Adding more concrete guidance about digest processing and validation
Lucas Pardue <lucaspardue.24.7@gmail.com> Wed, 24 May 2023 16:22 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02D84C1CAB5D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 May 2023 09:22:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.75
X-Spam-Level:
X-Spam-Status: No, score=-2.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id McXAOm0GZ1oJ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 May 2023 09:22:04 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00EC8C17B34B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 24 May 2023 09:21:28 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1q1rCe-003kNl-8c for ietf-http-wg-dist@listhub.w3.org; Wed, 24 May 2023 16:19:08 +0000
Resent-Date: Wed, 24 May 2023 16:19:08 +0000
Resent-Message-Id: <E1q1rCe-003kNl-8c@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <lucaspardue.24.7@gmail.com>) id 1q1rCc-003kML-Rc for ietf-http-wg@listhub.w3.org; Wed, 24 May 2023 16:19:06 +0000
Received: from mail-oa1-x2e.google.com ([2001:4860:4864:20::2e]) by mimas.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <lucaspardue.24.7@gmail.com>) id 1q1rCc-001odS-PI for ietf-http-wg@w3.org; Wed, 24 May 2023 16:19:06 +0000
Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-19e68e38226so354681fac.3 for <ietf-http-wg@w3.org>; Wed, 24 May 2023 09:19:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1684945141; x=1687537141; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=bszaco26u77w0Q8L7RdBLqNzSlyvsoEH6NURb+mfSZk=; b=Re4m0zGxTK7WahvpD4XnvcT9h8T/k+jABsL+MKEub0CMFIti7YXazQsg02FRMN9n1Q 45oE02bvJHyQOGeCyLQPaKMqfP/5aKPHnrV6yBc2dzblHB2WweygxpVThaHhbUlgUCFL gOE6a8YN+QQohdaowA3Y2ZJyXh5SPv8fnoDZqQXpZVXJ5fFu+dBp+8AsztEdIvR7BkKa fNws2BySjnSsivPM7W6xuhjKWdL5MZFvFqD0q1YQr3S6G7WSlPLcWdU1TB9wfcxQ9bDT VGRPJQ7vLV+c+/8MTnzg54gUsekSYQweaC/gfQvNJqBhm8JQcMaKaFiPHob0xb5hxxIt MBTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684945141; x=1687537141; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=bszaco26u77w0Q8L7RdBLqNzSlyvsoEH6NURb+mfSZk=; b=B3LuRPYZ5TEz2Mg36OfFy32k4EnOZiTlAo3GSHVzZaysec5gXEQ7/ywq61GbYl+m/h qfXIs9uXpZkJB3We2FKH9LXy6wG9bQ/uVF+NkUSxxBSgE6nyKDNVjCCjykoMNwGfvEE/ AklkD+LVrKO01i82PTKleW+qMm+E8MAE0vngVrN0IY9h51s1NjX2jnMyWHvJypDGXme5 HPwpnQJNRt4ZyGaO54K+iJeIIpH8/PctiLLWJdBKBe/1fpyMIOZCALJjhSWcoUdGr/ao s3Cq+RQkO+wTD1tAq5Ij5o8d7mucKagIH3EuoSgAJgvixKxcFILY/lxWHOX5uf5xymf8 olrw==
X-Gm-Message-State: AC+VfDwwQ1tHIMliGAY8UWRkJ/ke/9AjpVTfIV0OFkEvG0qvlMN08UUq AMs7HR6kbQFd3hWkGoKbl0H2AwSVGqX+7lGWDAuO8+uBuEg=
X-Google-Smtp-Source: ACHHUZ5sOj4WX0zZyF1riXdqbazPIelYOUrvlIFHT3vxSz8MS8JYah+xgI/+yEJXeiZjNlfvnT3I4NK+q60ywYK3Q4U=
X-Received: by 2002:a05:6870:98a5:b0:192:8551:6d0f with SMTP id eg37-20020a05687098a500b0019285516d0fmr178383oab.29.1684945141263; Wed, 24 May 2023 09:19:01 -0700 (PDT)
MIME-Version: 1.0
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Wed, 24 May 2023 17:18:50 +0100
Message-ID: <CALGR9oYtnuXpyLsDq3i++p_Jfofz1=KZ9BzDrTkRJAUk+L5Gvw@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Cc: Roberto Polli <robipolli@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000009c720705fc72dc56"
Received-SPF: pass client-ip=2001:4860:4864:20::2e; envelope-from=lucaspardue.24.7@gmail.com; helo=mail-oa1-x2e.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=lucaspardue.24.7@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1q1rCc-001odS-PI 7f8018462f3d195acf6b318477691e5c
X-Original-To: ietf-http-wg@w3.org
Subject: Adding more concrete guidance about digest processing and validation
Archived-At: <https://www.w3.org/mid/CALGR9oYtnuXpyLsDq3i++p_Jfofz1=KZ9BzDrTkRJAUk+L5Gvw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51075
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi folks, During our IESG review of the Digest fields draft, Roman Danyliw raised some comments related to the expectations on receivers to validate digests. Roman has proposed some additional language for concrete guidance and I think this is good. Its effectively a restatement of something that was implicit, using normative language. As such I don't think this is a major change but I wanted to raise the visibility in the group in case anyone had any opinions. Please comment on the issue https://github.com/httpwg/http-extensions/issues/2557 or PR https://github.com/httpwg/http-extensions/pull/2558 Cheers Lucas
- Adding more concrete guidance about digest proces… Lucas Pardue