RFC 5843, "Additional Hash Algorithms for HTTP Instance Digests", April 2010Source of RFC: IETF - NON WORKING GROUP
Area Assignment: art
Errata ID: 4418
Reported By: Michal Bozon
Date Reported: 2015-07-17
Section 1.1 says:
Digest: SHA-256=MWVkMWQxYTRiMzk5MDQ0MzI3NGU5NDEyZTk5OWY1ZGFmNzgyZTJlO DYzYjRjYzFhOTlmNTQwYzI2M2QwM2U2MQ==
It should say:
The example SHA-256 message digest in the original document is not base64(sha256(M)), but it is base64(hexlify(sha256(M))).
Therefore the example is incorrect and misleading,
the digest is much longer than it sould be.
That base64 encoding of binary hash digest has to be used,
instead of the base64 encoding of the hexlified hash,
can be verified by checking RFC3230 section 4.2.