Re: Content-Integrity header
"Roy T. Fielding" <fielding@gbiv.com> Fri, 06 July 2012 20:04 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E6A211E810C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 6 Jul 2012 13:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.37
X-Spam-Level:
X-Spam-Status: No, score=-10.37 tagged_above=-999 required=5 tests=[AWL=0.229, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P2TmROMLsCb0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 6 Jul 2012 13:04:35 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id AC08111E80D6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 6 Jul 2012 13:04:30 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1SnEkM-0000CD-Iv for ietf-http-wg-dist@listhub.w3.org; Fri, 06 Jul 2012 20:03:22 +0000
Resent-Date: Fri, 06 Jul 2012 20:03:22 +0000
Resent-Message-Id: <E1SnEkM-0000CD-Iv@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <fielding@gbiv.com>) id 1SnEkF-0000BB-87 for ietf-http-wg@listhub.w3.org; Fri, 06 Jul 2012 20:03:15 +0000
Received: from caiajhbdcahe.dreamhost.com ([208.97.132.74] helo=homiemail-a84.g.dreamhost.com) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <fielding@gbiv.com>) id 1SnEkB-0006QP-Cw for ietf-http-wg@w3.org; Fri, 06 Jul 2012 20:03:14 +0000
Received: from homiemail-a84.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a84.g.dreamhost.com (Postfix) with ESMTP id 6A9861DE070; Fri, 6 Jul 2012 13:02:50 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gbiv.com; h=subject:mime-version :content-type:from:in-reply-to:date:cc:content-transfer-encoding :message-id:references:to; q=dns; s=gbiv.com; b=eAmKISMaom0LFWmP 2dbt3YlbwyIELD4Ns4hqC1ghMCToonjDKbC1wTCGCjuQx7agV/tOLFWT/qrg+z6M z7B4j4La8TY90QOTh4mlU4GYcjkzf9dD5B2Ful/xdNBgiB0ca1Dz8sTUi2VMsHGO MQ8DoBrZ3rWMRqG9vjIPNSBx0KQ=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gbiv.com; h=subject :mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=gbiv.com; bh=w6arVBo2GPPUky/sKhmjf1l422U=; b=j+Lfy0V14y/1dSsQRon3PoVoY8+r FZCFgRbnyBrGHAwHj61JRzJWcJaGwpzJtiZU7ixgbgSE6FH4Z41h8qIc2NG5CYLJ EgEtI5ECihEMaYISfnwwVECqsbCMmINtM98AxA9HrI5zjobdnTnb/VK6Y/1Dy7d4 45zp6bR+wau6ydw=
Received: from [192.168.1.84] (99-21-208-82.lightspeed.irvnca.sbcglobal.net [99.21.208.82]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: fielding@gbiv.com) by homiemail-a84.g.dreamhost.com (Postfix) with ESMTPSA id 3B0211DE060; Fri, 6 Jul 2012 13:02:50 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="iso-8859-1"
From: "Roy T. Fielding" <fielding@gbiv.com>
In-Reply-To: <CAMm+LwhYqO0NFxW6BnreaWB0TEhpW8nAMMy2YzobC429CmtqPA@mail.gmail.com>
Date: Fri, 06 Jul 2012 13:02:52 -0700
Cc: ietf-http-wg@w3.org
Content-Transfer-Encoding: 7bit
Message-Id: <6FAC5870-5A9D-48B0-9610-D5E6B3CBFA3B@gbiv.com>
References: <CAMm+LwhYqO0NFxW6BnreaWB0TEhpW8nAMMy2YzobC429CmtqPA@mail.gmail.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
X-Mailer: Apple Mail (2.1278)
Received-SPF: none client-ip=208.97.132.74; envelope-from=fielding@gbiv.com; helo=homiemail-a84.g.dreamhost.com
X-W3C-Hub-Spam-Status: No, score=-2.0
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001
X-W3C-Scan-Sig: lisa.w3.org 1SnEkB-0006QP-Cw 26856096a78a94b6617d36f2fbb60e1f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Content-Integrity header
Archived-At: <http://www.w3.org/mid/6FAC5870-5A9D-48B0-9610-D5E6B3CBFA3B@gbiv.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/14031
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On Jul 6, 2012, at 11:43 AM, Phillip Hallam-Baker wrote: > HTTP 1.0 specifies a header Content-MD5. Actually, HTTP/1.1 (draft-ietf-http-v11-spec-02.txt, April 1995). > This is a bad header for all sorts of reasons, not least that the > header was added despite the fact that I told people that MD5 had just > been severely compromised. Compromised in 1995? I don't think so, and certainly not in a way that would have effected a MIC for *accidental* modification (which is all it was intended to be). It was never intended for authentication because the field can be altered by an attacker just as easily as the content. > In particular there is only one digest > algorithm specified and no way to use others. Of course there is another way -- just define another field for that algorithm. Defining a new content-sha256 (or whatever) field is just as effective (and efficient) as trying to put all integrity checks into a single field with an alg parameter. Moreover, the new field definition could be used without worrying about all of the broken implementations of poorly defined integrity checks like content-md5. > A better approach would be: > > Content-Integrity: <base64-value> ;alg=<ID> That is another approach. It means that a recipient that only understands alg A has to parse each content-integrity field-value to look for a matching A parameter, as opposed to simply checking for the presence of a content-A field. It has benefit if we expect integrity checks to be performed by a multi-algo processor like openssl, but is a nuisance if we expect only one or two algorithms to be in common use at the same time. > For many Web Services, what we would like to do is to specify a MAC > rather than a digest and to use a preshared key identified by some > form of kerberos-like ticket. We don't need to specify the internal > structure of the ticket, just accept that we will have some sort of > key exchange service interaction at the end of which the client ends > up with a shared secret, an algorithm and an identifier that can be > passed to the service where the interaction takes place: > > Content-Integrity: <base64-value> ;ticket=<ticket-data> > > Note that the method of establishing that ticket in the first place is > out of scope for HTTP. Just think of it as something akin to a cookie. Why implement a MAC using the same field as a MIC? Digital signatures are much harder to implement. Why don't the existing digital signature mechanisms suffice? I know they haven't been deployed well for HTTP, but I don't know why other than the expired patents and chicken/egg problems. Why do you think a generic integrity check processor would want to implement anything that complex? I agree that some common Dsig standard is needed, and that a good way to do that is to simply assume that the shared key is already known via other means, but I don't see any need to tie that to a generic integrity check field when two different fields would be easier to define, argue, and implement. In any case, the hard part is deciding what content is included in the hash. Sometimes folks want to include the whole representation (as it exists at the source), others want to include only the payload of the current message, and still others want the payload and some odd set of header fields. And then we start talking about canonical forms, and pretty soon we are just sick of arguing about it and ship some gunk that doesn't actually solve a real problem. Trying to do everything at once is a recipe for madness. Just pick a very specific problem to solve, solve it the most efficient way for that problem, and use a field name specific to the solution. If it turns out to be useful beyond that, that's gravy. ....Roy
- Content-Integrity header Phillip Hallam-Baker
- Re: Content-Integrity header Poul-Henning Kamp
- Re: Content-Integrity header Roy T. Fielding
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Content-Integrity header James M Snell
- Re: Content-Integrity header Martin Thomson
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Content-Integrity header HAYASHI, Tatsuya
- Re: Content-Integrity header Amos Jeffries
- Re: Content-Integrity header Ludin, Stephen
- Re: Content-Integrity header Phillip Hallam-Baker
- Using HTTP Trailers [was: Content-Integrity heade… Mark Nottingham
- Re: Using HTTP Trailers [was: Content-Integrity h… James M Snell
- Re: Using HTTP Trailers [was: Content-Integrity h… Brian Pane
- Re: Using HTTP Trailers [was: Content-Integrity h… James M Snell
- Re: Content-Integrity header Yutaka OIWA
- Re: Using HTTP Trailers [was: Content-Integrity h… Zhong Yu
- Re: Using HTTP Trailers [was: Content-Integrity h… Wenbo Zhu
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Using HTTP Trailers [was: Content-Integrity h… Zhong Yu
- Re: Using HTTP Trailers [was: Content-Integrity h… Ludin, Stephen
- Re: Content-Integrity header Ludin, Stephen
- Re: Content-Integrity header Nico Williams
- Re: Using HTTP Trailers [was: Content-Integrity h… Zhong Yu
- Re: Content-Integrity header Phillip Hallam-Baker
- Re: Using HTTP Trailers [was: Content-Integrity h… Phillip Hallam-Baker
- Re: Content-Integrity header Nico Williams
- Re: Using HTTP Trailers [was: Content-Integrity h… Amos Jeffries
- Re: Using HTTP Trailers [was: Content-Integrity h… Zhong Yu
- Re: Using HTTP Trailers [was: Content-Integrity h… Amos Jeffries
- Re: Using HTTP Trailers [was: Content-Integrity h… Zhong Yu