RFC 9421

HTTP Message Signatures, February 2024

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
A. Backman, Ed.
J. Richer, Ed.
M. Sporny
httpbis (wit)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9421

Discuss this RFC: Send questions or comments to the mailing list ietf-http-wg@w3.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9421


This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over components of an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer and where the message may be transformed (e.g., by intermediaries) before reaching the verifier. This document also describes a means for requesting that a signature be applied to a subsequent HTTP message in an ongoing HTTP exchange.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search