| rfc9729v2.txt | rfc9729.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) D. Schinazi | Internet Engineering Task Force (IETF) D. Schinazi | |||
| Request for Comments: 9729 Google LLC | Request for Comments: 9729 Google LLC | |||
| Category: Standards Track D. Oliver | Category: Standards Track D. Oliver | |||
| ISSN: 2070-1721 Guardian Project | ISSN: 2070-1721 Guardian Project | |||
| J. Hoyland | J. Hoyland | |||
| Cloudflare Inc. | Cloudflare Inc. | |||
| January 2025 | February 2025 | |||
| The Concealed HTTP Authentication Scheme | The Concealed HTTP Authentication Scheme | |||
| Abstract | Abstract | |||
| Most HTTP authentication schemes are probeable in the sense that it | Most HTTP authentication schemes are probeable in the sense that it | |||
| is possible for an unauthenticated client to probe whether an origin | is possible for an unauthenticated client to probe whether an origin | |||
| serves resources that require authentication. It is possible for an | serves resources that require authentication. It is possible for an | |||
| origin to hide the fact that it requires authentication by not | origin to hide the fact that it requires authentication by not | |||
| generating Unauthorized status codes; however, that only works with | generating Unauthorized status codes; however, that only works with | |||
| skipping to change at line 206 ¶ | skipping to change at line 206 ¶ | |||
| scheme portion of a URI as defined in Section 3.1 of [URI]. | scheme portion of a URI as defined in Section 3.1 of [URI]. | |||
| Host: The host for this request, encoded using the format of the | Host: The host for this request, encoded using the format of the | |||
| host portion of a URI as defined in Section 3.2.2 of [URI]. | host portion of a URI as defined in Section 3.2.2 of [URI]. | |||
| Port: The port for this request, encoded in network byte order. | Port: The port for this request, encoded in network byte order. | |||
| Note that the port is either included in the URI or is the default | Note that the port is either included in the URI or is the default | |||
| port for the scheme in use; see Section 3.2.3 of [URI]. | port for the scheme in use; see Section 3.2.3 of [URI]. | |||
| Realm: The realm of authentication that is sent in the realm | Realm: The realm of authentication that is sent in the realm | |||
| authentication parameter (Section 11.5 of [HTTP]). If the realm | authentication parameter (see Section 11.5 of [HTTP]). If the | |||
| authentication parameter is not present, this SHALL be empty. | realm authentication parameter is not present, this SHALL be | |||
| This document does not define a means for the origin to | empty. This document does not define a means for the origin to | |||
| communicate a realm to the client. If a client is not configured | communicate a realm to the client. If a client is not configured | |||
| to use a specific realm, it SHALL use an empty realm and SHALL NOT | to use a specific realm, it SHALL use an empty realm and SHALL NOT | |||
| send the realm authentication parameter. | send the realm authentication parameter. | |||
| The Signature Algorithm and Port fields are encoded as unsigned | The Signature Algorithm and Port fields are encoded as unsigned | |||
| 16-bit integers in network byte order. The Key ID, Public Key, | 16-bit integers in network byte order. The Key ID, Public Key, | |||
| Scheme, Host, and Realm fields are length-prefixed strings; they are | Scheme, Host, and Realm fields are length-prefixed strings; they are | |||
| preceded by a Length field that represents their length in bytes. | preceded by a Length field that represents their length in bytes. | |||
| These length fields are encoded using the variable-length integer | These length fields are encoded using the variable-length integer | |||
| encoding from Section 16 of [QUIC] and MUST be encoded in the minimum | encoding from Section 16 of [QUIC] and MUST be encoded in the minimum | |||
| skipping to change at line 329 ¶ | skipping to change at line 329 ¶ | |||
| concealed-byte-sequence-param-value = *( ALPHA / DIGIT / "-" / "_" ) | concealed-byte-sequence-param-value = *( ALPHA / DIGIT / "-" / "_" ) | |||
| concealed-integer-param-value = %x31-39 1*4( DIGIT ) / "0" | concealed-integer-param-value = %x31-39 1*4( DIGIT ) / "0" | |||
| Figure 4: Authentication Parameter Value ABNF | Figure 4: Authentication Parameter Value ABNF | |||
| 4.1. The k Parameter | 4.1. The k Parameter | |||
| The REQUIRED "k" (key ID) Parameter is a byte sequence that | The REQUIRED "k" (key ID) Parameter is a byte sequence that | |||
| identifies which key the client wishes to use to authenticate. This | identifies which key the client wishes to use to authenticate. This | |||
| is used by the backend to point to an entry in a server-side database | is used by the backend to point to an entry in a server-side database | |||
| of known keys; see Section 6.3. | of known keys (see Section 6.3). | |||
| 4.2. The a Parameter | 4.2. The a Parameter | |||
| The REQUIRED "a" (public key) Parameter is a byte sequence that | The REQUIRED "a" (public key) Parameter is a byte sequence that | |||
| specifies the public key used by the server to validate the signature | specifies the public key used by the server to validate the signature | |||
| provided by the client. This avoids key confusion issues (see | provided by the client. This avoids key confusion issues (see | |||
| [SEEMS-LEGIT]). The encoding of the public key is described in | [SEEMS-LEGIT]). The encoding of the public key is described in | |||
| Section 3.1.1. | Section 3.1.1. | |||
| 4.3. The p Parameter | 4.3. The p Parameter | |||
| The REQUIRED "p" (proof) Parameter is a byte sequence that specifies | The REQUIRED "p" (proof) Parameter is a byte sequence that specifies | |||
| the proof that the client provides to attest to possessing the | the proof that the client provides to attest to possessing the | |||
| credential that matches its key ID. | credential that matches its key ID. | |||
| 4.4. The s Parameter | 4.4. The s Parameter | |||
| The REQUIRED "s" (signature) Parameter is an integer that specifies | The REQUIRED "s" (signature scheme) Parameter is an integer that | |||
| the signature scheme used to compute the proof transmitted in the p | specifies the signature scheme used to compute the proof transmitted | |||
| Parameter. Its value is an integer between 0 and 65535 inclusive | in the p Parameter. Its value is an integer between 0 and 65535 | |||
| from the IANA "TLS SignatureScheme" registry maintained at | inclusive from the IANA "TLS SignatureScheme" registry maintained at | |||
| <https://www.iana.org/assignments/tls-parameters/tls- | <https://www.iana.org/assignments/tls-parameters/tls- | |||
| parameters.xhtml#tls-signaturescheme>. | parameters.xhtml#tls-signaturescheme>. | |||
| 4.5. The v Parameter | 4.5. The v Parameter | |||
| The REQUIRED "v" (verification) Parameter is a byte sequence that | The REQUIRED "v" (verification) Parameter is a byte sequence that | |||
| specifies the verification that the client provides to attest to | specifies the verification that the client provides to attest to | |||
| possessing the key exporter output (see Section 3.2 for details). | possessing the key exporter output (see Section 3.2 for details). | |||
| This avoids issues with signature schemes where certain keys can | This avoids issues with signature schemes where certain keys can | |||
| generate signatures that are valid for multiple inputs (see | generate signatures that are valid for multiple inputs (see | |||
| End of changes. 4 change blocks. | ||||
| 9 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||