Dear all,
This draft has still serious security issues as reported [1] in httpbis
a few days prior to the Last Call.
As detailed in the report, this draft does not correctly use signatures
to bind requests and responses, allowing an attacker to substitute
forged responses which the requester will accept. This requires changes
to way signatures of signatures are produced in the draft, as well as
updates to the security considerations and examples used to illustrate
message binding.
Best,
Dennis
[1] https://lists.w3.org/Archives/Public/ietf-http-wg/2023JanMar/0063.html
On 06/02/2023 15:40, The IESG wrote:
The IESG has received a request from the HTTP WG (httpbis) to consider the
following document: - 'HTTP Message Signatures'
<draft-ietf-httpbis-message-signatures-16.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@xxxxxxxx mailing lists by 2023-02-20. Exceptionally, comments may
be sent to iesg@xxxxxxxx instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.
Abstract
This document describes a mechanism for creating, encoding, and
verifying digital signatures or message authentication codes over
components of an HTTP message. This mechanism supports use cases
where the full HTTP message may not be known to the signer, and where
the message may be transformed (e.g., by intermediaries) before
reaching the verifier. This document also describes a means for
requesting that a signature be applied to a subsequent HTTP message
in an ongoing HTTP exchange.
The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-httpbis-message-signatures/
No IPR declarations have been submitted directly on this I-D.
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
