Many API specs use the Digest HTTP header, together with a signature, to provide an integrity proof of the exchanged items.
As many implementations on the internet didn’t implement Digest correctly,
and the relevant RFC 3230 is quite old and out-of-sync with the latest
HTTP specifications released in 2014 we decided to step in and - together with
a Cloudflare employee - refresh the old RFC 3230 and prepare a new Internet-Draft 1.
Promote specifications into the IETF is an important interoperability step:
- Italian agencies can just rely on standard RFC and not only on national documents;
- Technical choices get a indepth review from world-class engineers which daily work on HTTP.
This approach will help even cross-border interoperability in the European Union, because HTTP specifications are used abroad.
The Internet-Draft has been “Called for Adoption” by the HTTP WorkGroup
and has been now adopted by the Workgroup that:
- renamed it to
draft-ietf-; - assign it to new editors;
- continue the work so that the future spec will be consistent with the
rest of the HTTP specifications.
The repository is here, contributes are welcome!
The latest draft is here.