Internet-Draft | HTTP Problem Types for Digest Fields | June 2024 |
Kleidl | Expires 29 December 2024 | [Page] |
TODO Abstract¶
This note is to be removed before publishing as an RFC.¶
The latest revision of this draft can be found at https://tus.github.io/draft-digest-fields-problem-types/draft-kleidl-digest-fields-problem-types.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-kleidl-digest-fields-problem-types/.¶
Source for this draft and an issue tracker can be found at https://github.com/tus/draft-digest-fields-problem-types.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 29 December 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Digest fields [DIGEST] are HTTP fields that support integrity digests. A request can include the Content-Digest
and Repr-Digest
header fields for verifying the integrity of the HTTP message content and the HTTP representation, respectively. In addition, a sender can include the Want-Content-Digest
and Want-Repr-Digest
header fields in a request to express interest in receiving integrity field in the response. [DIGEST] by design does not define, require or recommend specific server behavior if errors regarding the integrity appear.¶
For example, a request may include a digest algorithm in the Content-Digest
and Repr-Digest
header fields that the server does not support. Similar, a sender may request to the digest utilizing a hashing algorithm that the server does not support. Another possible problem is that the digest supplied in the request does not match up with the digest calculated by the server. Depending on the application, the server may choose to ignore these errors or communicate them back to the client. However, no recommended response format for communicating these errors is defined so far.¶
Problem types [PROBLEM] are machine-readable description of errors in HTTP response content [PROBLEM]. Each problem definition includes a unique type that can be used to identify the error and also allows the attachment of a short, human-readable summary as well as additional properties to aid debugging and error handling. In addition, a JSON and XML representation of the problem types is defined to simplify parsing.¶
As an example, if the resource receives a request with an integrity field utilizing an unsupported hashing algorithm foo
, the response may use the following problem type:¶
The response includes the unique problem type, the requested algorithm that is not supported by the server, as well as an array of the supported algorithms.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The terms "integrity fields" and "integrity preference fields" are from [DIGEST].¶
This section defines the "https://iana.org/assignments/http-problem-types#unsupported-hashing-algorithm" problem type [PROBLEM]. A server MAY use this problem type when responding to a request, whose integrity or integrity preference fields reference a hashing algorithm that the server can not or does not want to support for this request, and if the server wants to indicate this problem to the sender.¶
Two problem type extension members are defined: the unsupported-algorithm
and supported-algorithms
members. A response using this problem type SHOULD populate both members, with the value of unsupported-algorithm
being the algorithm key of the unsupported algorithm from the request and the value of supported-algorithms
being an array of the algorithm keys, as registered in the "Hash Algorithms for HTTP Digest Fields" registry, of the supported algorithms.¶
The following example shows a response for a request with an integrity field utilizing an unsupported hashing algorithm foo
. The response also includes a list of supported algorithms.¶
If the sender receives this problem type, it SHOULD retry the request while picking another hashing algorithm. If the response includes an array of supported algorithms, it SHOULD choose one of them.¶
This section defines the "https://iana.org/assignments/http-problem-types#invalid-digest-value" problem type [PROBLEM]. A server MAY use this problem type when responding to a request, whose integrity fields include a digest value, that cannot be generated by the corresponding hashing algorithm. For example, if the digest value of the sha-512
hashing algorithm is not 64 bytes long, it cannot be a valid digest value and the server can skip computing the digest value. This problem type MUST NOT be used if the server is not able to parse the integrity fields according to Section 4.5 of [STRUCTURED-FIELDS], for example because of a syntax error in the field value.¶
The server SHOULD include a human-readable description why the value is considered invalid in the title
member.¶
The following example shows a response for a request with an invalid digest value.¶
If the sender receives this problem type, it SHOULD NOT retry the request without modification. Such an error is likely rooted in a fault in the sender's computation or encoding of the digest value.¶
This section defines the "https://iana.org/assignments/http-problem-types#mismatching-digest-value" problem type [PROBLEM]. A server MAY use this problem type when responding to a request, whose integrity fields include a digest value that does not match the digest value that the server computed for the request content or representation.¶
Three problem type extension members are defined: the algorithm
, provided-digest
, and expected-digest
members. A response using this problem type SHOULD populate all members, with the value of algorithm
being the algorithm key of the used hashing algorithm, with the value of provided-digest
being the digest value taken from the request's integrity fields, and the value of expected-digest
being the computed digest. The digest values MUST BE serialized as byte sequences as described in Section 4.1.8 of [STRUCTURED-FIELDS].¶
The following example shows a response for a request with a mismatching SHA-256 digest value.¶
If the sender receives this problem type, the request might be modified unintentionally by an intermediary. The sender MAY retry the request without modification. However, if the sender continue receiving this problem type, it SHOULD stop retrying.¶
Although an error appeared while handling the digest fields, the server may choose to not disclose this error to the sender to avoid lacking implementation details. Similar, the server may choose a general problem type for the response even in a more specific problem type is defined if it prefers to hide the details of the error from the sender.¶
IANA is asked to register the following entry in the "HTTP Problem Types" registry:¶
https://iana.org/assignments/http-problem-types#unsupported-hashing-algorithm¶
Unsupported Hashing Algorithm¶
400¶
This document¶
IANA is asked to register the following entry in the "HTTP Problem Types" registry:¶
https://iana.org/assignments/http-problem-types#invalid-digest-value¶
Invalid Digest Value¶
400¶
This document¶
IANA is asked to register the following entry in the "HTTP Problem Types" registry:¶
TODO acknowledge.¶