Introducing Content-Digest in digest-headers
Roberto Polli <robipolli@gmail.com> Mon, 14 June 2021 12:51 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E9383A235D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 Jun 2021 05:51:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.75
X-Spam-Level:
X-Spam-Status: No, score=-2.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 72AtbnKszsLX for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 Jun 2021 05:51:36 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76E1C3A2345 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 14 Jun 2021 05:51:36 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lsm0x-00014C-UE for ietf-http-wg-dist@listhub.w3.org; Mon, 14 Jun 2021 12:48:29 +0000
Resent-Date: Mon, 14 Jun 2021 12:48:27 +0000
Resent-Message-Id: <E1lsm0x-00014C-UE@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <robipolli@gmail.com>) id 1lsm0R-00010H-Np for ietf-http-wg@listhub.w3.org; Mon, 14 Jun 2021 12:47:57 +0000
Received: from mail-il1-x132.google.com ([2607:f8b0:4864:20::132]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <robipolli@gmail.com>) id 1lsm09-0004gf-MI for ietf-http-wg@w3.org; Mon, 14 Jun 2021 12:47:47 +0000
Received: by mail-il1-x132.google.com with SMTP id d1so12049595ils.5 for <ietf-http-wg@w3.org>; Mon, 14 Jun 2021 05:47:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=rhHcS/0fLrj5yeohwo5CAvtuCwuRm5VS/VmiYNgV4bw=; b=oM9ONM1iEHDkPon3FsjoHay68gMc6jw0yCu2Qr+SS+tQUgT+E5QB/gRGwD/BYlQgbJ 5EfBefBcwekuS80QqykUH2bcf3WPBg/J0+zTJxnM/gGqw5hx2GVlw8ioqq3daHSkNLDB UnwiNNSHcmkejQAfFj/rZB8u7VdlUY26ltnracxqoPFr16WCKPNXaJgTxAI21RyQMc0Q SAYQ/cGacXWZpKszCAGR9A18ctoYLpnTN9y69imC+hHVCvss3DmBo6yX1KWasfj1FNFp W5OFIwlrqCcJ7KLp6VmhagXf3iBunCTBzE5zuM+u+2dyuEf4dmWT5Si7z6/9QtNR2MbG B34g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=rhHcS/0fLrj5yeohwo5CAvtuCwuRm5VS/VmiYNgV4bw=; b=Dr6QO169M4wmpQN5RIO2SrFU26wfQEI0mkJkLWbw3JiFfviIE1hjCR7LDJEK0iy5yG 8yrjC2zvOc5MQIucp5G+ZqoF3lDmg9KZhV7/XLKw9NeC9PO1e/VePdcpBKJowXgorRsg UE2gAtcONGZtnMtle3qTTCi7dTT+jZfRNTocYzMmTt1Na0o/QgADpiFQFKCe7JO/6SbG ZIvKt3h7419AmckV7MrGrwJN+p67u2vVrnKwk7697mM49K34BScgnxcE0qBbBKXZK9sK 3zt9o+i7ycJMVKHk/+sGW6fW1FqT2mKjoIie+y+WrnbeLfVJFhWJOm/XutL8bznGDXno 46Rw==
X-Gm-Message-State: AOAM530jAIXsFikRhJRn8iSzZw3+TtRO6ciop0RJZJsworaLIVerAu2q Qs9ca5hXZO0YS9rdPnuv5u2CMjAZWpabzrZmyztcM07fMAn/0w==
X-Google-Smtp-Source: ABdhPJzqice5xuj7/iINlZlCS5sKW4YKDirEw/43XvkOAQqiygkl0rq+dOpCf8ro1jgh823N0uFGYw7F4RQy7KiQGys=
X-Received: by 2002:a92:d681:: with SMTP id p1mr13797136iln.37.1623674846100; Mon, 14 Jun 2021 05:47:26 -0700 (PDT)
MIME-Version: 1.0
From: Roberto Polli <robipolli@gmail.com>
Date: Mon, 14 Jun 2021 14:47:15 +0200
Message-ID: <CAP9qbHWtXAEkbkfuxzbYnXZ4_EqMxfCM0t0i=GNjG9Q+ZUM04A@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>, Lucas Pardue <lucaspardue.24.7@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::132; envelope-from=robipolli@gmail.com; helo=mail-il1-x132.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=robipolli@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1lsm09-0004gf-MI 4eca80e88800a0bef0be4cd869c63ef3
X-Original-To: ietf-http-wg@w3.org
Subject: Introducing Content-Digest in digest-headers
Archived-At: <https://www.w3.org/mid/CAP9qbHWtXAEkbkfuxzbYnXZ4_EqMxfCM0t0i=GNjG9Q+ZUM04A@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38893
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Dear folks, since in the past meetings and on the list there was a demand for a checksum mechanism based on the actual data transferred on the wire (eg. the content) instead of the representation data, with Lucas we decided to create a PR introducing the `Content-Digest` field. @Lucas Pardue please feel free to integrate/clarify on everything. Implementers that don't care about partial representation and just want to implement a checksum mechanism eg. in a reverse proxy, might prefer Content-Digest. Implementers writing applications that need to verify the actual application data (e.g. the checksum of a pdf file after resuming a download) might prefer using Digest instead. Both fields are independent from each other, so it is legit to use both, though we don't know whether it's worth mentioning that in the spec. This is a preliminary PR that we want to present at tomorrow's meeting: clearly it needs further work. - https://github.com/httpwg/http-extensions/pull/1543/files This new field, with the same syntax and algorithms of `Digest` is thus computed on the actual content bits sent in the request or response. Here you can see a brief list of possibilities: 1. in the general case, eg. a simple GET, Digest and Content-Digest will convey the same values. 2. When partial representations are conveyed (eg. range-requests), Digest will contain the checksum of the whole representation-data, while Content-Digest will be computed on the actual exchanged bits. 3. For HEAD responses, Digest will convey the checksum of the selected representation data, while Content-Digest, since there's no content, will convey the checksum of an empty string. FYI interim slides are here: - https://docs.google.com/presentation/d/1W6Bc4G6OgkcMjuppOgjhynVF5wXsNG2RA2P_ZyMHYp4/edit#slide=id.gdc080ffd07_0_6 In the meantime, thanks to everyone for helping us in this long work, R.
- Introducing Content-Digest in digest-headers Roberto Polli