I-D Action: draft-hardt-httpbis-signature-key-03.txt
internet-drafts@ietf.org Sat, 04 April 2026 14:32 UTC
Received: by mail2.ietf.org (Postfix) id 102C7D66E31C; Sat, 4 Apr 2026 07:32:58 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id ED047D66E31B for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Sat, 4 Apr 2026 07:32:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1775313178; bh=h+UEfV/A3G/+GdKZ+xAuVw+ZqA6lqZkpB+VNF5SoQZY=; h=Resent-Date:From:To:Cc:Reply-To:Date:Subject:Resent-From: Resent-Sender:List-Id:List-Help:List-Post:List-Unsubscribe; b=IZBP8kznJehT+QZaIy72hGO0UyvSNlQugdK8vHjOg6r8ibWv5wcFh1Wu6F4zOWkA4 n45IdKPkSc7k+tLQn1gJfTRGA/2o/eN/NtcMM4VAYvWX422fQ4MHQA2jlEbbohB7ht TmY9BnbKRiUQLDRg32YUtIDAG0DM4On8XuD1GAZw=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -5.401
X-Spam-Level:
X-Spam-Status: No, score=-5.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="UkHOt9ul"; dkim=pass (2048-bit key) header.d=w3.org header.b="gbbeuaY8"; dkim=pass (1024-bit key) header.d=ietf.org header.b="mVbCwTfr"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2KRBn6q6dyYq for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Sat, 4 Apr 2026 07:32:57 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7C50ED66E312 for <httpbisa-archive-bis2Juki@ietf.org>; Sat, 4 Apr 2026 07:32:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Date:Message-ID:Reply-To:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=2MgA0tTuhLJJ1ZODqq28M9Hwx0ImWoI/i25d8G9Kg6Q=; b=U kHOt9ulKbnMXSM7LjNlO6vtvnlcNbuMMtMyynEKD9hkRa+/J18UVR+w1nTgU1c/zhRAz2WFROLO2F GRRpy5a+Tzu0z1X3HCgBSdBjF599OC6nzi+TGJL7cfJGFVGlv5OJFou+zlwR0+uylkGlO1qmi6tQp bD01EKFFKTb2EBzejZoNrYm21dHssQvndb6UGOaRfJ/4yklPEq+Z5T7Mr5jRYV9W1KAetVCr4eE35 OmEShvCtU92fBz5dSUmC9X7aD3aqfLsrVdBHIZDQeQSVdObmSV/cyx143FREuY2MhxxHIVucg7+TX N8Ht+c7WfVQZyExZahgwhakizV5Ugua5Q==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1w922Z-000AjT-0R for ietf-http-wg-dist@listhub.w3.org; Sat, 04 Apr 2026 14:31:59 +0000
Resent-Date: Sat, 04 Apr 2026 14:31:59 +0000
Resent-Message-Id: <E1w922Z-000AjT-0R@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <internet-drafts@ietf.org>) id 1w922X-000AiT-25 for ietf-http-wg@listhub.w3.internal; Sat, 04 Apr 2026 14:31:57 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Date:Message-ID:Reply-To:Subject:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=2MgA0tTuhLJJ1ZODqq28M9Hwx0ImWoI/i25d8G9Kg6Q=; t=1775313117; x=1776177117; b=gbbeuaY8DpvT64OVy0Cv8eThPqunIsB9wZOF8aAPzY6HHLH Q/POlozrxd8gJJtezW4KT0Zr03DArsMczwRyr2ZAht+VUzy0sAYgec3ExDVKgHoJeHKQqbh3/CUP9 /8nscLCBKjcu6n3iy+aeNgAoUYgMUfeuHoH14VTw5Ia9z3ZnyBjZr6YrjLuPm2HrnYVJ7rj5qCqlo g8NxP77azftHov0xk7Wbt5/DwCEkpVvx+RzRlAGoou4kYhpWdgmDi0wl04+wZcgiAr6u4luo0Y95r e8biJNm7vLKYwvMiuY9+Iaao3ORTjf3X+Ftjwy9wg+LHYpcIVIEMinL0vKexwI2w==;
Received-SPF: pass (puck.w3.org: domain of ietf.org designates 166.84.6.31 as permitted sender) client-ip=166.84.6.31; envelope-from=internet-drafts@ietf.org; helo=mail2.ietf.org;
Received: from mail2.ietf.org ([166.84.6.31]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <internet-drafts@ietf.org>) id 1w922W-005Jm2-31 for ietf-http-wg@w3.org; Sat, 04 Apr 2026 14:31:57 +0000
Received: from [10.244.6.96] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id A8E0DD66DAE8; Sat, 4 Apr 2026 07:31:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1775313113; bh=h+UEfV/A3G/+GdKZ+xAuVw+ZqA6lqZkpB+VNF5SoQZY=; h=From:To:Cc:Subject:Reply-To:Date; b=mVbCwTfr5q5mG65r5fyvIG5bpfr64Rd2eR4jgmF1XG6NWGR/6kZ/eWPCymYzukE2r fFuxEdodfTICkEg2CUZHU+P1Xt94K9aqGbefPmEYFaLSG04EABhesHWiDxKh9LJY8O tgp1XGmuSXaf2ZcUYS/A97STubPa2pDGGLAs/EJU=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: ietf-http-wg@w3.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.60.1
Auto-Submitted: auto-generated
Reply-To: ietf-http-wg@w3.org
Message-ID: <177531311360.409536.10172230711787997815@dt-datatracker-9dc8fdd9f-qcdj9>
Date: Sat, 04 Apr 2026 07:31:53 -0700
X-W3C-Hub-DKIM-Status: validation passed: (address=internet-drafts@ietf.org domain=ietf.org), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.6
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.54, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1w922W-005Jm2-31 1f59634735140d031aa656e30b871c53
X-Original-To: ietf-http-wg@w3.org
Subject: I-D Action: draft-hardt-httpbis-signature-key-03.txt
Archived-At: <https://www.w3.org/mid/177531311360.409536.10172230711787997815@dt-datatracker-9dc8fdd9f-qcdj9>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/53823
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Internet-Draft draft-hardt-httpbis-signature-key-03.txt is now available. It
is a work item of the HTTP (HTTPBIS) WG of the IETF.
Title: HTTP Signature-Key Header
Authors: Dick Hardt
Thibault Meunier
Name: draft-hardt-httpbis-signature-key-03.txt
Pages: 23
Dates: 2026-04-04
Abstract:
This document defines the Signature-Key HTTP header field for
distributing public keys used to verify HTTP Message Signatures as
defined in RFC 9421. Five initial key distribution schemes are
defined: pseudonymous inline keys (hwk), self-issued key delegation
via JWK Thumbprint JWTs (jkt-jwt), identified signers with JWKS URI
discovery (jwks_uri), JWT-based delegation (jwt), and X.509
certificate chains (x509). These schemes enable flexible trust
models ranging from privacy-preserving pseudonymous verification to
PKI-based identity chains and horizontally-scalable delegated
authentication.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-hardt-httpbis-signature-key/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-hardt-httpbis-signature-key-03.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-hardt-httpbis-signature-key-03
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
- I-D Action: draft-hardt-httpbis-signature-key-03.… internet-drafts