RFC 9421
HTTP Message Signatures, February 2024
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- A. Backman, Ed.
J. Richer, Ed.
M. Sporny - Stream:
- IETF
- Source:
- httpbis (wit)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9421
Discuss this RFC: Send questions or comments to the mailing list ietf-http-wg@w3.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9421
Abstract
This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over components of an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer and where the message may be transformed (e.g., by intermediaries) before reaching the verifier. This document also describes a means for requesting that a signature be applied to a subsequent HTTP message in an ongoing HTTP exchange.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.