| RFC 9530 | Digest Fields | February 2024 |
| Polli & Pardue | Standards Track | [Page] |
This document defines HTTP fields that support integrity digests. TheContent-Digest field can be used for the integrity of HTTP message content. TheRepr-Digest field can be used for the integrity of HTTP representations.Want-Content-Digest andWant-Repr-Digest can be used to indicate a sender'sinterest and preferences for receiving the respective Integrity fields.¶
This document obsoletes RFC 3230 and theDigest andWant-Digest HTTPfields.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained athttps://www.rfc-editor.org/info/rfc9530.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
HTTP does not define the means to protect the data integrity of content orrepresentations. When HTTP messages are transferred between endpoints, lower-layerfeatures or properties such as TCP checksums or TLS records[TLS] can provide some integrity protection. However, transport-oriented integrity provides alimited utility because it is opaque to the application layer and only coversthe extent of a single connection. HTTP messages often travel over a chain ofseparate connections. In between connections, there is a possibility fordata corruption. An HTTP integrity mechanism can providethe means for endpoints, or applications using HTTP, to detect data corruptionand make a choice about how to act on it. An example use case is to aidfault detection and diagnosis across system boundaries.¶
This document defines two digest integrity mechanisms for HTTP.First, content integrity, which acts on conveyed content (Section 6.4 of [HTTP]).Second, representation data integrity, which acts on representation data (Section 8.1 of [HTTP]). This supports advanced use cases, such as validating theintegrity of a resource that was reconstructed from parts retrieved usingmultiple requests or connections.¶
This document obsoletes[RFC3230] and therefore theDigest andWant-Digest HTTPfields; seeSection 1.3.¶
This document is structured as follows:¶
New request and response header and trailer field definitions.¶
Considerations specific to representation data integrity.¶
Repr-Digest andWant-Repr-Digest fields in message exchanges.¶The HTTP fields defined in this document can be used for HTTP integrity. Senderschoose a hashing algorithm and calculate a digest from an input related to theHTTP message. The algorithm identifier and digest are transmitted in an HTTPfield. Receivers can validate the digest for integrity purposes. Hashingalgorithms are registered in the "Hash Algorithms for HTTP Digest Fields" registry (seeSection 7.2).¶
Selecting the data on which digests are calculated depends on the use case of theHTTP messages. This document provides different fields for HTTP representationdata and HTTP content.¶
There are use cases where a simple digest of the HTTP content bytes isrequired. TheContent-Digest request and response header and trailer field isdefined to support digests of content (Section 6.4 of [HTTP]); seeSection 2.¶
For more advanced use cases, theRepr-Digest request and response headerand trailer field (Section 3) is defined. It contains a digest valuecomputed by applying a hashing algorithm to selected representation data(Section 8.1 of [HTTP]). BasingRepr-Digest on the selectedrepresentation makes it straightforward to apply it to use cases where themessage content requires some sort of manipulation to be considered asrepresentation of the resource or the content conveys a partial representation of a resource,such as range requests (seeSection 14 of [HTTP]).¶
Content-Digest andRepr-Digest support hashing algorithm agility.TheWant-Content-Digest andWant-Repr-Digest fields allowendpoints to express interest inContent-Digest andRepr-Digest, respectively, and to express algorithm preferences in either.¶
Content-Digest andRepr-Digest are collectively termed"Integrity fields".Want-Content-Digest andWant-Repr-Digest arecollectively termed "Integrity preference fields".¶
Integrity fields are tied to theContent-EncodingandContent-Type header fields. Therefore, a given resource may have multipledifferent digest values when transferred with HTTP.¶
Integrity fields apply to HTTP message content or HTTP representations. They donot apply to HTTP messages or fields. However, they can be combined with othermechanisms that protect metadata, such as digital signatures, in order toprotect the phases of an HTTP exchange in whole or in part. For example, HTTPMessage Signatures[SIGNATURES] could be used to sign Integrity fields, thusproviding coverage for HTTP content or representation data.¶
This specification does not define means for authentication, authorization, or privacy.¶
[RFC3230] defined theDigest andWant-Digest HTTP fields for HTTP integrity.It also coined the terms "instance" and "instance manipulation" in order toexplain concepts, such as selected representation data (Section 8.1 of [HTTP]), that are now more universally defined and implemented as HTTPsemantics.¶
Experience has shown that implementations of[RFC3230] have interpreted themeaning of "instance" inconsistently, leading to interoperability issues. Themost common issue relates to the mistake of calculating the digest using (whatwe now call) message content, rather than using (what we now call)representation data as was originally intended. Interestingly, time has alsoshown that a digest of message content can be beneficial for some use cases, soit is difficult to detect if non-conformance to[RFC3230] is intentional orunintentional.¶
In order to address potential inconsistencies and ambiguity acrossimplementations ofDigest andWant-Digest, this document obsoletes[RFC3230]. The Integrity fields (Sections2 and3) and Integrity preference fields (Section 4)defined in this document are better aligned with current HTTP semantics andhave names that more clearly articulate the intended usages.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14[RFC2119][RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document uses the Augmented BNF defined in[RFC5234] and updated by[RFC7405]. This includes the rules CR (carriage return), LF (line feed), and CRLF (CR LF).¶
This document uses the following terminology fromSection 3 of [STRUCTURED-FIELDS] to specify syntax and parsing:Boolean, Byte Sequence, Dictionary, Integer, and List.¶
The definitions "representation", "selected representation", "representationdata", "representation metadata", "user agent", and "content" in this document are to beinterpreted as described in[HTTP].¶
This document uses the line folding strategiesdescribed in[FOLDING].¶
Hashing algorithm names respect the casing used in their definition document (e.g., SHA-1, CRC32c).¶
HTTP messages indicate hashing algorithms using an Algorithm Key (algorithms).Where the document refers to an Algorithm Key in prose, it is quoted (e.g., "sha", "crc32c").¶
The term "checksum" describes the output of applying an algorithm to a sequence of bytes, whereas "digest" is only used in relation to the value contained in the fields.¶
"Integrity fields" is the collective term forContent-Digest andRepr-Digest.¶
"Integrity preference fields" is the collective term forWant-Repr-DigestandWant-Content-Digest.¶
Content-Digest FieldTheContent-Digest HTTP field can be used in requests and responses tocommunicate digests that are calculated using a hashing algorithm applied tothe actual message content (seeSection 6.4 of [HTTP]). It is aDictionary (seeSection 3.2 of [STRUCTURED-FIELDS]),where each:¶
For example:¶
NOTE: '\' line wrapping per RFC 8792Content-Digest: \ sha-512=:YMAam51Jz/jOATT6/zvHrLVgOYTGFy1d6GJiOHTohq4yP+pgk4vf2aCs\ yRZOtw8MjkM7iw7yZ/WkppmM44T3qg==:¶
The Dictionary type can be used, for example, to attach multiple digestscalculated using different hashing algorithms in order to support a populationof endpoints with different or evolving capabilities. Such an approach couldsupport transitions away from weaker algorithms (seeSection 6.6).¶
NOTE: '\' line wrapping per RFC 8792Content-Digest: \ sha-256=:d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk=:,\ sha-512=:YMAam51Jz/jOATT6/zvHrLVgOYTGFy1d6GJiOHTohq4yP+pgk4vf2aCs\ yRZOtw8MjkM7iw7yZ/WkppmM44T3qg==:¶
A recipientMAY ignore any or all digests. Application-specific behavior orlocal policyMAY set additional constraints on the processing and validationpractices of the conveyed digests.The security considerations cover some of the issues related toignoring digests (seeSection 6.6)and validating multiple digests (seeSection 6.7).¶
A senderMAY send a digest withoutknowing whether the recipient supports a given hashing algorithm. A senderMAY send a digest if it knows the recipient will ignore it.¶
Content-Digest can be sent in a trailer section.In this case,Content-DigestMAY be merged into the header section; seeSection 6.5.1 of [HTTP].¶
Repr-Digest FieldTheRepr-Digest HTTP field can be used in requests and responses tocommunicate digests that are calculated using a hashing algorithm applied tothe entire selected representation data (seeSection 8.1 of [HTTP]).¶
Representations take into account the effect of the HTTP semantics onmessages. For example, the content can be affected by range requests or methods, such as HEAD, while the way the content is transferred "on the wire" isdependent on other transformations (e.g., transfer codings for HTTP/1.1; seeSection 6.1 of [HTTP/1.1]). To help illustrate HTTP representation concepts,several examples are provided inAppendix A.¶
When a message has no representation data, it is still possible to assert that norepresentation data was sent by computing the digest on an emptystring (seeSection 6.3).¶
Repr-Digest is a Dictionary (seeSection 3.2 of [STRUCTURED-FIELDS]), where each:¶
For example:¶
NOTE: '\' line wrapping per RFC 8792Repr-Digest: \ sha-512=:YMAam51Jz/jOATT6/zvHrLVgOYTGFy1d6GJiOHTohq4yP+pgk4vf2aCs\ yRZOtw8MjkM7iw7yZ/WkppmM44T3qg==:¶
The Dictionary type can be used to attach multiple digestscalculated using different hashing algorithms in order to support a populationof endpoints with different or evolving capabilities. Such an approach couldsupport transitions away from weaker algorithms (seeSection 6.6).¶
NOTE: '\' line wrapping per RFC 8792Repr-Digest: \ sha-256=:d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk=:,\ sha-512=:YMAam51Jz/jOATT6/zvHrLVgOYTGFy1d6GJiOHTohq4yP+pgk4vf2aCs\ yRZOtw8MjkM7iw7yZ/WkppmM44T3qg==:¶
A recipientMAY ignore any or all digests. Application-specific behavior orlocal policyMAY set additional constraints on the processing and validationpractices of the conveyed digests.The security considerations cover some of the issues related toignoring digests (seeSection 6.6)and validating multiple digests (seeSection 6.7).¶
A senderMAY send a digest without knowing whether the recipient supports a given hashing algorithm. A senderMAY send a digest if it knows the recipient will ignore it.¶
Repr-Digest can be sent in a trailer section.In this case,Repr-DigestMAY be merged into the header section; seeSection 6.5.1 of [HTTP].¶
Repr-Digest in State-Changing RequestsWhen the representation enclosed in a state-changing requestdoes not describe the target resource,the representation digestMUST be computed on therepresentation data.This is the only possible choice because representation digest requires completerepresentation metadata (seeSection 3).¶
In responses,¶
Repr-DigestMUST be computed on the enclosed representation (seeAppendix B.8);¶Repr-DigestMUST be computed on the selected representation of the referenced resource even if that is different from the target resource. This might or might not result in computingRepr-Digest on the enclosed representation.¶The latter case is done according to the HTTP semantics of the givenmethod, for example, using theContent-Location header field (seeSection 8.7 of [HTTP]).In contrast, theLocation header field does not affectRepr-Digest becauseit is not representation metadata.¶
For example, in PATCH requests, the representation digestwill be computed on the patch documentbecause the representation metadata refers to the patch document and notthe target resource (seeSection 2 of [PATCH]).In responses, instead, the representation digest will be computed on the selectedrepresentation of the patched resource.¶
Repr-Digest and Content-Location in ResponsesWhen a state-changing method returns theContent-Location header field, theenclosed representation refers to the resource identified by its value andRepr-Digest is computed accordingly.An example is given inAppendix B.7.¶
Senders can indicate their interest in Integrity fields and hashing algorithmpreferences using theWant-Content-Digest orWant-Repr-Digest HTTP fields. These can be used in bothrequests and responses.¶
Want-Content-Digest indicates that the sender would like toreceive (via theContent-Digest field) a content digest on messagesassociated with the request URI and representation metadata.Want-Repr-Digest indicates that the sender would like to receive (via theRepr-Digest field) a representation digest on messages associated with the request URI and representation metadata.¶
IfWant-Content-Digest orWant-Repr-Digest are used in a response, itindicates that the server would like the client to provide the respectiveIntegrity field on future requests.¶
Integrity preference fields are only a hint. The receiver of the field canignore it and send an Integrity field using any algorithm or omit the fieldentirely; for example, seeAppendix C.2. It is nota protocol error if preferences are ignored. Applications that use Integrityfields and Integrity preferences can define expectations or constraints thatoperate in addition to this specification. Ignored preferences are anapplication-specific concern.¶
Want-Content-Digest andWant-Repr-Digest are of type Dictionarywhere each:¶
Integer (Section 3.3.1 of [STRUCTURED-FIELDS])that conveys an ascending, relative, weighted preference.It must be in the range 0 to 10 inclusive.1 is the least preferred, 10 is the most preferred,and a value of 0 means "not acceptable".¶Examples:¶
Want-Repr-Digest: sha-256=1Want-Repr-Digest: sha-512=3, sha-256=10, unixsum=0Want-Content-Digest: sha-256=1Want-Content-Digest: sha-512=3, sha-256=10, unixsum=0¶
There are a wide variety of hashing algorithms that can be used for the purposesof integrity. The choice of algorithm depends on several factors such as theintegrity use case, implementation needs or constraints, or application designand workflows.¶
An initial set of algorithms will be registered with IANA in the "HashAlgorithms for HTTP Digest Fields" registry; seeSection 7.2. Additional algorithms can be registeredin accordance with the policies set out in this section.¶
Each algorithm has a status field that is intended to provide an aid toimplementation selection.¶
Algorithms with a status value of "Active" are suitable for many purposes andit isRECOMMENDED that applications use these algorithms. These can be used inadversarial situations where hash functions might need to provide resistance tocollision, first-preimage, and second-preimage attacks. For adversarial situations, selection of the acceptable "Active" algorithms will depend on the level of protection the circumstances demand. More considerations are presented inSection 6.6.¶
Algorithms with a status value of "Deprecated" either provide none of theseproperties or are known to be weak (see[NO-MD5] and[NO-SHA]). ThesealgorithmsMAY be used to preserve integrity against corruption, butMUST NOT beused in a potentially adversarial setting, for example, when signing Integrityfields' values for authenticity. Permitting the use of these algorithms can help some applications (such as those that previously used[RFC3230], are migrating to this specification (Appendix E), and have existing stored collections of computed digest values) avoid undue operational overhead caused by recomputation using other more-secure algorithms.Such applications are notexempt from the requirements in this section. Furthermore, applications withoutsuch legacy or history ought to follow the guidance for using algorithms withthe status value "Active".¶
Discussion of algorithm agility is presented inSection 6.6.¶
Registration requests for the "Hash Algorithms for HTTP Digest Fields" registryuse the Specification Required policy (Section 4.6 of [RFC8126]). Requestsshould use the following template:¶
Content-Digest,Repr-Digest,Want-Content-Digest, orWant-Repr-Digest field Dictionary member keys.¶When reviewing registration requests, the designated expert(s) should payattention to the requested status. The status value should reflectstandardization status and the broad opinion of relevant interest groups such asthe IETF or security-related Standards Development Organizations (SDOs). The "Active" status is not suitable for analgorithm that is known to be weak, broken, or experimental. If a registrationrequest attempts to register such an algorithm as "Active", the designatedexpert(s) should suggest an alternative status of "Deprecated" or "Provisional".¶
When reviewing registration requests, the designated expert(s) cannot use astatus of "Deprecated" or "Provisional" as grounds for rejection.¶
Requests to update or change the fields in an existing registration arepermitted. For example, this could allow for the transition of an algorithmstatus from "Active" to "Deprecated" as the security environment evolves.¶
This document specifies a data integrity mechanism that protects HTTPrepresentation data or content, but not HTTP header and trailer fields, fromcertain kinds of corruption.¶
Integrity fields are not intended to be a general protection against malicious tampering withHTTP messages.In the absence of additional security mechanisms, an on-path malicious actor can either remove a digest value entirely or substitute it with a new digest value computed over manipulated representation data or content.This attack can be mitigated by combining mechanisms described in thisdocument with other approaches suchas Transport Layer Security (TLS) or digital signatures (for example, HTTP MessageSignatures[SIGNATURES]).¶
Integrity fields can help detect representation data or content modification due to implementation errors,undesired "transforming proxies" (seeSection 7.7 of [HTTP]),or other actions as the data passes across multiple hops or system boundaries.Even a simple mechanism for end-to-end representation data integrity is valuablebecause a user agent can validate that resource retrieval succeeded before handing off to anHTML parser, video player, etc., for parsing.¶
Note that using these mechanisms alone does not provide end-to-end integrity of HTTP messages overmultiple hops since metadata could be manipulated at any stage. Methods to protectmetadata are discussed inSection 6.3.¶
Digital signatures are widely used together with checksums to provide thecertain identification of the origin of a message[FIPS186-5]. Such signaturescan protect one or more HTTP fields and there are additional considerations whenIntegrity fields are included in this set.¶
There are no restrictions placed on the type or format of digital signature thatIntegrity fields can be used with. One possible approach is to combine them withHTTP Message Signatures[SIGNATURES].¶
Digests explicitlydepend on the "representation metadata" (e.g., the values ofContent-Type,Content-Encoding, etc.). A signature that protects Integrity fields but not other"representation metadata" can expose the communication to tampering. Forexample, an actor could manipulate theContent-Type field-value and cause adigest validation failure at the recipient, preventing the application fromaccessing the representation. Such an attack consumes the resources of bothendpoints. See alsoSection 3.2.¶
Signatures are likely to be deemed an adversarial setting when applyingIntegrity fields; seeSection 5.Repr-Digest offers an interestingpossibility when combined with signatures. In the scenario where there is nocontent to send, the digest of an empty string can be included in the messageand, if signed, can help the recipient detect if content was added either as a result of accident or purposeful manipulation. The opposite scenario is alsosupported; including an Integrity field for content and signing it can help arecipient detect where the content was removed.¶
Any mangling of Integrity fields might affect signature validation. Examples of such mangling include de-duplicating digests or combining different field values (seeSection 5.2 of [HTTP]).¶
Before sending Integrity fields in a trailer section, the sendershould consider that intermediaries are explicitly allowed to drop any trailer(seeSection 6.5.2 of [HTTP]).¶
When Integrity fields are used in a trailer section, the field-values are received after the content.Eager processing of content before the trailer section prevents digest validation, possibly leading toprocessing of invalid data.¶
One of the benefits of using Integrity fields in a trailer section is that itallows hashing of bytes as they are sent. However, it is possible todesign a hashing algorithm that requires processing of content in such a waythat would negate these benefits. For example, Merkle Integrity Content Encoding[MICE] requires content to be processed in reverse order.This means the complete data needs to be available, which means there isnegligible processing difference in sending an Integrity field in a header versusa trailer section.¶
Content coding mechanisms can support different encoding parameters, meaning that the same input content can produce different outputs. For example, GZIP supports multiple compression levels. Such encoding parameters are generally not communicated as representation metadata. For instance, different compression levels would all use the same "Content-Encoding: gzip" field. Other examples include where encoding relies on nonces or timestamps, such as the aes128gcm content coding defined in[RFC8188].¶
Since it is possible for there to be variation within content coding, the checksum conveyed by the Integrity fields cannot be used to provide a proof of integrity "at rest"unless the whole content is persisted.¶
The security properties of hashing algorithms are not fixed.Algorithm agility (see[RFC7696]) is achieved by providing implementations with flexibilityto choose hashing algorithms from the IANA Hash Algorithms for HTTP Digest Fields registry; seeSection 7.2.¶
Transition from weak algorithms is supportedby negotiation of hashing algorithm usingWant-Content-Digest orWant-Repr-Digest (seeSection 4)or by sending multiple digests from which the receiver chooses.A receiver that depends on a digest for security will be vulnerableto attacks on the weakest algorithm it is willing to accept.Endpoints are advised that sending multiple values consumes resources that may be wasted if the receiver ignores them (seeSection 3).¶
While algorithm agility allows the migration to stronger algorithms,it does not prevent the use of weaker algorithms.Integrity fields do not provide any mitigations for downgrade or substitutionattacks (seeSection 1 of [RFC6211]) of the hashing algorithm.To protect against such attacks, endpoints could restrict their set of supported algorithmsto stronger ones and protect the fields' values by using TLS and/or digital signatures.¶
Integrity field validation consumes computational resources.In order to avoid resource exhaustion, implementations can restrictvalidation of the algorithm types, the number of validations, or the size of content.In these cases, skipping validation entirely or ignoring validation failure of a more-preferred algorithmleaves the possibility of a downgrade attack (seeSection 6.6).¶
IANA has updated the"Hypertext Transfer Protocol (HTTP) Field Name Registry"[HTTP] as shown in the table below:¶
| Field Name | Status | Reference |
|---|---|---|
Content-Digest | permanent | Section 2 of RFC 9530 |
Repr-Digest | permanent | Section 3 of RFC 9530 |
Want-Content-Digest | permanent | Section 4 of RFC 9530 |
Want-Repr-Digest | permanent | Section 4 of RFC 9530 |
Digest | obsoleted | [RFC3230],Section 1.3 of RFC 9530 |
Want-Digest | obsoleted | [RFC3230],Section 1.3 of RFC 9530 |
IANA has created the new "Hash Algorithms for HTTP Digest Fields"registry at<https://www.iana.org/assignments/http-digest-hash-alg/> andpopulated it with the entries inTable 2. The procedure fornew registrations is provided inSection 5.¶
| Algorithm Key | Status | Description | Reference |
|---|---|---|---|
| sha-512 | Active | The SHA-512 algorithm. | [RFC6234],[RFC4648], RFC 9530 |
| sha-256 | Active | The SHA-256 algorithm. | [RFC6234],[RFC4648], RFC 9530 |
| md5 | Deprecated | The MD5 algorithm. It is vulnerable to collision attacks; see[NO-MD5] and[CMU-836068] | [RFC1321],[RFC4648], RFC 9530 |
| sha | Deprecated | The SHA-1 algorithm. It is vulnerable to collision attacks; see[NO-SHA] and[IACR-2020-014] | [RFC3174],[RFC4648],[RFC6234], RFC 9530 |
| unixsum | Deprecated | The algorithm used by the UNIX "sum" command. | [RFC4648],[RFC6234],[UNIX], RFC 9530 |
| unixcksum | Deprecated | The algorithm used by the UNIX "cksum" command. | [RFC4648],[RFC6234],[UNIX], RFC 9530 |
| adler | Deprecated | The ADLER32 algorithm. | [RFC1950], RFC 9530 |
| crc32c | Deprecated | The CRC32c algorithm. | Appendix A of [RFC9260], RFC 9530 |
IANA has deprecated the "Hypertext Transfer Protocol (HTTP) DigestAlgorithm Values" registry at<https://www.iana.org/assignments/http-dig-alg/> and replaced the note on that registry with the following text:¶
This registry is deprecated since it lists the algorithms that can be usedwith theDigestandWant-Digestfields defined in[RFC3230], which has been obsoleted byRFC 9530. While registration is not closed, new registrationsare encouraged to use theHash Algorithms for HTTP Digest Fields registry instead.¶
The following examples show how representation metadata, contenttransformations, and methods impact the message and content. These examples anot exhaustive.¶
Unless otherwise indicated, the examples are based on the JSON object{"hello":"world"} followed by an LF. When the content contains non-printable characters(e.g., when it is encoded), it is shown as a sequence of hex-encoded bytes.¶
Consider a client that wishes to upload a JSON object using the PUT method. Itcould do this using the application/jsonContent-Type without any contentcoding.¶
PUT /entries/1234 HTTP/1.1Host: foo.exampleContent-Type: application/jsonContent-Length: 19{"hello": "world"}However, the use of content coding is quite common. The client could also uploadthe same data with a GZIP coding (Section 8.4.1.3 of [HTTP]). Note that inthis case, theContent-Length contains a larger value due to the codingoverheads.¶
PUT /entries/1234 HTTP/1.1Host: foo.exampleContent-Type: application/jsonContent-Encoding: gzipContent-Length: 391F 8B 08 00 88 41 37 64 00 FFAB 56 CA 48 CD C9 C9 57 B2 5250 2A CF 2F CA 49 51 AA E5 0200 D9 E4 31 E7 13 00 00 00
Sending the GZIP-coded data without indicating it viaContent-Encoding meansthat the content is malformed. In this case, the server can reply with an error.¶
PUT /entries/1234 HTTP/1.1Host: foo.exampleContent-Type: application/jsonContent-Length: 391F 8B 08 00 88 41 37 64 00 FFAB 56 CA 48 CD C9 C9 57 B2 5250 2A CF 2F CA 49 51 AA E5 0200 D9 E4 31 E7 13 00 00 00
HTTP/1.1 400 Bad Request
A Range-Request affects the transferred message content. In this example, theclient is accessing the resource at/entries/1234, which is the JSON object{"hello": "world"} followed by an LF. However, the client has indicated apreferred content coding and a specific byte range.¶
GET /entries/1234 HTTP/1.1Host: foo.exampleAccept-Encoding: gzipRange: bytes=1-7
The server satisfies the client request by responding with a partialrepresentation (equivalent to the first 10 bytes of the JSON object displayed in wholeinFigure 2).¶
HTTP/1.1 206 Partial ContentContent-Encoding: gzipContent-Type: application/jsonContent-Range: bytes 0-9/391F 8B 08 00 A5 B4 BD 62 02 FF
Aside from content coding or range requests, the method can also affect thetransferred message content. For example, the response to a HEAD request doesnot carry content, but this example case includesContent-Length; seeSection 8.6 of [HTTP].¶
HEAD /entries/1234 HTTP/1.1Host: foo.exampleAccept: application/jsonAccept-Encoding: gzip
HTTP/1.1 200 OKContent-Type: application/jsonContent-Encoding: gzipContent-Length: 39
Finally, the semantics of a response might decouple the target URIfrom the enclosed representation. In the example below, the client issues a POSTrequest directed to/authors/, but the response includes aContent-Locationheader field indicating that the enclosed representation refers to theresource available at/authors/123. Note thatContent-Length is not sentin this example.¶
POST /authors/ HTTP/1.1Host: foo.exampleAccept: application/jsonContent-Type: application/json{"author": "Camilleri"}HTTP/1.1 201 CreatedContent-Type: application/jsonContent-Location: /authors/123Location: /authors/123{"id": "123", "author": "Camilleri"}DigestThe following examples demonstrate interactions where a server responds with aContent-Digest orRepr-Digest field, even though the client did not solicit one usingWant-Content-Digest orWant-Repr-Digest.¶
Some examples include JSON objects in the content.For presentation purposes, objects that fit completely within the line-length limitsare presented on a single line using compact notation with no leading space.Objects that would exceed line-length limits are presented across multiple lines(one line per key-value pair) with two spaces of leading indentation.¶
Checksum mechanisms defined in this document are media-type agnosticand do not provide canonicalization algorithms for specific formats.Examples are calculated inclusive of any space.While examples can include both fields,Content-Digest andRepr-Digest can be returned independently.¶
In this example, the message content conveys complete representation data.This means that in the response,Content-Digest andRepr-Digestare both computed over the JSON object{"hello": "world"} followed by an LF; thus, they have the same value.¶
GET /items/123 HTTP/1.1Host: foo.example
NOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonContent-Length: 19Content-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:Repr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:{"hello": "world"}Repr-Digest andContent-DigestIn this example, a HEAD request is used to retrieve the checksumof a resource.¶
The responseContent-Digest field-value is computed on empty content.Repr-Digest is calculated over the JSON object{"hello": "world"} followed by an LF, which is not shown because there is no content.¶
HEAD /items/123 HTTP/1.1Host: foo.example
NOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonContent-Digest: \ sha-256=:47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=:Repr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:
Content-Digest andDigest (Empty Content)In this example, the client makes a range request and the server responds withpartial content.¶
GET /items/123 HTTP/1.1Host: foo.exampleRange: bytes=10-18
NOTE: '\' line wrapping per RFC 8792HTTP/1.1 206 Partial ContentContent-Type: application/jsonContent-Range: bytes 10-18/19Content-Digest: \ sha-256=:jjcgBDWNAtbYUXI37CVG3gRuGOAjaaDRGpIUFsdyepQ=:Repr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:"world"}
Content-Digest andRepr-DigestIn the response message above, note that theRepr-Digest andContent-Digests are different.TheRepr-Digest field-value is calculated across the entire JSON object{"hello": "world"} followed by an LF, and the field appears as follows:¶
NOTE: '\' line wrapping per RFC 8792Repr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:¶
However, since the message content is constrained to bytes 10-18,theContent-Digest field-value is calculated over thesequence"world"} followed by an LF, thus resulting in the following:¶
NOTE: '\' line wrapping per RFC 8792Content-Digest: \ sha-256=:jjcgBDWNAtbYUXI37CVG3gRuGOAjaaDRGpIUFsdyepQ=:¶
The request contains aRepr-Digest field-value calculated on the enclosedrepresentation. It also includes anAccept-Encoding: br header field that advertises that theclient supports Brotli encoding.¶
The response includes aContent-Encoding: br that indicates the selectedrepresentation is Brotli-encoded. TheRepr-Digest field-value is thereforedifferent compared to the request.¶
For presentation purposes, the response body is displayed as a sequence ofhex-encoded bytes because it contains non-printable characters.¶
NOTE: '\' line wrapping per RFC 8792PUT /items/123 HTTP/1.1Host: foo.exampleContent-Type: application/jsonAccept-Encoding: brRepr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:{"hello": "world"}DigestNOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonContent-Location: /items/123Content-Encoding: brContent-Length: 23Repr-Digest: \ sha-256=:d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk=:8B 08 80 7B 22 68 65 6C 6C 6F22 3A 20 22 77 6F 72 6C 64 227D 0A 03
Digest of Encoded ResponseThe requestRepr-Digest field-value is calculated on the enclosed content, whichis the JSON object{"hello": "world"} followed by an LF.¶
The responseRepr-Digest field-valuedepends on the representation metadata header fields, includingContent-Encoding: br, even when the response does not contain content.¶
NOTE: '\' line wrapping per RFC 8792PUT /items/123 HTTP/1.1Host: foo.exampleContent-Type: application/jsonContent-Length: 19Accept-Encoding: brRepr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg==:{"hello": "world"}¶HTTP/1.1 204 No ContentContent-Type: application/jsonContent-Encoding: brRepr-Digest: sha-256=:d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk=:
DigestThe response contains two digest values using different algorithms.¶
For presentation purposes, the response body is displayed as a sequence ofhex-encoded bytes because it contains non-printable characters.¶
NOTE: '\' line wrapping per RFC 8792PUT /items/123 HTTP/1.1Host: foo.exampleContent-Type: application/jsonAccept-Encoding: brRepr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg==:{"hello": "world"}DigestNOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonContent-Encoding: brContent-Location: /items/123Repr-Digest: \ sha-256=:d435Qo+nKZ+gLcUHn7GQtQ72hiBVAgqoLsZnZPiTGPk=:,\ sha-512=:db7fdBbgZMgX1Wb2MjA8zZj+rSNgfmDCEEXM8qLWfpfoNY0sCpHAzZbj\ 09X1/7HAb7Od5Qfto4QpuBsFbUO3dQ==:8B 08 80 7B 22 68 65 6C 6C 6F22 3A 20 22 77 6F 72 6C 64 227D 0A 03
Digest of Encoded ContentThe requestRepr-Digest field-value is computed on the enclosed representation(seeSection 3.1), which is the JSON object{"title": "NewTitle"} followed by an LF.¶
The representation enclosed in the response is a multiline JSON object followed by an LF.It refers to the resource identified byContent-Location (seeSection 6.4.2 of [HTTP]);thus, an application can useRepr-Digest in association with the resourcereferenced byContent-Location.¶
POST /books HTTP/1.1Host: foo.exampleContent-Type: application/jsonAccept: application/jsonAccept-Encoding: identityRepr-Digest: sha-256=:mEkdbO7Srd9LIOegftO0aBX+VPTVz7/CSHes2Z27gc4=:{"title": "New Title"}DigestHTTP/1.1 201 CreatedContent-Type: application/jsonContent-Location: /books/123Location: /books/123Repr-Digest: sha-256=:uVSlinTTdQUwm2On4k8TJUikGN1bf/Ds8WPX4oe0h9I=:{ "id": "123", "title": "New Title"}Digest of ResourceThe requestRepr-Digest field-value is computed on the enclosed representation (seeSection 3.1), which is the JSON object{"title": "NewTitle"} followed by an LF.¶
The representation enclosed in the response describes the status of the request,soRepr-Digest is computed on that enclosed representation. It is a multilineJSON object followed by an LF.¶
ResponseRepr-Digest has no explicit relation with the resource referenced byLocation.¶
POST /books HTTP/1.1Host: foo.exampleContent-Type: application/jsonAccept: application/jsonAccept-Encoding: identityRepr-Digest: sha-256=:mEkdbO7Srd9LIOegftO0aBX+VPTVz7/CSHes2Z27gc4=:{"title": "New Title"}DigestHTTP/1.1 201 CreatedContent-Type: application/jsonRepr-Digest: sha-256=:yXIGDTN5VrfoyisKlXgRKUHHMs35SNtyC3szSz1dbO8=:Location: /books/123{ "status": "created", "id": "123", "ts": 1569327729, "instance": "/books/123"}Digest of RepresentationDigest with PATCHThis case is analogous to a POST request where the target resource reflects thetarget URI.¶
The PATCH request uses theapplication/merge-patch+json media type defined in[RFC7396].Repr-Digest is calculated on the content that corresponds to thepatch document and is the JSON object{"title": "New Title"} followed by anLF.¶
The responseRepr-Digest field-value is computed on the complete representation of the patchedresource. It is a multiline JSON object followed by an LF.¶
PATCH /books/123 HTTP/1.1Host: foo.exampleContent-Type: application/merge-patch+jsonAccept: application/jsonAccept-Encoding: identityRepr-Digest: sha-256=:mEkdbO7Srd9LIOegftO0aBX+VPTVz7/CSHes2Z27gc4=:{"title": "New Title"}DigestHTTP/1.1 200 OKContent-Type: application/jsonRepr-Digest: sha-256=:uVSlinTTdQUwm2On4k8TJUikGN1bf/Ds8WPX4oe0h9I=:{ "id": "123", "title": "New Title"}Digest of RepresentationNote that a204 No Content response without content, but with the sameRepr-Digest field-value, would have been legitimate too.In that case,Content-Digest would have been computed on an empty content.¶
In error responses, the representation data does not necessarily refer to thetarget resource. Instead, it refers to the representation of the error.¶
In the following example, a client sends the same request fromFigure 26 topatch the resource located at /books/123. However, the resource does not existand the server generates a 404 response with a body that describes the error inaccordance with[RFC9457].¶
The responseRepr-Digest field-value is computed on this enclosed representation.It is a multiline JSON object followed by an LF.¶
HTTP/1.1 404 Not FoundContent-Type: application/problem+jsonRepr-Digest: sha-256=:EXB0S2VF2H7ijkAVJkH1Sm0pBho0iDZcvVUHHXTTZSA=:{ "title": "Not Found", "detail": "Cannot PATCH a non-existent resource", "status": 404}Digest of Error RepresentationAn origin server sendsRepr-Digest as trailer field, so it can calculate digest-valuewhile streaming content and thus mitigate resource consumption.TheRepr-Digest field-value is the same as inAppendix B.1 becauseRepr-Digest is designed tobe independent of the use of one or more transfer codings (seeSection 3).¶
In the response content below, the string "\r\n" represents the CRLF bytes.¶
GET /items/123 HTTP/1.1Host: foo.example
NOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonTransfer-Encoding: chunkedTrailer: Repr-Digest8\r\n{"hello"\r\n8\r\n: "world\r\n3\r\n"}\n\r\n0\r\nRepr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg==:\r\nDigestWant-Repr-Digest SolicitedDigestThe following examples demonstrate interactions where a client solicits aRepr-Digest usingWant-Repr-Digest.The behavior ofContent-Digest andWant-Content-Digest is identical.¶
Some examples include JSON objects in the content.For presentation purposes, objects that fit completely within the line-length limitsare presented on a single line using compact notation with no leading space.Objects that would exceed line-length limits are presented across multiple lines(one line per key-value pair) with two spaces of leading indentation.¶
Checksum mechanisms described in this document are media-type agnosticand do not provide canonicalization algorithms for specific formats.Examples are calculated inclusive of any space.¶
The client requests a digest and prefers "sha". The server is free to reply with"sha-256" anyway.¶
GET /items/123 HTTP/1.1Host: foo.exampleWant-Repr-Digest: sha-256=3, sha=10
Want-Repr-DigestNOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonRepr-Digest: \ sha-256=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg==:{"hello": "world"}The client requests a "sha" digest because that is the only algorithm itsupports. The server is not obliged to produce a response containing a "sha"digest; it instead uses a different algorithm.¶
GET /items/123 HTTP/1.1Host: foo.exampleWant-Repr-Digest: sha=10
Want-Repr-DigestNOTE: '\' line wrapping per RFC 8792HTTP/1.1 200 OKContent-Type: application/jsonRepr-Digest: \ sha-512=:YMAam51Jz/jOATT6/zvHrLVgOYTGFy1d6GJiOHTohq4yP+pgk4vf2aCs\ yRZOtw8MjkM7iw7yZ/WkppmM44T3qg==:{"hello": "world"}Appendix C.2 is an example where a server ignoresthe client's preferred digest algorithm.Alternatively, a server can also rejectthe request and return a response withan error status code such as 4xx or 5xx.This specification does not prescribeany requirement on status code selection;the following example illustrates one possibleoption.¶
In this example, the client requests a "sha"Repr-Digest, and the server returns anerror with problem details[RFC9457] contained in the content. The problemdetails contain a list of the hashing algorithms that the server supports. Thisis purely an example; this specification does not define any format orrequirements for such content.¶
GET /items/123 HTTP/1.1Host: foo.exampleWant-Repr-Digest: sha=10
Want-Repr-DigestHTTP/1.1 400 Bad RequestContent-Type: application/problem+json{ "title": "Bad Request", "detail": "Supported hashing algorithms: sha-256, sha-512", "status": 400}Digest ValuesThis section shows examples of digest values for different hashing algorithms.The input value is the JSON object{"hello": "world"}. The digest values areeach produced by running the relevant hashing algorithm over the input andrunning the output bytes through Byte Sequence serialization; seeSection 4.1.8 of [STRUCTURED-FIELDS].¶
NOTE: '\' line wrapping per RFC 8792sha-512 - :WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm+\ AbwAgBWnrIiYllu7BNNyealdVLvRwEmTHWXvJwew==:sha-256 - :X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=:md5 - :Sd/dVLAcvNLSq16eXua5uQ==:sha - :07CavjDP4u3/TungoUHJO/Wzr4c=:unixsum - :GQU=:unixcksum - :7zsHAA==:adler - :OZkGFw==:crc32c - :Q3lHIA==:¶
HTTP digests are computed by applying a hashing algorithm to input data.[RFC3230] defined the input data as an "instance", a term it also defined.The concept of an instance has since been superseded by the HTTP semantic term "representation".It is understood that some implementations of[RFC3230]mistook "instance" to mean HTTP content.Using content for theDigest field is an errorthat leads to interoperability problems between peers that implement[RFC3230].¶
[RFC3230] was only ever intendedto use what HTTP now defines as selected representation data.The semantic concept of digest and representation are explainedalongside the definition of theRepr-Digest field (Section 3).¶
While the syntax ofDigest andRepr-Digest are different,the considerations and examples this document gives forRepr-Digestapply equally toDigest because they operate on the same input data;see Sections3.1,6 and6.3.¶
[RFC3230] could never communicatethe digest of HTTP message content in theDigest field;Content-Digest now provides that capability.¶
[RFC3230] allowed algorithms to define their output encoding format for use withtheDigest field. This resulted in a mix of formats such as base64, hex, ordecimal. By virtue of using Structured Fields,Content-Digest, andRepr-Digestuse only a single encoding format. Further explanation and examples are provided inAppendix D.¶
This document is based on ideas from[RFC3230], so thankstoJeff Mogul andArthur Van Hoff for their great work.The original idea of refreshing[RFC3230] arose from an interestingdiscussion withMark Nottingham,Jeffrey Yasskin, andMartin Thomson when reviewingthe MICE content coding.¶
Thanks toJulian Reschke for his valuable contributions to this document,and to the following contributors that have helped improve this specification by reporting bugs,asking smart questions, drafting or reviewing text, and evaluating open issues:Mike Bishop,Brian Campbell,Matthew Kerwin,James Manger,Tommy Pauly,Sean Turner,Justin Richer,andErik Wilde.¶