tf5R5bZ9z7kdi5VvY= | |||
| Location: /books/123 | Location: /books/123 | |||
| { | { | |||
| "status": "created", | "status": "created", | |||
| "id": "123", | "id": "123", | |||
| "ts": 1569327729, | "ts": 1569327729, | |||
| "instance": "/books/123" | "instance": "/books/123" | |||
| } | } | |||
| Figure 24: Response with Digest of Representation | Figure 24: Response with Digest of Representation | |||
| skipping to change at page 30, line 7 ¶ | skipping to change at page 29, line 21 ¶ | |||
| Accept: application/json | Accept: application/json | |||
| Accept-Encoding: identity | Accept-Encoding: identity | |||
| Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | Digest: sha-256=bWopGGNiZtbVgHsG+I4knzfEJpmmmQHf7RHDXA3o1hQ= | |||
| {"title": "New Title"} | {"title": "New Title"} | |||
| Figure 25: PATCH Request with Digest | Figure 25: PATCH Request with Digest | |||
| HTTP/1.1 200 OK | HTTP/1.1 200 OK | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Digest: id-sha-256=yxOAqEeoj+reqygSIsLpT0LhumrNkIds5uLKtmdLyYE= | Digest: sha-256=yxOAqEeoj+reqygSIsLpT0LhumrNkIds5uLKtmdLyYE= | |||
| { | { | |||
| "id": "123", | "id": "123", | |||
| "title": "New Title" | "title": "New Title" | |||
| } | } | |||
| Figure 26: Response with Digest of Representation | Figure 26: Response with Digest of Representation | |||
| Note that a 204 No Content response without content but with the same | Note that a 204 No Content response without content but with the same | |||
| Digest field-value would have been legitimate too. | Digest field-value would have been legitimate too. | |||
| skipping to change at page 32, line 15 ¶ | skipping to change at page 31, line 37 ¶ | |||
| HTTP/1.1 200 OK | HTTP/1.1 200 OK | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | Digest: sha-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | |||
| {"hello": "world"} | {"hello": "world"} | |||
| Figure 31: Response with Different Algorithm | Figure 31: Response with Different Algorithm | |||
| C.2. Server Selects Algorithm Unsupported by Client | C.2. Server Selects Algorithm Unsupported by Client | |||
| The client requests a "sha" digest only. The server is currently | The client requests a only "sha" digest because that is the only | |||
| free to reply with a Digest containing an unsupported algorithm. | algorithm it supports. The server is not obliged to produce a | |||
| response containing a "sha" digest, it instead uses a different | ||||
| algorithm. | ||||
| GET /items/123 HTTP/1.1 | GET /items/123 HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Want-Digest: sha;q=1 | Want-Digest: sha;q=1 | |||
| Figure 32: GET Request with Want-Digest | Figure 32: GET Request with Want-Digest | |||
| HTTP/1.1 200 OK | HTTP/1.1 200 OK | |||
| Content-Type: application/json | Content-Type: application/json | |||
| Digest: id-sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | Digest: sha-512=WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm | |||
| +AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | +AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew== | |||
| {"hello": "world"} | {"hello": "world"} | |||
| Figure 33: Response with Unsupported Algorithm | Figure 33: Response with Unsupported Algorithm | |||
| C.3. Server Does Not Support Client Algorithm and Returns an Error | C.3. Server Does Not Support Client Algorithm and Returns an Error | |||
| The client requests a "sha" Digest, the server advises "sha-256" and | Appendix C.2 is an example where a server ignores the client's | |||
| "sha-512". | preferred digest algorithm. Alternatively a server can also reject | |||
| the request and return an error. | ||||
| In this example, the client requests a "sha" Digest, and the server | ||||
| returns an error with problem details [RFC7807] contained in the | ||||
| content. The problem details contain a list of the digest algorithms | ||||
| that the server supports. This is purely an example, this | ||||
| specification does not define any format or requirements for such | ||||
| content. | ||||
| GET /items/123 HTTP/1.1 | GET /items/123 HTTP/1.1 | |||
| Host: foo.example | Host: foo.example | |||
| Want-Digest: sha;q=1 | Want-Digest: sha;q=1 | |||
| Figure 34: GET Request with Want-Digest | Figure 34: GET Request with Want-Digest | |||
| HTTP/1.1 400 Bad Request | HTTP/1.1 400 Bad Request | |||
| Want-Digest: sha-256, sha-512 | Content-Type: application/problem+json | |||
| Figure 35: Response with Want-Digest | ||||
| Appendix D. Changes from RFC3230 | ||||
| D.1. Deprecate Negotiation of Content-MD5 | ||||
| This RFC deprecates the negotiation of Content-MD5 as it has been | ||||
| obsoleted by [RFC7231]. | ||||
| See Section 4 for a new checksum negotiation mechanism for HTTP | ||||
| message content. | ||||
| D.2. Obsolete Digest Field Parameters | ||||
| Sections 4.1.1 and 4.2 of [RFC3230] defined field parameters. This | ||||
| document obsoletes the usage of parameters with Digest because this | ||||
| feature has not been widely deployed and complicates field-value | ||||
| processing. | ||||
| [RFC3230] intended field parameters to provide a common way to attach | { | |||
| additional information to a representation-data-digest. However, if | "title": "Bad Request", | |||
| parameters are used as an input to validate the checksum, an attacker | "detail": "Supported digest-algorithms: sha-256, sha-512", | |||
| could alter them to steer the validation behavior. | "status": 400 | |||
| } | ||||
| A digest-algorithm can still be parameterized by defining its own way | Figure 35: Response advertising the supported algorithms | |||
| to encode parameters into the representation-data-digest, in such a | ||||
| way as to mitigate security risks related to its computation. | ||||
| Acknowledgements | Acknowledgements | |||
| The vast majority of this document is inherited from [RFC3230], so | The vast majority of this document is inherited from [RFC3230], so | |||
| thanks to J. Mogul and A. Van Hoff for their great work. The | thanks to J. Mogul and A. Van Hoff for their great work. The | |||
| original idea of refreshing this document arose from an interesting | original idea of refreshing this document arose from an interesting | |||
| discussion with M. Nottingham, J. Yasskin and M. Thomson when | discussion with M. Nottingham, J. Yasskin and M. Thomson when | |||
| reviewing the MICE content coding. | reviewing the MICE content coding. | |||
| Thanks to Julian Reschke for his valuable contributions to this | Thanks to Julian Reschke for his valuable contributions to this | |||
| skipping to change at page 34, line 32 ¶ | skipping to change at page 33, line 48 ¶ | |||
| encoding. | encoding. | |||
| 5. Why remove references to Digest Authentication? | 5. Why remove references to Digest Authentication? | |||
| This specification seems to me completely unrelated to Digest | This specification seems to me completely unrelated to Digest | |||
| Authentication but for the word "Digest". | Authentication but for the word "Digest". | |||
| 6. What changes in Want-Digest? | 6. What changes in Want-Digest? | |||
| The contentMD5 token defined in Section 5 of [RFC3230] is | The contentMD5 token defined in Section 5 of [RFC3230] is | |||
| deprecated by Appendix D.1. | deprecated by this document. | |||
| To clarify that Digest and Want-Digest can be used in both | To clarify that Digest and Want-Digest can be used in both | |||
| requests and responses - [RFC3230] carefully uses sender and | requests and responses - [RFC3230] carefully uses sender and | |||
| receiver in their definition - we added examples on using Want- | receiver in their definition - we added examples on using Want- | |||
| Digest in responses to advertise the supported digest-algorithms | Digest in responses to advertise the supported digest-algorithms | |||
| and the inability to accept requests with unsupported digest- | and the inability to accept requests with unsupported digest- | |||
| algorithms. | algorithms. | |||
| 7. Does this specification change supported algorithms? | 7. Does this specification change supported algorithms? | |||
| Yes. This RFC updates [RFC5843] which is still delegated for all | Yes. This RFC updates [RFC5843] which is still delegated for all | |||
| algorithms updates, and adds two more algorithms: "id-sha-256" | algorithms updates. To simplify a future transition to | |||
| and "id-sha-512" which allows to send a checksum of a resource | Structured Fields [I-D.ietf-httpbis-header-structure] we suggest | |||
| representation with no content codings applied. To simplify a | to use lowercase for digest-algorithms. | |||
| future transition to Structured Fields | ||||
| [I-D.ietf-httpbis-header-structure] we suggest to use lowercase | ||||
| for digest-algorithms. | ||||
| 8. What about mid-stream trailer fields? | 8. What about mid-stream trailer fields? | |||
| While mid-stream trailer fields (https://github.com/httpwg/http- | While mid-stream trailer fields (https://github.com/httpwg/http- | |||
| core/issues/313#issuecomment-584389706) are interesting, since | core/issues/313#issuecomment-584389706) are interesting, since | |||
| this specification is a rewrite of [RFC3230] we do not think we | this specification is a rewrite of [RFC3230] we do not think we | |||
| should face that. As a first thought, nothing in this document | should face that. As a first thought, nothing in this document | |||
| precludes future work that would find a use for mid-stream | precludes future work that would find a use for mid-stream | |||
| trailers, for example an incremental digest-algorithm. A | trailers, for example an incremental digest-algorithm. A | |||
| document defining such a digest-algorithm is best positioned to | document defining such a digest-algorithm is best positioned to | |||
| describe how it is used. | describe how it is used. | |||
| Code Samples | Code Samples | |||
| skipping to change at page 36, line 5 ¶ | skipping to change at page 35, line 5 ¶ | |||
| How can I generate and validate the Digest values shown in the | How can I generate and validate the Digest values shown in the | |||
| examples throughout this document? | examples throughout this document? | |||
| The following python3 code can be used to generate digests for JSON | The following python3 code can be used to generate digests for JSON | |||
| objects using SHA algorithms for a range of encodings. Note that | objects using SHA algorithms for a range of encodings. Note that | |||
| these are formatted as base64. This function could be adapted to | these are formatted as base64. This function could be adapted to | |||
| other algorithms and should take into account their specific | other algorithms and should take into account their specific | |||
| formatting rules. | formatting rules. | |||
| import base64, json, hashlib, brotli, logging | import base64, json, hashlib, brotli, logging | |||
| log = logging.getLogger() | log = logging.getLogger() | |||
| def encode_item(item, encoding=lambda x: x): | def encode_item(item, encoding=lambda x: x): | |||
| indent = 2 if isinstance(item, dict) and len(item) > 1 else None | indent = 2 if isinstance(item, dict) and len(item) > 1 else None | |||
| json_bytes = json.dumps(item, indent=indent).encode() | json_bytes = json.dumps(item, indent=indent).encode() | |||
| return encoding(json_bytes) | return encoding(json_bytes) | |||
| def digest_bytes(bytes_, algorithm=hashlib.sha256): | def digest_bytes(bytes_, algorithm=hashlib.sha256): | |||
| checksum_bytes = algorithm(bytes_).digest() | checksum_bytes = algorithm(bytes_).digest() | |||
| log.warning("Log bytes: \n[%r]", bytes_) | log.warning("Log bytes: \n[%r]", bytes_) | |||
| return base64.encodebytes(checksum_bytes).strip() | return base64.encodebytes(checksum_bytes).strip() | |||
| def digest(item, encoding=lambda x: x, algorithm=hashlib.sha256): | def digest(item, encoding=lambda x: x, algorithm=hashlib.sha256): | |||
| content_encoded = encode_item(item, encoding) | content_encoded = encode_item(item, encoding) | |||
| return digest_bytes(content_encoded, algorithm) | return digest_bytes(content_encoded, algorithm) | |||
| item = {"hello": "world"} | item = {"hello": "world"} | |||
| print("Encoding | digest-algorithm | digest-value") | print("Encoding | digest-algorithm | digest-value") | |||
| print("Identity | sha256 |", digest(item)) | print("Identity | sha256 |", digest(item)) | |||
| # Encoding | digest-algorithm | digest-value | # Encoding | digest-algorithm | digest-value | |||
| # Identity | sha256 | X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | # Identity | sha256 | X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= | |||
| print("Encoding | digest-algorithm | digest-value") | print("Encoding | digest-algorithm | digest-value") | |||
| print("Brotli | sha256 |", digest(item, encoding=brotli.compress)) | print("Brotli | sha256 |", digest(item, encoding=brotli.compress)) | |||
| # Encoding | digest-algorithm | digest-value | # Encoding | digest-algorithm | digest-value | |||
| # Brotli | sha256 | 4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo= | # Brotli | sha256 | 4REjxQ4yrqUVicfSKYNO/cF9zNj5ANbzgDZt3/h3Qxo= | |||
| print("Encoding | digest-algorithm | digest-value") | print("Encoding | digest-algorithm | digest-value") | |||
| print("Identity | sha512 |", digest(item, algorithm=hashlib.sha512)) | print("Identity | sha512 |", digest(item, algorithm=hashlib.sha512)) | |||
| # Encoding | digest-algorithm | digest-value | print("Identity | sha512 |", digest(item, algorithm=hashlib.sha512, encoding=brotli.compress)) | |||
| # Identity | sha512 | b'WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm' | # Encoding | digest-algorithm | digest-value | |||
| # '+AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew==' | # Identity | sha512 | b'WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm' | |||
| # '+AbwAgBWnrIiYllu7BNNyealdVLvRwE\nmTHWXvJwew==' | ||||
| # Brotli | sha512 | b'pxo7aYzcGI88pnDnoSmAnaOEVys0MABhgvHY9+VI+ElE6' | ||||
| # '0jBCwnMPyA/s3NF3ZO5oIWA7lf8ukk+\n5KJzm3p5og==' | ||||
| Changes | Changes | |||
| _RFC Editor: Please remove this section before publication._ | _RFC Editor: Please remove this section before publication._ | |||
| Since draft-ietf-httpbis-digest-headers-06 | ||||
| * Remove id-sha-256 and id-sha-512 from the list of supported | ||||
| algorithms #855 | ||||
| Since draft-ietf-httpbis-digest-headers-05 | Since draft-ietf-httpbis-digest-headers-05 | |||
| * Reboot digest-algorithm values registry #1567 | * Reboot digest-algorithm values registry #1567 | |||
| * Add Content-Digest #1542 | * Add Content-Digest #1542 | |||
| * Remove SRI section #1478 | * Remove SRI section #1478 | |||
| Since draft-ietf-httpbis-digest-headers-04 | Since draft-ietf-httpbis-digest-headers-04 | |||
| * Improve SRI section #1354 | * Improve SRI section #1354 | |||
| * About duplicate digest-algorithms #1221 | * About duplicate digest-algorithms #1221 | |||
| * Improve security considerations #852 | * Improve security considerations #852 | |||
| End of changes. 69 change blocks. | ||||
| 181 lines changed or deleted | 148 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||