digest headers after IETF106: Validators and State-Changing methods
Roberto Polli <robipolli@gmail.com> Mon, 25 November 2019 11:59 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D992112092A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 25 Nov 2019 03:59:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.752
X-Spam-Level:
X-Spam-Status: No, score=-2.752 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tt3wfXvypfER for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 25 Nov 2019 03:59:02 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50746120122 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 25 Nov 2019 03:59:02 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1iZCyX-0005kF-Vf for ietf-http-wg-dist@listhub.w3.org; Mon, 25 Nov 2019 11:56:18 +0000
Resent-Date: Mon, 25 Nov 2019 11:56:17 +0000
Resent-Message-Id: <E1iZCyX-0005kF-Vf@frink.w3.org>
Received: from mimas.w3.org ([2603:400a:ffff:804:801e:34:0:4f]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <robipolli@gmail.com>) id 1iZCyV-0005jb-95 for ietf-http-wg@listhub.w3.org; Mon, 25 Nov 2019 11:56:15 +0000
Received: from mail-vs1-xe35.google.com ([2607:f8b0:4864:20::e35]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <robipolli@gmail.com>) id 1iZCyT-0001lv-Ux for ietf-http-wg@w3.org; Mon, 25 Nov 2019 11:56:15 +0000
Received: by mail-vs1-xe35.google.com with SMTP id x21so9828739vsp.6 for <ietf-http-wg@w3.org>; Mon, 25 Nov 2019 03:56:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=0LQT/jYAHpkeq48ijHZgI0z8jxZSREAt2Or7BX4Sd64=; b=V9RRs99k0SP6DuBy+oSvfGMaWDo7j3wvbXsXiPo8ov4PwXFTVShc8Bg7Pel8tA6OUt zteQfxbhsuCgNe8ouQu1NilkgIPqCJ/sgFS3HRT2TcRYqBc5cpyrSAMvHaTSZNJwGG0a Mx6Vmo498X/7SJzNbs3Ru1AxQ3yopuhVX+GjQc0Vw22dKtQbfhrFqz2wiM9E0hLVpkyy wXiVmbJUBV6wJXtn5P3+LaUQyUcOluV3PPLe8OR6tyNVBU5UGSTxlQr5v5DPlRZrgYJh Ydwe6QkRKrZ2YcqS1jZSMrcDJsv9L/C2u+KjGS1ehUDMsJZ2Qepj2n38m+JD4BuVL9ou ZsYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=0LQT/jYAHpkeq48ijHZgI0z8jxZSREAt2Or7BX4Sd64=; b=XUfNagNcOO0nKTh6QYkZz4lS239frah9bRBnEIbh0PwtT+XhisFBfVAQfzhkfkUBWu hCFRoP49KPWu1dwffp2tb2g1kQ0N9zB8iNkZQtuzDK60XRd9tsfJuOliV67/d9OCm3Xg pTg/rAL30qB9lW15tx6ymVHiHi8OrhdoexylWDQYHGekIaunQwTu0tMvXl9GKi/e/kFM JqfQ/PFusG+ufYqXoi2H1RvblNzCwxOPvaOCbwZ45vtK0sOIQZW/7Mvqfmvxv+Po2LaF EDnwVrbcw27cmH9+pmcUU1w3yqzl0DnsVf3wXC/vJl+ylhRlAIMFKPtf14imY22JL/p/ gYLg==
X-Gm-Message-State: APjAAAU1NeMbM9uiLTlI7QEoXhUjI1RDkUX9jYOqiaOK4lQJmk5ExqJX UbtVFiws4A67Dz1kf5AOsPchplymZeqZabaUEDQylBD/TBI=
X-Google-Smtp-Source: APXvYqxtC9ZOie6T6adKI7OSPc8yLInSLkQCLUFtfYEkpG2xXEd2MVFpAOEUN4XvN3iSMM0tQNbUQn38kD5LVp1uvXo=
X-Received: by 2002:a67:fdd4:: with SMTP id l20mr18741914vsq.227.1574682972616; Mon, 25 Nov 2019 03:56:12 -0800 (PST)
MIME-Version: 1.0
From: Roberto Polli <robipolli@gmail.com>
Date: Mon, 25 Nov 2019 12:56:01 +0100
Message-ID: <CAP9qbHU4trWYmUqDtgi3yd6jBgfVYatrm+6AA3Q2NdS=eMg=Wg@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::e35; envelope-from=robipolli@gmail.com; helo=mail-vs1-xe35.google.com
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1iZCyT-0001lv-Ux 4d26ade15095199e1967d0ea31905c95
X-Original-To: ietf-http-wg@w3.org
Subject: digest headers after IETF106: Validators and State-Changing methods
Archived-At: <https://www.w3.org/mid/CAP9qbHU4trWYmUqDtgi3yd6jBgfVYatrm+6AA3Q2NdS=eMg=Wg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37187
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi @all, and thanks for all the feedback provided on digest-headers after IETF106. ## Items we need WG guidance to move on * Validators and Resources [0] [1] [2]: we need some help from editors to clarify the relations b/w validators and digest. * State-changing methods: we clarified Digest semantic for POST and PATCH. As 3230 states that digest is computed on complete representations we are not sure if we can extend this to all (eg. including future) methods which may convey partial representations. Here - https://httpwg.org/http-extensions/ioggstream-952/digest-headers.html#resource-representation we analyze the impacts of method (eg. HEAD), metadata (eg. content-type) and status code (eg. 204) on the payload body iiuc all those should be considered when discussing on digest. * BNF Parameters https://github.com/httpwg/http-extensions/issues/850 ## Quick win: * Relationship with SRI https://github.com/httpwg/http-extensions/issues/868 : @Martin if @Lucas 's considerations are enough for you, please close the issue you filed :) ## Closed after Singapore: * Digest of Empty Representation: closed :) https://github.com/httpwg/http-extensions/issues/849 ## Deferred - Use cases (drafted, to be done) - Usage in signatures (I strongly support this) - Threat model (deferred: maybe another I-D or dismiss) [0]: https://github.com/httpwg/http-extensions/issues/936 [1]: https://github.com/httpwg/http-extensions/issues/949 [2]: https://github.com/httpwg/wg-materials/blob/gh-pages/ietf106/minutes.md#issues-936937--discussion-of-how-validators-specify-a-resource
- digest headers after IETF106: Validators and Stat… Roberto Polli